From 6ae8904f5ab047406ff7228bdd66df4e426a304e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hozza?= <thozza@redhat.com>
Date: Mon, 3 Oct 2022 16:41:17 +0200
Subject: [PATCH] templates/packer: add comment to `get_aws_creds.sh`

Add a comment explaining why it is important to set the AWS bucket in
the worker configuration, even if the `AWS_ACCOUNT_IMAGE_BUILDER_ARN` is
empty.
---
 .../common/files/worker-initialization-scripts/get_aws_creds.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/packer/ansible/roles/common/files/worker-initialization-scripts/get_aws_creds.sh b/templates/packer/ansible/roles/common/files/worker-initialization-scripts/get_aws_creds.sh
index 22f0b806ac..b9571e1af0 100755
--- a/templates/packer/ansible/roles/common/files/worker-initialization-scripts/get_aws_creds.sh
+++ b/templates/packer/ansible/roles/common/files/worker-initialization-scripts/get_aws_creds.sh
@@ -7,6 +7,8 @@ echo "Deploy AWS credentials."
 
 echo "Write the bucket."
 # Always create the header and write the bucket, it's slightly ugly but it will work
+# The bucket is always set, becuase the instance can potentially authenticate to AWS
+# with its instance profile, without any explicit credentials.
 sudo tee -a /etc/osbuild-worker/osbuild-worker.toml > /dev/null << EOF
 [aws]
 bucket = "${WORKER_CONFIG_AWS_BUCKET:-}"