The easiest solution is to request another security key pair from Amazon
until you get one that does not include a plus sign. You can have multiple
keys for the same account and one extra key/pair is a small price to pay if
you want to copy build artifacts to an S3 bucket.
On Saturday, April 21, 2012 1:06:19 AM UTC-4, Grant wrote:
>
> I've been experimenting with the Amazon S3 Publisher plugin in Jenkins
> 1.460 in preparation for starting to use S3 for artifact storage & program
> distribution at work. I kept getting errors with the S3 plugin, however,
> stating "Can't connect to S3 service: The request signature we calculated
> does not match the signature you provided. Check your key and signing
> method."
>
> The Access & Secret Keys were correct and being stored correctly in the
> hudson.plugins.s3.S3BucketPublisher.xml configuration file. I added some
> logging to the plugin to discover that in
> S3BucketPublisher.DescriptorImpl.doLoginCheck(), the "secretKey" element of
> the StaplerRequest parameter was being returned incorrectly. There's a "+"
> character in the secret key. The plus was being turn into a space (" "),
> thus the plugin is unable to connect to S3.
>
> Here is the line of code that the error manifests itself in:
> https://github.com/glimberg/s3-plugin/blob/master/src/main/java/hudson/plugins/s3/S3BucketPublisher.java#L184
>
> The issue first appears with Jenkins & the S3 Publisher plugin in Jenkins
> 1.455 and continues through 1.460. Versions 1.454 and prior behave as
> expected. The "+" in the secret key is retained and connection to S3 is
> possible. Nothing has changed in the S3 plugin in that time period, so the
> issue must be somewhere inside Jenkins itself. Unfortunately, I'm rather
> unfamiliar with the Jenkins architecture and plugin architecture an am
> unable to trace the issue further down the chain than that.
>
> To recreate the issue:
>
> 1) get the S3 plugin (https://github.com/jenkinsci/s3-plugin)
> 2) set the jenkins version on line 6 of pom.xml to 1.455 or greater.
> 3) in "Configure System", add an S3 profile. Valid or not does not matter.
> Make sure there's a "+" in the secret key or the access key field.
> 4) Set a breakpoint, or print out the value of
> req.getParameter("secretKey") in
> S3BucketPublisher.DescriptorImpl.doLoginCheck(). See that the "+" has been
> turned into a " ".
>
> The strange thing is that if you look in the actual form fields secretKey
> or accessKey, the + will be in there correctly. Somehow it's not getting to
> the actual plugin code as a +, though.
>
> Workarounds:
>
> None known at this time.
>
> I attempted to replace the + with its URLEncoded form "%2B" in the
> configuration file, but "%2B" comes through instead of being decoded into a
> +.
>
> The only hack I have to get it working for us at the office for the time
> being is to replace all instances of " " in the secretKey with "+". Not a
> good solution.
>
> I've added this issue to the bug tracker:
> https://issues.jenkins-ci.org/browse/JENKINS-13531
>
> Hoping it will get a little more visibility here.
>
> Grant Limberg
> [email protected] <javascript:>
>
>
>
>
