2

目前我正在尝试让 Jenkins 使用 AWS 代码管道。我在 EC2 实例上运行 Jenkins。但是,出于某种原因,Jenkins 无法加载 AWS 的默认凭证。我尝试了以下选项:

  • 使用“aws configure”命令初始化 aws 凭证
  • 在 Jenkins 中使用 aws-credentials 插件
  • 在 Jenkins cli 中执行 export AWS_ACCESS_KEY_ID=.... 和 AWS_SECRET_ACCESS_KEY=....
  • 检查 ~/.aws/credentials 文件,如果存在凭据(就是这种情况)
  • 按照 AWS 文档中的所有步骤使 Jenkins 和 codepipeline 一起工作 ( http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html )
  • 确保用户通过 AWS 上的 IAM 接口拥有凭证
  • 通过所有步骤多次重启 Jenkins 服务器

我的工作中的轮询日志提供以下输出:

ERROR: Failed to record SCM polling for hudson.model.FreeStyleProject@75b77936[job-name]
com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1028)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1048)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:948)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:661)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:635)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:573)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:445)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:1785)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:1761)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1228)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:240)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:176)
at hudson.scm.SCM.poll(SCM.java:408)
at hudson.model.AbstractProject._poll(AbstractProject.java:1460)
at hudson.model.AbstractProject.poll(AbstractProject.java:1363)
at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:563)
at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:609)
at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)

对进一步的方向有什么建议吗?我想防止在配置页面中直接将凭据传递给作业,因为我不使用 HTTPS。

4

1 回答 1

0

根据您的描述,您使用 IAM 角色让詹金斯工作正常。对于您的问题,詹金斯用户可能无法使用您的凭证。

因此,首先检查您使用的是 Amazon linux 用户还是 jenkins 用户。如果是 Amazon linux 用户,请更改它。

第二件事是您必须在服务器或 Amazon EC2 实例上配置代理和防火墙设置,以允许入站连接到您的 Jenkins 项目使用的端口并在您想要与 AWS CodePipeline 一起使用的任何 Jenkins 实例上安装适用于 Jenkins 的 AWS CodePipeline 插件.

参考。链接:http ://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html

于 2016-11-25T09:20:58.927 回答