https://pulumi.com logo
g

green-daybreak-91402

04/27/2022, 10:30 PM
Hello all! 🙂 Im running a Pulumi preview command in Github Actions but it is failing due to the following error:
Copy code
error configuring Terraform AWS Provider: failed to get shared config profile,
I am able to run preview, refresh and deploy locally with no issues. I have checked the correct AWS Credentials and Pulumi Access Token are being passed to the GH Actions workflow. Anyone seen and fixed this error before?
b

billowy-army-68599

04/27/2022, 10:31 PM
how are you configured aws access in github? does
aws sts get-caller-identity
work? is it a self hosted runner?
g

green-daybreak-91402

04/27/2022, 10:35 PM
We are using the pulumi GH Action:
Copy code
- uses: <docker://pulumi/actions>
        with:
          args: preview
        env:
          PULUMI_CI: pr
          PULUMI_ROOT: infra
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
and in previous steps we are setting teh env variable values from GH secrets
this is a normal GH hosted runner
b

billowy-army-68599

04/27/2022, 10:36 PM
before you run that, can you run
aws sts get-caller-identity
shouldn't this be...
Copy code
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
instead of
${{ env.AWS_ACCESS_KEY_ID }}
g

green-daybreak-91402

04/27/2022, 10:38 PM
good eye, but we are conditionally setting those depending on the branch so they ultimately come from
env.
im going to test
aws sts get-caller-identity
h

high-morning-17948

04/27/2022, 10:53 PM
@billowy-army-68599 if we didn't change anything in the deployment config, what could trigger this error:
Copy code
pulumi:pulumi:Stack hyperion-api-dev running error: Error: invocation of aws:iam/getAccountAlias:getAccountAlias returned an error: 1 error occurred:
b

billowy-army-68599

04/27/2022, 11:09 PM
I have never seen that error...
your AWS credentials don't seem to be valid: https://github.com/pulumi/pulumi/issues/1363
g

green-daybreak-91402

04/27/2022, 11:24 PM
we’re trying now with the latest Pulumi GH Action:
Copy code
uses: pulumi/actions@v3
we were previously using:
Copy code
uses: <docker://pulumi/actions>
The issue seems to be related to using the latest Pulumi package versions:
Copy code
"@pulumi/aws": "^5.3.0",
    "@pulumi/awsx": "^0.40.0",
    "@pulumi/pulumi": "^3.30.0",
    "@pulumi/random": "^4.5.0",
we reverted and it works as before…
b

billowy-army-68599

04/27/2022, 11:55 PM
interesting, can you file an issue?
👍 1
g

green-daybreak-91402

04/27/2022, 11:56 PM
Yup, I created one in the pulumi/actions repo
b

billowy-army-68599

04/27/2022, 11:57 PM
can you send a link? needs to be in pulumi-aws
g

green-daybreak-91402

04/27/2022, 11:59 PM
6 Views