我在Jenkins中为Django应用程序运行测试,但在运行上传到S3的测试时收到403错误。这些值将作为环境变量导出,并在设置文件中使用values.Value()(https://django-configurations.readthedocs.org/en/stable/values/)进行访问。
# settings.py
AWS_ACCESS_KEY_ID = values.Value()
AWS_SECRET_ACCESS_KEY = values.Value()
我的控制台输出如下所示:
[EnvInject] - Injecting as environment variables the properties content
AWS_ACCESS_KEY_ID='ABC123'
AWS_SECRET_ACCESS_KEY='blah'
[EnvInject] - Variables injected successfully.
...
+ python manage.py test
======================================================================
ERROR: test_document (documents.tests.DocTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/var/lib/jenkins/jobs/Job/workspace/myapp/documents/tests.py", line 25, in setUp
self.document.doc.save('test_file', File(f), save=True)
File "/var/lib/jenkins/jobs/Job/workspace/.venv/local/lib/python2.7/site-packages/django/db/models/fields/files.py", line 89, in save
self.name = self.storage.save(name, content)
File "/var/lib/jenkins/jobs/Job/workspace/.venv/local/lib/python2.7/site-packages/django/core/files/storage.py", line 51, in save
name = self._save(name, content)
File "/var/lib/jenkins/jobs/Job/workspace/.venv/local/lib/python2.7/site-packages/storages/backends/s3boto.py", line 385, in _save
key = self.bucket.get_key(encoded_name)
File "/var/lib/jenkins/jobs/Job/workspace/.venv/local/lib/python2.7/site-packages/boto/s3/bucket.py", line 192, in get_key
key, resp = self._get_key_internal(key_name, headers, query_args_l)
File "/var/lib/jenkins/jobs/Job/workspace/.venv/local/lib/python2.7/site-packages/boto/s3/bucket.py", line 230, in _get_key_internal
response.status, response.reason, '')
S3ResponseError: S3ResponseError: 403 Forbidden
-------------------- >> begin captured logging << --------------------
boto: DEBUG: path=/documents/test_file
boto: DEBUG: auth_path=/my-bucket/documents/test_file
boto: DEBUG: Method: HEAD
boto: DEBUG: Path: /documents/test_file
boto: DEBUG: Data:
boto: DEBUG: Headers: {}
boto: DEBUG: Host: my-bucket.s3.amazonaws.com
boto: DEBUG: Port: 443
boto: DEBUG: Params: {}
boto: DEBUG: Token: None
boto: DEBUG: StringToSign:
HEAD
Sun, 13 Sep 2015 06:02:36 GMT
/my-bucket/documents/test_file
boto: DEBUG: Signature:
AWS 'ABC123':RanDoM123#*$
boto: DEBUG: Final headers: {'Date': 'Sun, 13 Sep 2015 06:02:36 GMT', 'Content-Length': '0', 'Authorization': u"AWS 'ABC123':RanDoM123#*$, 'User-Agent': 'Boto/2.38.0 Python/2.7.3 Linux/3.2.0-4-amd64'}
boto: DEBUG: Response headers: [('x-amz-id-2', 'MoReRanDom123*&^'), ('server', 'AmazonS3'), ('transfer-encoding', 'chunked'), ('x-amz-request-id', '3484RANDOM19394'), ('date', 'Sun, 13 Sep 2015 06:02:36 GMT'), ('content-type', 'application/xml')]
--------------------- >> end captured logging << ---------------------
我是否遗漏了一些重要信息,以便将文件从Jenkins上传到S3?我在本地机器上没有任何问题。
答案 0 :(得分:0)
此存储桶上的CORS配置是否对每个IP有任何限制?例如,如果AllowedOrigin指定IP,则可能是失败的原因之一。
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
我还会在Jenkins上打印出AWS值以进行调试,只是为了确认在该环境中使用了正确的值。