I am using Gitlab
CI/CD
. When using the amazon/aws-cli:latest
image, the masked and protected variables $AWS_SECRET_ACCESS_KEY
and $AWS_ACCESS_KEY_ID
are preventing deployment. I know this because I unmasked and unprotected them and the deployment went through. How can I get the command to accept the masked and protected variables?
The error I am getting is
An error occurred (UnrecognizedClientException) when calling the UpdateFunctionCode operation: The security token included in the request is invalid.
Yaml file below:
deploy:
stage: deploy
image:
name: amazon/aws-cli:latest
entrypoint: [""]
script:
- aws --version
- aws configure set aws_access_key_id "$AWS_ACCESS_KEY_ID"
- aws configure set aws_secret_access_key "$AWS_SECRET_ACCESS_KEY"
- aws configure set region "$AWS_DEFAULT_REGION"
- aws lambda update-function-code --function-name lambda-function --zip-file fileb://"$CI_PROJECT_NAME".zip
CodePudding user response:
Protected variables are only available on protected branches. So, if protecting your variable makes your job fail, it's probably because you're not running the job on a protected branch. You should also make sure you have not environment-scoped your variable (or if you have, that you specify the environment in your job definition)
Masking should have no impact on this.