Currently I'm trying to get Jenkins working with AWS codepipeline. I'm running Jenkins on a EC2 instance. However, for some reason, Jenkins fails to load the default credentials of AWS. I tried the following options:
- Initialize aws credentials with 'aws configure' command
- Use the aws-credentials plugin in Jenkins
- Perform export AWS_ACCESS_KEY_ID=.... and AWS_SECRET_ACCESS_KEY=.... in Jenkins cli
- Checked the ~/.aws/credentials file, if the credentials are present (which is the case)
- Followed all steps in the AWS documentation to make Jenkins and the codepipeline work together (http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html)
- Make sure that the user has the credentials through IAM interface on AWS
- Through all the steps restarted the Jenkins server several times
The polling log in my job gives the following output:
ERROR: Failed to record SCM polling for hudson.model.FreeStyleProject@75b77936[job-name]
com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1028)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1048)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:948)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:661)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:635)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:573)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:445)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:1785)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:1761)
at com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1228)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:240)
at com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:176)
at hudson.scm.SCM.poll(SCM.java:408)
at hudson.model.AbstractProject._poll(AbstractProject.java:1460)
at hudson.model.AbstractProject.poll(AbstractProject.java:1363)
at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:563)
at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:609)
at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Any suggestions for further directions? I want to prevent to directly pass the credentials to the job in the configuration page since I don't use HTTPS.
As per your description you use IAM role for jenkins its working fine.For your issue your credentials may not be available to jenkins user.
So first of all check that you are using Amazon linux user or jenkins user.If it is Amazon linux user than change it.
Second thing is that you must configure proxy and firewall settings on the server or Amazon EC2 instance to allow inbound connections to the port used by your Jenkins project & install the AWS CodePipeline Plugin for Jenkins on any instance of Jenkins you want to use with AWS CodePipeline.
Ref. Link: http://docs.aws.amazon.com/codepipeline/latest/userguide/getting-started-4.html