我一直在尝试构建一个Node.js应用程序,并使用Terraform将构建工件部署到AWS,所有这些都在GitHub Actions中,我很头痛将GitHub Actions连接到我的AWS帐户/用户。
我尝试将secret访问和访问密钥存储在repository secret中,并在yaml文件中声明如下:
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
aws-region: us-east-1
- name: Install Node.js
run: sudo apt-get install node
- name: Install NPM
run: sudo apt-get install npm
- name: Install dependencies
run: npm install
- name: Linter (ESLint)
run: npm run lint
- name: Install Prettier
run: npm install --save-dev prettier
- name: Formatter (Prettier)
run: npm run prettier
- name: Build application
run: npm run build
# This step outputs the URL of the built application
- name: Output application URL
run: echo "::set-output name=application_url::$(npm run build | grep 'Your application is running at' | awk '{print $NF}')"
- name: Install Terraform
run: sudo apt-get install terraform
- name: Configure Terraform
run: terraform init
- name: Deploy Infrastructure
run: terraform apply -var "application_url=${{ steps.deploy.outputs.application_url }}" --auto-approve
当它到达“配置AWS凭据”部分时,我得到这个错误:
Run aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ***
aws-region: us-east-1
audience: sts.amazonaws.com
Error: Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers
我还尝试使用IAM角色方法,并将信任策略(最终是角色arn)存储在GHA上的secret中,但这给出了相同的错误。
我自己运行构建没有问题。工作是成功的,在一分钟多一点,当我这样做。添加AWS部署部分似乎让我头疼。我是GitHub Actions的新手,因此任何帮助都将不胜感激。即使是ChatGPT和Bard似乎也不能帮助我解决这个问题。
1条答案
按热度按时间093gszye1#
在文档中可以看到以下示例
我想你错过了
access-key-id
和secret-access-id
。请注意,这不是最佳实践,最佳实践是直接使用GitHub OIDC提供程序承担角色。