Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS CLI commands on JENKINS

I'm trying to write a script that with the help of Jenkins will look at the updated files in git, download it and will encrypt them using AWS KMS. I have a working script that does it all and the file is downloaded to the Jenkins repository on local server. But my problem is encrypting this file in Jenkins repo. Basically, when I encrypt files on local computer, I use the command:

aws kms encrypt --key-id xxxxxxx-xxx-xxxx-xxxx-xxxxxxxxxx --plaintext fileb://file.json --output text --query CiphertextBlob | base64 --decode > Encrypted-data.json

and all is ok, but if I try to do it with Jenkins I get an error that the AWS command not found.
Does somebody know how to solve this problem and how do I make it run AWS through Jenkins? Here is my working code which breaks down on the last line:

bom_sniffer() { 

  head -c3 "$1" | LC_ALL=C grep -qP '\xef\xbb\xbf'; 
  if [ $? -eq 0 ] 
  then 
    echo "BOM SNIFFER DETECTED BOM CHARACTER IN FILE \"$1\""
    exit 1
  fi
}
check_rc() {
  # exit if passed in value is not = 0
  # $1 = return code
  # $2 = command / label
  if [ $1 -ne 0 ]
  then
    echo "$2 command failed"
    exit 1
  fi
}

# finding files that differ from this commit and master
echo 'git fetch'
check_rc $? 'echo git fetch'
git fetch
check_rc $? 'git fetch'
echo 'git diff --name-only origin/master'
check_rc $? 'echo git diff'

diff_files=`git diff --name-only $GIT_PREVIOUS_COMMIT $GIT_COMMIT | xargs`
check_rc $? 'git diff'
for x in ${diff_files}
do
  echo "${x}"
  cat ${x}
  bom_sniffer "${x}"
  check_rc $? "BOM character detected in ${x},"
  aws configure kms encrypt --key-id xxxxxxx-xxx-xxxx-xxxx-xxxxxxxxxx --plaintext fileb://${x} --output text --query CiphertextBlob | base64 --decode > Encrypted-data.json

done
like image 321
Андрей Ка Avatar asked Aug 28 '17 10:08

Андрей Ка


People also ask

How do I connect EC2 instance to Jenkins?

Choose Manage Jenkins, and then choose Configure System. In the Cloud section, select Add a new cloud, and then choose Amazon EC2. Enter your information in the remaining fields. You must enter your AWS credentials in the Add Credentials field.


1 Answers

After discussion with you this is how this issue was resolved :

First corrected the command by removing configure from it.

Installed the awscli for the jenkins user :
pip install awscli --user

Used the absolute path of aws in your script
for eg. say if it's in ~/.local/bin/ use ~/.local/bin/aws kms encrypt --key-id xxxxxxx-xxx-xxxx-xxxx-xxxxxxxxxx --plaintext fileb://${x} --output text --query CiphertextBlob | base64 --decode > Encrypted-data.json in your script. Or add the path of aws in PATH.

like image 117
Rahul Verma Avatar answered Sep 18 '22 13:09

Rahul Verma