How to run AWS VRK client certificates on elastic beanstalk env using github action.
snehal-desh opened this issue · 2 comments
Describe the bug
I am trying to deploy My code on elastic beanstalk env and deployment is successful but in Elastic beanstalk env I am getting VRK client certificate error. Due to this My application not running as expected.
Expected Behavior
After deploying code to the elastic beanstalk env My application should be run.
Current Behavior
Its giving me Application run failed error in AWS cloud watch.
Reproduction Steps
This is my workflow .yml file
This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
name: customer information service dev
on: [push]
on:
workflow_dispatch:
paths:
- .github/workflows/customer-information-service-dev.yml
env:
AWS_REGION: "eu-west-1"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8
distribution: 'temurin'
- name: Build with Maven
run: mvn -B package -DskipTests --file pom.xml
- name: Upload JAR
uses: actions/upload-artifact@v4
with:
name: artifact
path: customer-information-webapp/target/customer-information-webapp.jar
deploy-to-elastic-beanstalk:
name: Deploy to Elastic Beanstalk
runs-on: ubuntu-latest
needs: build
environment: dev
steps:
- uses: actions/checkout@v4
- name: Download Artifact
uses: actions/download-artifact@v4
with:
name: artifact
path: customer-information-webapp/target/
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::355329564831:role/aws-elasticbeanstalk-githubaction-role
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-1
- name: Deploy to Elastic Beanstalk
uses: einaregilsson/beanstalk-deploy@v21
with:
aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }}
region: eu-west-1
application_name: customer-information-service-dev-new
environment_name: customer-information-dev-env-new
version_label: ${{ github.sha }}
deployment_package: customer-information-webapp/target/customer-information-webapp.jar
Possible Solution
In My application code there are some .sh file used to retrieve the VRK client certificates form AWS parameter store. I try to run that file using GitHub action workflow but in that file, there is one more path mention ./tmp/*.sh file while running 1st .sh file it will give error that the file which is inside the ./tmp folder is not found. berceuse this inside .sh file is not present in my GitHub repository folder. *.sh file located when we deploy code into ec2 instance after that this file created but when i deploy the code into elastic beanstalk and new EC@ instance created I could not find those .sh file created in new EC@ instance why this file is not created berceuse when i deploy code using jenkins then it will created those file and copy those file into tmp folder.
Any one have the solution foe this?
Additional Information/Context
No response
Hi @snehal-desh thanks for reaching out. I think we need more information in order to investigate this further. Could you provide the full error message you received, and the full reproduction steps to generate it? I'm not sure if the issue here is directly related to configure-aws-credentials, or something to do with Elastic Beanstalk, your .sh scripts or something else.
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.