Error when trying to deploy dev branch with AWS Codepipeline
Closed this issue · 3 comments
Describe the issue
When I try to deploy my Serverless project to a dev pipeline using AWS Codepipeline I get the error "ENOENT: no such file or directory, open '/root/.aws/credentials'" error at the build stage. If I remove the entries for serverless-better-credentials from serverless.yml and package.json however, the build works fine.
To Reproduce
set up AWS to use single sign-on
Deploy dev branch using Codepipeline
Expected behavior
The plugin doesn't interfere with deployment. I assume this is what's happening because the error disappears when code pipeline excluded.
Screenshots
Where the build fails and stack trace:
Desktop (please complete the following information):
- OS: macOS Monterey v12.6.1
- Version (serverless-better-credentials): 1.1.3
- Serverless Version: 3.27.0
Additional context
I'm not sure what the issue could be so I'm hoping someone could give me some insight as to the possible causes and where to look to try and resolve this.
You are right that it is this plug-in that's causing it.
The error is a bit confusing, but it just means that none of the credential providers (as listed here: https://github.com/thomasmichaelwallace/serverless-better-credentials#other-credential-resolution) could be resolved.
I'm not actually sure what/how code pipeline provides credentials; it could well be the EC2 metadata service. One workaround could be to configure your pipeline environment so that the AWS_X environment variables are set: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/loading-node-credentials-environment.html
(as an aside, if you're using code pipeline, you may have a better time using the AWS-CDK instead of the Serverless Framework because it has built in support for pipelines as well as all credential types supported by AWS).
Thanks for your help and suggestions! The work that affect's this has been put on the back burner for now, but when it comes back around I'll investigate the AWS_X environment variables. I'm not sure I'll be able to move away from Serverless at this point.
It's a bit late, but I've added a bit to the readme about how to deal with this CI/CD scenario by creating a temporary ~/.aws/credentials file- see:
I'll close this issue for now, but feel free to re-open if you have any trouble.