Comments (18)
I also got 403 errors when I used $GITHUB_RUN_ID
I changed it to ${{ github.run_id }}
and it worked correctly.
I noticed a similar problem when I was using a env var $AWS_REGION
for the region
key, and that also worked when I changed to use the context syntax: ${{ env.AWS_REGION }}
.
from beanstalk-deploy.
@varl Ah ok I understand. Of course, it makes sense. Can't use $ENVVAR syntax in parameter values, since that's not bash, only in strings that are evaluated in the bash shell, e.g. anywhere in a - run: some comand that goes to bash $ENVVAR
. In parameter values you must use ${{ env.VAR_NAME }}
syntax.
Oh, and by the way, it is possible to just pass in a Dockerrun.aws.json file instead of a zip as well:
Good to know. People read these issues, so good to have this info here 🙂
from beanstalk-deploy.
I noticed the line https://github.com/einaregilsson/beanstalk-deploy/blob/master/aws-api-request.js#L10
secretKey = options.secretKey || awsApiRequest.secretKey || process.env.AWS_SECRET_SECRET_KEY
Is AWS_SECRET_SECRET_KEY
a typo?
from beanstalk-deploy.
Thanks! That's definitely a typo, I've just fixed it and pushed a @v2 tag. However, that shouldn't have been an issue, because in https://github.com/einaregilsson/beanstalk-deploy/blob/master/beanstalk-deploy.js#L198
awsApiRequest.secretKey = process.env.INPUT_AWS_SECRET_KEY;
We set the secret key explicitly to the input secret key, so
secretKey = options.secretKey || awsApiRequest.secretKey || process.env.AWS_SECRET_SECRET_KEY
should have used that instead of the typo environment variable. Is there any chance you're putting an empty value in for the secret key in here:
with:
aws_access_key: ABC123
aws_secret_key: XYZ789
You shouldn't have to put any environment variables like this in:
env:
CI: true
AWS_ACCESS_KEY_ID: ABC123
AWS_SECRET_ACCESS_KEY: XYZ789
The aws_access_key and aws_secret_key from
with:
aws_access_key: ABC123
aws_secret_key: XYZ789
should be enough.
from beanstalk-deploy.
So I originally tried using GitHub secrets, but that wasn't working
aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
So thought maybe those keys weren't getting loading, so tried hardcoding them instead.
with:
aws_access_key: ABC123
aws_secret_key: XYZ789
But that wasn't working either so added env
values hoping if secretKey
wasn't getting set properly if would fall back to the environment variables.
env:
AWS_ACCESS_KEY_ID: ABC123
AWS_SECRET_ACCESS_KEY: XYZ789
The keys are correct because it works fine from the command line. Any insight what could be wrong from the last log message?
Uploading file to bucket elasticbeanstalk-ca-central-1-302080953439
##[error]Deployment failed: Error: Status: 403. Message:
##[error]Node run failed with exit code 2
Looks like it's failing on uploading to S3 bucket? Or is it possible to add additional log messages to help find where it's failing?
from beanstalk-deploy.
Note, I checked the S3 bucket and the latest uploaded version was the one from the command line, so it must be failing on uploading to S3 step in the GitHub Action.
from beanstalk-deploy.
Oh! I was using a timestamp like yyyy-MM-dd'T'HH:mm'Z'
as the version number, when I changed it to just a number, the zip was successfully uploaded to S3!
So that must be the problem. Any suggestion on how to use a date as the version number?
from beanstalk-deploy.
The problem seems to be the semicolons. From the AWS docs:
I tried URI encoding the key name but was still getting errors. Your best bet is to just replace those : with underscores or dashes, that should be fine.
from beanstalk-deploy.
But also, if you need a build number generator, I can recommend another action I made which generates sequential build numbers: https://github.com/einaregilsson/build-number
from beanstalk-deploy.
Thanks again @einaregilsson! The :
in the timestamp must have been the problem. I'm gonna try a timestamp with the format YYYY-MM-dd-HH-mm
or YYYYMMddHHmm
this morning. Hopefully that works because it would be more meaningful of a version number for us. I'll keep you posted 👍
from beanstalk-deploy.
So, it took jumping through lots of hoops, but I was able to generate a timestamp in a S3 safe format like 2019-11-15T17-51-47-861Z
👍
name: PROD Lint, Build, Deploy
on:
push:
branches:
- master
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [10.x]
steps:
- uses: actions/checkout@v1
- name: Use node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Run npm install, lint
run: |
npm ci
npm install
- name: Generate deployment package
run: zip -r deploy.zip . -x ".git/*" -x ".github/*" -x ".vscode/*"
- name: Get timestamp
uses: gerred/actions/current-time@master
id: current-time
- name: Run string replace
uses: frabert/replace-string-action@master
id: format-time
with:
pattern: '[:\.]+'
string: "${{ steps.current-time.outputs.time }}"
replace-with: '-'
flags: 'g'
- name: Run beanstalk-deploy
uses: einaregilsson/beanstalk-deploy@v2
with:
aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
application_name: our-beanstalk-app
environment_name: our-beanstalk-app-env
region: ca-central-1
version_label: "${{ steps.format-time.outputs.replaced }}"
deployment_package: deploy.zip
Thanks for your help on this. And for your GitHub Action! 🤗
from beanstalk-deploy.
Thanks for your help on this. And for your GitHub Action! 🤗
Thanks for the bug report! Happy that someone can use this.
from beanstalk-deploy.
Hi Guys! I've been stuck with this same 403 error for a few days and exactly as @dalezak, running from the command line works smoothly, but from the Github Action don't. I've been using administrator access for this test to maximize my success, to no avail.
- name: Generate deployment Dockerrun.aws.json
run: |
make aws-docker-file
cat Dockerrun.aws.json
zip deploy.zip Dockerrun.aws.json
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy@v5
with:
aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
application_name: $APP_NAME
environment_name: $ENV_NAME
version_label: $GITHUB_RUN_ID
region: ap-southeast-1
deployment_package: deploy.zip
from beanstalk-deploy.
@MichaelRheault Looks normal, and nice to see that GitHub have added a GITHUB_RUN_ID
variable! You're absolutely sure that all the env vars are set, that the zip file is in the right place etc? Maybe try hardcoding in all the values (except maybe the aws secrets) and see if that makes any difference? Github_run_id is a number, does S3 allow filenames that are just numbers? They probably do, just wondering because 403 is usually because some of the parameters are illegal.
from beanstalk-deploy.
@varl ah, interesting. What operating system and shell are you using for your deployment? I use linux and bash so the $ENVVAR syntax works for me, but makes sense that with a different shell or os it wouldn't work.
from beanstalk-deploy.
@MichaelRheault Could this above be your problem as well?
from beanstalk-deploy.
@einaregilsson We're using the Ubuntu image, mostly likely Bash.
This version works: https://github.com/dhis2/app-hub/blob/master/.github/workflows/docker-ci.yml#L143-L144
This version does not: https://github.com/dhis2/app-hub/blob/e33345ea9a9eec7e6e08b14a0292eeb2df4f9499/.github/workflows/docker-ci.yml#L143-L144
It might have been because of the single-quotes, I'm never sure if they are consumed when the YAML is unmarshalled or passed to Bash. Even so, the $AWS_REGION
is unquoted, and that also was not expanded and used verbatim (as it in it tried to use literally "$AWS_REGION" as the region).
Very nice action all-in-all, thanks for writing and sharing it! Saved me some time. 👍
Oh, and by the way, it is possible to just pass in a Dockerrun.aws.json
file instead of a zip as well: https://github.com/dhis2/app-hub/blob/master/.github/workflows/docker-ci.yml#L145 which is great if the images are pre-built and available on ECR or Docker Hub (as they are in my case).
(Sorry about the off-topic)
from beanstalk-deploy.
Closing this.
from beanstalk-deploy.
Related Issues (20)
- Error: Deployment failed: Error: Status: 400. Code: Throttling, Message: Rate exceeded
- using the CLI tool in github actions
- Deployment breaks when run during an already ongoing deployment HOT 1
- Deploy Elastic Beanstack using Assume role
- Deployment failed: Error: Status: 301. HOT 1
- [feature-request] Support Wildcards/Multiple Elastic Beanstalk Environment Uploads HOT 1
- Issue when using aws_session_token HOT 3
- EB Environment Variables from Github Secrets HOT 5
- Fails if `existing_bucket_name` is DNS-style.
- Django Migrations HOT 1
- Error: Deployment failed: Error: Deployment failed! Current State: Version: Sample Application, Health: Green, Health Status: Info
- How to set option_settings? HOT 2
- Failure undetected, resulting in 6 hour timeout HOT 3
- support working-directory
- docker deploy HOT 1
- Windows support? HOT 1
- Upd runtime to node16 HOT 2
- Is this action still supported? HOT 5
- dynamic version_label is not working HOT 1
- Deployment fails HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from beanstalk-deploy.