Geek Answers Handbook

How to run aws configuration in deploying travis script?

I am trying to get travis-ci to run a custom deployment script that uses awscli to deploy the deployment to my staging server.

In my .travis.yml file, I have the following:

 before_deploy: - 'curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"' - 'unzip awscli-bundle.zip' - './awscli-bundle/install -b ~/bin/aws' - 'export PATH=~/bin:$PATH' - 'aws configure'

And I set the following environment variables:

 AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_DEFAULT_REGION

with their correct values ​​in the travis-ci web interface.

However, when aws configure starts, it stops and waits for user input. How can I say what to use environment variables that I defined?

+8
amazon-web-services configuration travis-ci continuous-deployment aws-cli
source share
2 answers

You can install them in several ways.

First, by creating a file in ~/.aws/config (or ~/.aws/credentials ).

For example:

 [default] aws_access_key_id=foo aws_secret_access_key=bar region=us-west-2

Secondly, you can add environment variables for each of your settings.

For example, create the following environment variables:

 AWS_DEFAULT_REGION AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY

Thirdly, you can pass the region as a command line argument. For example:

 aws eb deploy --region us-west-2

You do not need to run aws configure in these cases, since cli is configured.

The page on this page has additional AWS documentation.

+4
source share

Darbio's solution works great, but does not take into account that you can end up pushing your AWS credentials in your repository.

This is bad , especially if the docker is trying to pull a personal image from one of your ECR repositories. This would mean that you probably had to store your AWS credentials in a .travis.yml file, and this is far from ideal.

Fortunately, Travis gives you the ability to encrypt environment variables, notification settings, and deploy api keys.

 gem install travis

Make a travis login , first of all, he will ask you to provide your github credentials. After entering the root folder of the project (where your .travis.yml file is .travis.yml ) and encrypt the access key and secret access key.

 travis encrypt AWS_ACCESS_KEY_ID="HERE_PUT_YOUR_ACCESS_KEY_ID" --add travis encrypt AWS_SECRET_ACCESS_KEY="HERE_PUT_YOUR_SECRET_ACCESS_KEY" --add

Thanks to the --add option, you will get two new (encrypted) environment variables in your configuration file. Now just open the .travis.yml file and you will see something like this:

 env: global: - secure: encrypted_stuff - secure: encrypted_stuff

Now you can get travis to run a shell script that creates the ~/.aws/credentials file for you.

ecr_credentials.sh

 #!/usr/bin/env bash mkdir -p ~/.aws cat > ~/.aws/credentials << EOL [default] aws_access_key_id = ${AWS_ACCESS_KEY_ID} aws_secret_access_key = ${AWS_SECRET_ACCESS_KEY} EOL

Then you just need to run ecr_credentials.sh script from your .travis.yml file:

 before_install: - ./ecr_credentials.sh

Done! : - D

Source: Travis CI Activation Keys

+8
source share

More articles:


All Articles