Question

目前，我正试图让Jenkins使用AWS codepipeline。我在EC2实例上运行Jenkins。但是，出于某种原因，Jenkins无法加载AWS的默认凭据。我尝试了以下选项：

使用＆＃39; aws configure＆＃39;初始化aws凭据命令
使用Jenkins中的aws-credentials插件
在Jenkins cli中执行导出AWS_ACCESS_KEY_ID = ....和AWS_SECRET_ACCESS_KEY = ....
检查〜/ .aws / credentials文件，如果有凭证（情况属实）
遵循AWS文档中的所有步骤，使Jenkins和codepipeline协同工作（http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html）
确保用户通过AWS上的IAM界面获得凭据
通过所有步骤重启Jenkins服务器几次

我的工作中的轮询日志提供以下输出：

ERROR: Failed to record SCM polling for hudson.model.FreeStyleProject@75b77936[job-name]
com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1028)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1048)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:948)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:661)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:635)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:573)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:445)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:1785)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:1761)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1228)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:240)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:176)
at hudson.scm.SCM.poll(SCM.java:408)
at hudson.model.AbstractProject._poll(AbstractProject.java:1460)
at hudson.model.AbstractProject.poll(AbstractProject.java:1363)
at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:563)
at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:609)
at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)

有关进一步指示的任何建议吗？我想阻止直接将凭据传递给配置页面中的作业，因为我不使用HTTPS。

Answer 1

根据您的描述，您使用jam的IAM角色工作正常。对于您的问题，您的凭据可能无法用于jenkins用户。

首先，请检查您是否正在使用Amazon linux用户或jenkins用户。如果是Amazon linux用户而不是更改它。

第二件事是您必须在服务器或Amazon EC2实例上配置代理和防火墙设置，以允许到Jenkins项目使用的端口的入站连接。在任何要与AWS CodePipeline一起使用的Jenkins实例上安装Jenkins的AWS CodePipeline插件。

参考。链接：http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html

无法从链中的任何提供商加载AWS凭证 - Jenkins＆amp; AWS codepipeline

1 个答案: