当前我正试图让詹金斯使用AWS codepipeline。我在EC2实例上运行Jenkins。但是,由于某些原因,Jenkins无法加载AWS的默认凭据。我尝试了以下选项:无法从链中的任何提供者加载AWS凭证--Jenkins和AWS代码管道
- 初始化AWS凭据 'AWS配置' 命令
- 使用AWS-凭据詹金斯
- 插件执行出口AWS_ACCESS_KEY_ID = ....和AWS_SECRET_ACCESS_KEY = ....在詹金斯CLI
- 经过所述〜/ .aws /凭证文件,如果凭证是本(这是的情况下)
- 遵循的AWS文档中的所有步骤,以使詹金斯和codepipeline一起工作(http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html)
- 确保用户通过IAM接口AWS
- 凭据完成所有的步骤重新启动詹金斯服务器几次
轮询日志中我的工作提供了以下的输出:
ERROR: Failed to record SCM polling for [email protected][job-name]
com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1028)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1048)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:948)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:661)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:635)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:573)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:445)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:1785)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:1761)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1228)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:240)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:176)
at hudson.scm.SCM.poll(SCM.java:408)
at hudson.model.AbstractProject._poll(AbstractProject.java:1460)
at hudson.model.AbstractProject.poll(AbstractProject.java:1363)
at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:563)
at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:609)
at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
有关进一步方向的任何建议?由于我不使用HTTPS,我想阻止直接将凭据传递到配置页面中的作业。
您是否启动了具有IAM ROLE的EC2实例? –
不,我有一个Jenkins已经存在的EC2实例。 – markvdlaan93
根据他们建议创建IAM角色的文档。在我们的部署堆栈中,我们对jenkins使用IAM角色,它的工作正常。对于您的问题,您的凭证可能无法提供给jenkins用户。如果你正在使用亚马逊linux。更改为jenkins用户并尝试aws-cli操作。 –