Skip to content

Commit

Permalink
Added HTTP Check for FIPS endpoint
Browse files Browse the repository at this point in the history
  • Loading branch information
Jeremy McGee committed Oct 3, 2024
1 parent 9c6b810 commit 167ff78
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions nodeadm/internal/aws/ecr/ecr.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"context"
"fmt"
"go.uber.org/zap"
"net"
"net/http"
"strings"

"github.com/aws/aws-sdk-go-v2/config"
Expand Down Expand Up @@ -49,8 +49,8 @@ func GetEKSRegistry(region string) (ECRRegistry, error) {
}
if fipsInstalled && fipsEnabled {
fipsRegistry := getRegistry(account, "ecr-fips", region, servicesDomain)
addresses, err := net.LookupHost(fipsRegistry)
if err == nil && len(addresses) > 0 {
resp, err := http.Get(fipsRegistry)
if err == nil && resp.StatusCode == 401 {
return ECRRegistry(fipsRegistry), nil
} else {
zap.L().Info("Fail to look up Fips registry for requested region, fall back to default", zap.String("fipsRegistry", fipsRegistry))
Expand Down

0 comments on commit 167ff78

Please sign in to comment.