时间戳

首页 > 解决方案 > How can I expose the AWS_WEB_IDENTITY_TOKEN_FILE to docker container that runs on GitLab runner with Kubernetes executor

amazon-web-services - How can I expose the AWS_WEB_IDENTITY_TOKEN_FILE to docker container that runs on GitLab runner with Kubernetes executor

问题描述

I am running java application that tries access to AWS s3 bucket on a docker container with AWS Java SDK in order to load credentials from WebIdentityTokenCredentialsProvider.

I am running that docker on Gitlab runner with Kubernetes executor.

I created a job that runs a docker container.

myJod:
  image: docker:19.03.12
  script:
    - all relevant installations ...
    - docker-compose build
    - docker-compose up

On the runner itself, I can run aws commands and get s3 buckets. Also, I have access to $AWS_WEB_IDENTITY_TOKEN_FILE from the runner.

But when I run a docker container on the runner, the docker can't access $AWS_WEB_IDENTITY_TOKEN_FILE.

I got following error:

com.amazonaws.auth.AWSCredentialsProviderChain - Unable to load credentials from WebIdentityTokenCredentialsProvider: Unable to locate specified web identity token file.

How can I solve it?

标签: amazon-web-servicesdocker-composegitlabgitlab-ci-runner

解决方案

推荐阅读