Jenkins 全局 AWS 凭证无法通过 `withAWS` 步骤工作

tag-icon tag-icon amazon-web-services amazon-s3 jenkins
Jenkins 全局 AWS 凭证无法通过 `withAWS` 步骤工作

我有一个安装了管道插件并可成功使用的 Jenkins v2.62 实例。我拥有经过测试并可正常运行的 AWS 凭证:

AWS 凭证

现在我的管道工作是这样的:

node("deploy-staging") {
    stage('test') {
        withEnv(["AWS_ACCESS_KEY_ID=${env.AWS_ACCESS_KEY_ID}",
                 "AWS_SECRET_ACCESS_KEY=${env.AWS_SECRET_ACCESS_KEY}",
                 "AWS_DEFAULT_REGION=${env.AWS_DEFAULT_REGION}"]) {
            // WORKS
            s3put -b my-bucket -k foo -p `pwd` text.txt
        }

        withAWS(credentials:'jenkins') {
            // DOES NOT WORK!
            s3Upload bucket: "my-bucket", path: "foo/text.txt"
        }

        echo "Done."
    }
}

我验证了该withEnv块是否有效(因为 Jenkins 实例配置了全局设置的这三个环境变量),但该withAWS块确实不是由于某种我无法弄清楚的原因。我检查了名称中没有空格jenkins。作业遇到了此错误:

java.lang.RuntimeException: Cannot find Jenkins credentials with name jenkins
    at de.taimos.pipeline.aws.WithAWSStep$Execution.withCredentials(WithAWSStep.java:179)
    at de.taimos.pipeline.aws.WithAWSStep$Execution.start(WithAWSStep.java:151)
    at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:184)
    at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:126)
    at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:108)
    at groovy.lang.GroovyObject$invokeMethod$47.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:151)
    at org.kohsuke.groovy.sandbox.GroovyInterceptor.onMethodCall(GroovyInterceptor.java:21)
    at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:115)
    at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:149)
    at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:146)
    at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:123)
    at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:123)
    at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:16)
    at WorkflowScript.run(WorkflowScript:26)
    at ___cps.transform___(Native Method)
    at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:57)
    at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:109)
    at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:82)
    at sun.reflect.GeneratedMethodAccessor402.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
    at com.cloudbees.groovy.cps.impl.ClosureBlock.eval(ClosureBlock.java:46)
    at com.cloudbees.groovy.cps.Next.step(Next.java:74)
    at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:154)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:18)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:33)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:30)
    at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
    at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:30)
    at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:165)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:330)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:82)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:242)
    at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:230)
    at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112)
    at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
Finished: FAILURE

withAWS步骤似乎来自我所1.7安装版本的插件。

帮助!

答案1

错误消息表明名为“jenkins”的凭据不存在:

java.lang.RuntimeException: Cannot find Jenkins credentials with name jenkins

使用“jenkins”凭证的管道步骤是:

withAWS(credentials:'jenkins') {
            // DOES NOT WORK!
            s3Upload bucket: "my-bucket", path: "foo/text.txt"
        }

根据“withAWS”管道步骤的文档,https://jenkins.io/doc/pipeline/steps/pipeline-aws/#withaws-set-aws-settings-for-nested-block,凭证应为“用户名/密码”凭证类型。

credentials (optional)
     Use standard Jenkins UsernamePassword credentials. Note: the username
should be your Access Key ID, and the password should be the Secret Access Key.

凭证屏幕截图显示了“AWS”凭证类型,其中包含“访问密钥 ID”和“秘密访问密钥”字段。

创建一个新的凭证类型“用户名/密码”,并将其与withAWS管道步骤一起使用。

答案2

我认为您写凭证的方式与我不同。这种方式应该适合您。

withAWS(region: 'us-east-2', credentials: 'Nour') {
          s3Upload(file: 'generate.html', bucket: 'nouran.portfolio', path: 'generate.html')
}

相关内容