docs: add CodeCommit SSH key instructions

[Zakharden]

Summary

Add AWS CodeCommit SSH authentication guidance to the Flux AWS integrations page.

The new section documents the parts that are easy to miss when configuring Flux against CodeCommit over SSH:

• use the IAM SSH Key ID as the SSH username in the repository URL
• pass the matching private key to flux create source git
• use RSA/PEM key generation when required by the SSH client or Git implementation
• reuse the same SSH URL and private key with flux bootstrap git

Close: fluxcd/flux2#2335

Validation

• git diff --check HEAD~1 HEAD

Note: I could not run a local Hugo build in this environment because hugo is not installed.

[matheuscscp]

@Zakharden The cloud provider integration pages currently mean integrations where the Flux source code is aware of the provider and branches off to provider-specific code. What you are describing is Flux integration with generic Git over SSH.

[stefanprodan]

This belongs in a page under bootstrap, we need to restore this one: https://v2-6.docs.fluxcd.io/flux/installation/bootstrap/aws-codecommit/

@Zakharden can you please change your PR to add aws-codecommit.md with the old content updated with your instructions? Also please confirm you actually tested all these instructions as I don't think you did, Flux does not work with non-PEM keys. If you can not test with AWS CodeCommit then we can not merge this.

[Zakharden]

Updated the PR as requested:

• moved the CodeCommit SSH bootstrap docs to content/en/flux/installation/bootstrap/aws-codecommit.md
• restored the old bootstrap-page structure instead of adding this under AWS integrations
• changed the key generation flow to use a PEM-encoded RSA private key: ssh-keygen -t rsa -b 4096 -m PEM -f ./codecommit_rsa
• kept SSHPublicKeyId as the SSH username in the CodeCommit SSH URL

Validation: git diff --check HEAD~1 HEAD.

I do not have a fresh AWS CodeCommit test environment available here, so I am not going to claim that full end-to-end validation was completed until that is actually run.

[Zakharden]

@stefanprodan @matheuscscp I updated the PR as requested.

Changes made:

• restored the AWS CodeCommit page under content/en/flux/installation/bootstrap/aws-codecommit.md
• kept it under bootstrap instead of the cloud provider integrations section
• updated the SSH key instructions to use a PEM-encoded RSA private key
• used the returned SSHPublicKeyId as the SSH username in the CodeCommit SSH URL
• corrected the AWS CLI response field name to SSHPublicKeyId

I also completed a fresh AWS CodeCommit end-to-end bootstrap test.

Validation performed:

• generated and verified a PEM RSA private key with ssh-keygen -t rsa -b 4096 -m PEM
• verified the private key starts with -----BEGIN RSA PRIVATE KEY-----
• verified the public key is ssh-rsa and 4096-bit
• uploaded the public key to a temporary IAM user and used the returned SSHPublicKeyId
• ran flux bootstrap git against ssh://<SSHPublicKeyId>@git-codecommit.us-east-1.amazonaws.com/v1/repos/<repository>
• used --private-key-file and --password with the PEM key passphrase
• bootstrapped Flux into a temporary kind cluster
• flux check passed and all Flux controllers became ready
• verified gotk-components.yaml and gotk-sync.yaml were committed to CodeCommit
• Netlify deploy preview is green

[matheuscscp]

LGTM

[stefanprodan]

LGTM

Thanks @Zakharden 🏅

[fluxcdbot]

Successfully created backport PR for v2-8:

• [v2-8] docs: add CodeCommit SSH key instructions #2554