Gulp 我如何在github动作的共享凭证文件中配置我的aws凭证

34gzjxbg  于 2022-12-08  发布在  Gulp
关注(0)|答案(1)|浏览(175)

我正在尝试在AWS中为ECR部署ci/cd管道。
它将从ECR推送/拉取图像
我们正在尝试将Azure管道迁移到GitHub操作管道
当我尝试实现管道时,我遇到了下面的错误,

[05:25:00] CredentialsProviderError: Profile Pinz could not be found or parsed in shared credentials file.
    at resolveProfileData (/home/runner/work/test-api/test-api/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/resolveProfileData.js:26:11)
    at /home/runner/work/test-api/test-api/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/fromIni.js:8:56
    at async loadFromProfile (/home/runner/work/test-api/test-api/node_modules/@pinzgolf/pinz-build/dist/publish/aws/GetCredentialsFromProfile.js:23:25)
    at async BuildDeployContext (/home/runner/work/test-api/test-api/node_modules/@pinzgolf/pinz-build/dist/publish/DeployContext.js:95:70)
    at async Publish (/home/runner/work/test-api/test-api/node_modules/@pinzgolf/pinz-build/dist/publish/Publish.js:14:21)
Error: Process completed with exit code 1.

这是我的工作流YAML文件,

on:
  push:
    branches: [ main ]

name: Node Project `my-app` CI on ECRjobs
jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    
    steps:
    - uses: actions/checkout@v2
    - name: Use Node 14.17.X
      uses: actions/setup-node@v2
      with:
        node-version: 14.17.X     
    
    - name: 'Yarn'
      uses: borales/actions-yarn@v2.3.0
      with:
        cmd: install --frozen-lockfile --non-interactive
    
    - name: Update SAM version
      uses: aws-actions/setup-sam@v1
    - run: |
        wget https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip
        unzip aws-sam-cli-linux-x86_64.zip -d sam-installation
        sudo ./sam-installation/install --update
        sam --version

    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-east-2

    - name: Login to Amazon ECR
      id: login-ecr
      uses: aws-actions/amazon-ecr-login@v1

    - name: Build, tag, and push the image to Amazon ECR
      env:
        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
        ECR_REPOSITORY: test-pinz-api
        IMAGE_TAG: latest
      run: |
        gulp publish --profile-name development

使用gulp,我们使用下面的配置文件发布环境,

{
    "apiDomainName": "domain",
    "assetsDomainName": "domain",
    "awsProfile": "Pinz",
    "bastionBucket": "bucketname",
    "corsDomains": ["domain"],
    "dbBackupSources": ["db source", "db source"],
    "dbClusterIdentifier": "cluster identfier",
    "designDomainName": "domain",
    "lambdaEcr": "ecr",
    "snsApplication": "sns",
    "snsServerKeySecretName": "name",
    "stackName": "name",
    "templateBucket": "bucketname",
    "userJwtPublicKey": "token",
    "websiteUrl": "domain",
    "wwwDomainName": "domain",
    "wwwEcr": "ecr repo"
}

我找不到保存AWS凭据的共享凭据文件。
我不知道以下配置文件在哪里配置

"awsProfile": "Pinz"

我分析了所有项目文件,但无法获取共享凭据
我在许多文档中分析了这个问题,最后得到了一些更接近的答案,但无法得到确切的答案。下面写着~/.aws/credentials。但上面的JSON文件如何从那里获得凭据呢?
https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/loading-node-credentials-shared.html
老实说,这个ECR管道部署是我的第一次。而且,我也没有得到正确的KT的过程以及。我认为我几乎完成了这个,但大口它显示这个错误
任何人都可以请引导我到哪里将是这个共享凭据文件?如果没有,我如何配置AWS凭据,以验证与AWS?

2wnc66cl

2wnc66cl1#

您的gulp文件的配置文件设置为Pinz,请完全删除此行。

{
    ...
    "awsProfile": "Pinz",
    ...
}

该操作将自动获取您的访问密钥ID和秘密访问密钥,然后将其导出为AWS SDK可以使用的环境变量。
管道的其余部分应自动获取配置的凭据。

相关问题