0
當前我正試圖讓詹金斯使用AWS codepipeline。我在EC2實例上運行Jenkins。但是,由於某些原因,Jenkins無法加載AWS的默認憑據。我嘗試了以下選項:無法從鏈中的任何提供者加載AWS憑證--Jenkins和AWS代碼管道
- 初始化AWS憑據 'AWS配置' 命令
- 使用AWS-憑據詹金斯
- 插件執行出口AWS_ACCESS_KEY_ID = ....和AWS_SECRET_ACCESS_KEY = ....在詹金斯CLI
- 經過所述〜/ .aws /憑證文件,如果憑證是本(這是的情況下)
- 遵循的AWS文檔中的所有步驟,以使詹金斯和codepipeline一起工作(http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html)
- 確保用戶通過IAM接口AWS
- 憑據完成所有的步驟重新啓動詹金斯服務器幾次
輪詢日誌中我的工作提供了以下的輸出:
ERROR: Failed to record SCM polling for [email protected][job-name]
com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1028)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1048)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:948)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:661)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:635)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:573)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:445)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:1785)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:1761)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1228)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:240)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:176)
at hudson.scm.SCM.poll(SCM.java:408)
at hudson.model.AbstractProject._poll(AbstractProject.java:1460)
at hudson.model.AbstractProject.poll(AbstractProject.java:1363)
at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:563)
at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:609)
at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
有關進一步方向的任何建議?由於我不使用HTTPS,我想阻止直接將憑據傳遞到配置頁面中的作業。
您是否啓動了具有IAM ROLE的EC2實例? –
不,我有一個Jenkins已經存在的EC2實例。 – markvdlaan93
根據他們建議創建IAM角色的文檔。在我們的部署堆棧中,我們對jenkins使用IAM角色,它的工作正常。對於您的問題,您的憑證可能無法提供給jenkins用戶。如果你正在使用亞馬遜linux。更改爲jenkins用戶並嘗試aws-cli操作。 –