NodeJS 无法将GitHub Actions连接到AWS以进行Terraform部署

lp0sw83n  于 2023-05-28  发布在  Node.js
关注(0)|答案(1)|浏览(132)

我一直在尝试构建一个Node.js应用程序,并使用Terraform将构建工件部署到AWS,所有这些都在GitHub Actions中,我很头痛将GitHub Actions连接到我的AWS帐户/用户。
我尝试将secret访问和访问密钥存储在repository secret中,并在yaml文件中声明如下:

on:
  push:
    branches: [ "master" ]
  pull_request:
    branches: [ "master" ]

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
          aws-region: us-east-1

      - name: Install Node.js
        run: sudo apt-get install node

      - name: Install NPM
        run: sudo apt-get install npm

      - name: Install dependencies
        run: npm install

      - name: Linter (ESLint)
        run: npm run lint

      - name: Install Prettier
        run: npm install --save-dev prettier

      - name: Formatter (Prettier)
        run: npm run prettier

      - name: Build application
        run: npm run build

      # This step outputs the URL of the built application
      - name: Output application URL
        run: echo "::set-output name=application_url::$(npm run build | grep 'Your application is running at' | awk '{print $NF}')"

      - name: Install Terraform
        run: sudo apt-get install terraform

      - name: Configure Terraform
        run: terraform init

      - name: Deploy Infrastructure
        run: terraform apply -var "application_url=${{ steps.deploy.outputs.application_url }}" --auto-approve

当它到达“配置AWS凭据”部分时,我得到这个错误:

Run aws-actions/configure-aws-credentials@v1
  with:
    role-to-assume: ***
    aws-region: us-east-1
    audience: sts.amazonaws.com
Error: Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers

我还尝试使用IAM角色方法,并将信任策略(最终是角色arn)存储在GHA上的secret中,但这给出了相同的错误。
我自己运行构建没有问题。工作是成功的,在一分钟多一点,当我这样做。添加AWS部署部分似乎让我头疼。我是GitHub Actions的新手,因此任何帮助都将不胜感激。即使是ChatGPT和Bard似乎也不能帮助我解决这个问题。

node.js

1条答案

按热度按时间
093gszye

093gszye1#

在文档中可以看到以下示例

- name: Configure AWS Credentials
  uses: aws-actions/configure-aws-credentials@v1
  with:
    aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
    aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
    aws-region: us-east-2
    role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
    role-external-id: ${{ secrets.AWS_ROLE_EXTERNAL_ID }}
    role-duration-seconds: 1200
    role-session-name: MySessionName

我想你错过了access-key-idsecret-access-id
请注意,这不是最佳实践,最佳实践是直接使用GitHub OIDC提供程序承担角色。

赞(0)分享  回复(0)举报  2023-05-28
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com