hey all, so we're htting an issue with the Pulumi ...
# generalc
colossal-knife-3263
06/08/2023, 7:50 PMhey all, so we're htting an issue with the Pulumi github action using an
s3 backend/cloud-url Copy code
error: problem logging in: read ".pulumi/meta.yaml": blob (key ".pulumi/meta.yaml") (code=Unknown): operation error S3: GetObject, https response error StatusCode: 400, RequestID: 55R5R9SMEKDNKRN1, HostID: E5cGNxG93HUpKxIM1gBo2wNZzKtD3wl3ijYBtwbsIEJFRTzAEeqM++t9QCimWcqhy0RWTtmdL0S3rANAZXrg9w==, api error AuthorizationHeaderMalformed: The authorization header is malformed; a non-empty Access Key (AKID) must be provided in the credential.colossal-knife-3263
06/08/2023, 7:51 PMIt seems that the AWS credentials aren't being recognized in the runtime environment though afaict they are and a preceding
aws s3 ls...colossal-knife-3263
06/08/2023, 7:51 PM- name: Configure AWS development credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume: <role>
role-session-name: github-actions
- run: npm install
working-directory: ${{ matrix.project }}
- name: Identify available project stacks
id: id-project-stacks
run: |
aws s3 ls --recursive --human-readable
pulumi login -v=5 's3://...'
echo "stacks=$(pulumi stack ls --cwd ${{ matrix.project }} --json | jq -r '.[].name' | grep -v organization | tr '\n' ' ')" >> "$GITHUB_OUTPUT"
- name: Preview project development stack
if: ${{ contains(steps.id-project-stacks.outputs.stacks, 'development') }}
uses: pulumi/actions@v4.4.0
with:
command: preview
work-dir: ${{ matrix.project }}
stack-name: development
cloud-url: s3://...
secrets-provider: <awskms://alias/pulumi-state?region=us-east-1&awssdk=v2&profile=production%7C<>secrets-provider>
e
echoing-dinner-19531
06/08/2023, 9:50 PMMight be related to https://github.com/pulumi/pulumi/issues/11482
Both the kms and s3 code uses go.cloud, might be that's not handling assumed roles correctly. Worth raising an issue (and linking to that one above)
c
colossal-knife-3263
06/08/2023, 10:12 PMah ok interesting - thanks @echoing-dinner-19531 and will do
2 Views