I have a pipeline step that already successfully updates a lambda. However, I just tried the example where we subsequently get the version number and assign an alias to it in the same step. The second pipe call fails with
Traceback (most recent call last):
File "/pipe.py", line 341, in <module>
pipe.run()
File "/pipe.py", line 304, in run
self.check_lamda_state_and_status()
File "/pipe.py", line 257, in check_lamda_state_and_status
response = self.client.get_function(
File "/usr/local/lib/python3.10/site-packages/botocore/client.py", line 530, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/local/lib/python3.10/site-packages/botocore/client.py", line 943, in _make_api_call
http, parsed_response = self._make_request(
File "/usr/local/lib/python3.10/site-packages/botocore/client.py", line 966, in _make_request
return self._endpoint.make_request(operation_model, request_dict)
File "/usr/local/lib/python3.10/site-packages/botocore/endpoint.py", line 119, in make_request
return self._send_request(request_dict, operation_model)
File "/usr/local/lib/python3.10/site-packages/botocore/endpoint.py", line 198, in _send_request
request = self.create_request(request_dict, operation_model)
File "/usr/local/lib/python3.10/site-packages/botocore/endpoint.py", line 134, in create_request
self._event_emitter.emit(
File "/usr/local/lib/python3.10/site-packages/botocore/hooks.py", line 412, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "/usr/local/lib/python3.10/site-packages/botocore/hooks.py", line 256, in emit
return self._emit(event_name, kwargs)
File "/usr/local/lib/python3.10/site-packages/botocore/hooks.py", line 239, in _emit
response = handler(**kwargs)
File "/usr/local/lib/python3.10/site-packages/botocore/signers.py", line 105, in handler
return self.sign(operation_name, request)
File "/usr/local/lib/python3.10/site-packages/botocore/signers.py", line 189, in sign
auth.add_auth(request)
File "/usr/local/lib/python3.10/site-packages/botocore/auth.py", line 418, in add_auth
raise NoCredentialsError()
botocore.exceptions.NoCredentialsError: Unable to locate credentials
I notice that even though I specified an OIDC role in the second call as well, the variable dump does not contain --env=AWS_OIDC_ROLE_ARN="${OIDC_LAMBDA_ROLE}", only for the first one.
I am using atlassian/aws-lambda-deploy:1.8.2.
@François Collins hi. I could not reproduce your issue.
Used the next setup according to your case:
image: atlassian/default-image:4 test: &test step: oidc: true script: # Update lambda code and publish a new version - pipe: atlassian/aws-lambda-deploy:1.10.0 variables: AWS_OIDC_ROLE_ARN: $AWS_OIDC_ROLE_ARN AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION FUNCTION_NAME: 'pipe-test' COMMAND: 'update' ZIP_FILE: 'lambda.zip' WAIT: 'true' - BITBUCKET_PIPE_SHARED_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes" - VERSION=$(jq --raw-output '.Version' $BITBUCKET_PIPE_SHARED_STORAGE_DIR/aws-lambda-deploy-env) # Point an alias to the new lambda version - pipe: atlassian/aws-lambda-deploy:1.10.0 variables: AWS_OIDC_ROLE_ARN: $AWS_OIDC_ROLE_ARN AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION FUNCTION_NAME: 'pipe-test' COMMAND: 'alias' ALIAS: 'production' VERSION: '${VERSION}' DEBUG: 'true' pipelines: default: - <<: *test branches: master: - <<: *test
And pipe was finished successfully.
$AWS_OIDC_ROLE_ARN i setup as a repository variable.
Regards, Igor
Indeed, I tried again with 1.10.0 instead of 1.8.2 and it passed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@François Collins . Thanks for your question. We will investigate your case.
Regards, Igor.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Validate your expertise in managing Jira Service Projects for Cloud. Master configuration, optimize workflows, and manage users seamlessly. Earn global 🗺️ recognition and advance your career as a trusted Jira Service management expert.
Get Certified! ✍️Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.