amazon-web-services - 通过 Gitlab CI-CD 管道登录 aws
问题描述
我的.gitlab-ci.yml
管道在去年就像一个魅力,今天,从一无所有,我无法登录到我的 aws 帐户,并出现以下错误:
$ echo `aws ecr get-login --no-include-email --region eu-central-1` | sh
Traceback (most recent call last):
File "/usr/local/bin/aws", line 19, in <module>
import awscli.clidriver
File "/usr/local/lib/python3.5/dist-packages/awscli/clidriver.py", line 17, in <module>
import botocore.session
File "/usr/local/lib/python3.5/dist-packages/botocore/session.py", line 30, in <module>
import botocore.client
File "/usr/local/lib/python3.5/dist-packages/botocore/client.py", line 16, in <module>
from botocore.args import ClientArgsCreator
File "/usr/local/lib/python3.5/dist-packages/botocore/args.py", line 26, in <module>
from botocore.signers import RequestSigner
File "/usr/local/lib/python3.5/dist-packages/botocore/signers.py", line 19, in <module>
import botocore.auth
File "/usr/local/lib/python3.5/dist-packages/botocore/auth.py", line 121
pairs.append(f'{quoted_key}={quoted_value}')
^
SyntaxError: invalid syntax
环境
我正在使用 docker 构建映像,将它们推送到 ECR,然后强制部署在我的 ECS 集群中。我还在我的自托管服务器中使用 gitlab,并在 Gitlab CI/CD 部分设置了 3 个定义的变量。变量是:AWS_ACCESS_KEY_ID
, AWS_DEFAULT_REGION
, AWS_SECRET_ACCESS_KEY
.
这是我的.gitlab-ci.yml
文件:
services:
- docker:dind
stages:
- test_build
- deploy_staging
- deploy_production
test_build:
stage: test_build
only:
- merge_requests
tags:
- genuino.webapp.runner
image: ubuntu:16.04
script:
# Add some dependencies for docker and the AWS CLI
- apt-get update -y # Get the most up-to-date repos.
- apt-get install -y apt-transport-https ca-certificates software-properties-common python-software-properties curl python3-pip
# Install Docker
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
- apt-key fingerprint 0EBFCD88
- add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- apt-get update -y
- apt-get install -y docker-ce
# Build our image
- docker build -t $APP_NAME -f ./deploy/Dockerfile .
deploy_staging:
stage: deploy_staging
image: ubuntu:16.04
only:
- tags
except:
- branches
tags:
- genuino.webapp.runner
script:
# Add some dependencies for docker and the AWS CLI
- apt-get update -y # Get the most up-to-date repos.
- apt-get install -y apt-transport-https ca-certificates software-properties-common python-software-properties curl python3-pip
# Install Docker
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
- apt-key fingerprint 0EBFCD88
- add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- apt-get update -y
- apt-get install -y docker-ce
# Install the AWS CLI and login to our registry
- pip3 install awscli
- pip3 install rsa
- echo `aws ecr get-login --no-include-email --region eu-central-1` | sh
# Build and push our image
- docker build -t $APP_NAME -f ./deploy/Dockerfile .
- docker tag $APP_NAME:$VERSION $REPOSITORY_URL/$APP_NAME:$VERSION
- docker push $REPOSITORY_URL/$APP_NAME:$VERSION
# Force deploy
- aws ecs update-service --cluster genuino-staging --service webapp --force-new-deployment --region eu-central-1
deploy_production:
stage: deploy_production
image: ubuntu:16.04
when: manual
only:
refs:
- develop
- tags
except:
- branches
tags:
- genuino.webapp.runner
script:
# Add some dependencies for docker and the AWS CLI
- apt-get update -y # Get the most up-to-date repos.
- apt-get install -y apt-transport-https ca-certificates software-properties-common python-software-properties curl python3-pip
# Install Docker
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
- apt-key fingerprint 0EBFCD88
- add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- apt-get update -y
- apt-get install -y docker-ce
# Install the AWS CLI and login to our registry
- pip3 install awscli
- pip3 install rsa
- echo `aws ecr get-login --no-include-email --region eu-central-1` | sh
# Build and push our image
- docker build -t $PROD_APP_NAME -f ./deploy/Dockerfile.production .
- docker tag $PROD_APP_NAME:$VERSION $REPOSITORY_URL/$PROD_APP_NAME:$VERSION
- docker push $REPOSITORY_URL/$PROD_APP_NAME:$VERSION
# Force deploy
- aws ecs update-service --cluster genuino-production --service webapp --force-new-deployment --region eu-central-1
我已经做了什么
我尝试将身份验证行更改为:aws ecr get-login-password | docker login -u AWS --password-stdin $REPOSITORY_URL
,它在本地主机中工作,但在部署期间出现此错误:
$ aws ecr get-login-password | docker login -u AWS --password-stdin $REPOSITORY_URL
Traceback (most recent call last):
File "/usr/local/bin/aws", line 19, in <module>
import awscli.clidriver
File "/usr/local/lib/python3.5/dist-packages/awscli/clidriver.py", line 17, in <module>
import botocore.session
File "/usr/local/lib/python3.5/dist-packages/botocore/session.py", line 30, in <module>
import botocore.client
File "/usr/local/lib/python3.5/dist-packages/botocore/client.py", line 16, in <module>
from botocore.args import ClientArgsCreator
File "/usr/local/lib/python3.5/dist-packages/botocore/args.py", line 26, in <module>
from botocore.signers import RequestSigner
File "/usr/local/lib/python3.5/dist-packages/botocore/signers.py", line 19, in <module>
import botocore.auth
File "/usr/local/lib/python3.5/dist-packages/botocore/auth.py", line 121
pairs.append(f'{quoted_key}={quoted_value}')
^
SyntaxError: invalid syntax
Error: Cannot perform an interactive login from a non TTY device
解决方案
当您在 GitLab CI 中使用 Python 3.5 时,AWS cli v1 需要 Python 3.6。升级 Python 应该可以解决您的问题
https://docs.aws.amazon.com/cli/latest/userguide/welcome-versions.html#welcome-versions-v1
推荐阅读
- android - ADB:无法创建设备
- sqlite - 如何将查询结果保存到新的 sqlite?
- javascript - Puppeteer 选择表格单元格的第 n 个子项中的链接
- mysql - Mysql以字符串形式将多行中的一列中的两个表和concat值连接起来
- python-3.x - tf.keras.optimizers.Adam 与 Tensorflow 2.0.beta 中的 tf.estimator 模型正在崩溃
- angular - 将参数传递给弹出对话框
- python - 使用 LSTM 进行样本外预测
- javascript - 智能手机键盘弄乱了页面布局
- python - 将多张图像与一张图像进行比较
- python - 在最终图像上应用轮廓蒙版