Thanks. Thats exactly what I was looking for nd probably the only combination I didnt't try. Thanks again.
On Mon, Dec 3, 2018 at 2:18 AM Rickard von Essen < [email protected]> wrote: > You environment_vars section is wrong. It should look like: > > "environment_vars": [ > "AWS_ACCESS_KEY_ID={{ user `aws_access_key` }}", > "AWS_SECRET_ACCESS_KEY={{ user `aws_secret_key` }}" > ], > > But environment_vars isn't very useful when using inlines, instead > directly inline it in the code. > > { > "type": "shell", > "inline": [ > "#!/bin/bash -x", > "echo {{ user `aws_access_key` }}", > "sudo rm /var/lib/apt/lists/lock", > "sleep 60", > "sudo apt-get install -y curl openssh-server > ca-certificates apt-transport-https ca-certificates > software-properties-common", > "curl > https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh > | sudo bash", > "sudo EXTERNAL_URL='http://gitlab.tb65.net' apt-get > install gitlab-ee", > > "#Certs", > "sudo mkdir -p /etc/gitlab/ssl", > "sudo chmod 700 /etc/gitlab/ssl", > "sudo AWS_ACCESS_KEY_ID={{ user `aws_access_key` }} [...] > aws s3 cp s3://BUCKET_NAME-devops/Certs/__MY_DOMAIN/__MY_DOMAIN.key > /etc/gitlab/ssl/__MY_DOMAIN.key" > ] > } > > On Mon, Dec 3, 2018 at 3:16 AM Seth Floyd <[email protected]> wrote: > >> Hi. Im running into an issue and I feel like ive missed something in a >> doc somewhere and i need someone to set me straight. >> Im using Gitlab CI for my pipeline which builds a docker container that >> has packer installed inside it and thats where i run my packer build from. >> I have my AWS keys set in my gitlab project as CI variables. >> Here are the commands im running in my pipeline: >> >> - docker build --build-arg PACKER_VERSION=$PACKER_VERSION -t packer . >> - docker run -d -t -i --name packer_builder packer >> - docker exec -i -e AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" -e >> AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" packer_builder packer >> validate /tmp/gitlab.json >> - docker exec -i -e AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" -e >> AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" packer_builder packer build >> /tmp/gitlab.json >> >> My PACKER_VERSION gets passed into my docker container just fine. I can >> echo it. My AWS keys are being passed into the container as env vars which >> allow packer build to run, which it does just fine. What I need to do is >> actually use these AWS keys inside a script provisioner so that I can do >> some CP from an S3 bucket. The var name im using in Gitlab is >> AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. >> >> Can someone tell me what Ive missed or what I should be doing here to >> make these env vars available? >> Thanks! >> >> Trimmed down example packer template: >> >> { >> "variables": { >> "aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}", >> "aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}" >> }, >> "builders": [{ >> "type": "amazon-ebs", >> "access_key": "{{user `aws_access_key`}}", >> "secret_key": "{{user `aws_secret_key`}}", >> "region": "us-east-1", >> "source_ami_filter": { >> "filters": { >> "virtualization-type": "hvm", >> "name": "Base-AMI-Ubuntu-*", >> "root-device-type": "ebs" >> }, >> "owners": [ >> "XXXXXXXXXXXX" >> ], >> "most_recent": true >> }, >> "instance_type": "t2.large", >> "ssh_username": "ubuntu", >> "ami_name": "Gitlab-{{timestamp}}", >> "vpc_id": "vpc-XXXXXX", >> "subnet_id": "subnet-XXXXXXXX" >> }], >> "provisioners": [{ >> "type": "shell", >> "environment_vars": [ >> "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID", >> "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> ], >> "inline": [ >> "#!/bin/bash -x", >> "echo $AWS_ACCESS_KEY_ID", <----This only returns >> $AWS_ACCESS_KEY_ID >> "sudo rm /var/lib/apt/lists/lock", >> "sleep 60", >> "sudo apt-get install -y curl openssh-server >> ca-certificates apt-transport-https ca-certificates >> software-properties-common", >> "curl >> https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh >> | sudo bash", >> "sudo EXTERNAL_URL='http://gitlab.tb65.net' apt-get >> install gitlab-ee", >> >> "#Certs", >> "sudo mkdir -p /etc/gitlab/ssl", >> "sudo chmod 700 /etc/gitlab/ssl", >> "sudo aws s3 cp >> s3://BUCKET_NAME-devops/Certs/__MY_DOMAIN/__MY_DOMAIN.key >> /etc/gitlab/ssl/__MY_DOMAIN.key" <-- This fails and says my creds are not >> available. >> ] >> } >> ] >> } >> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/packer-tool/e7cfb131-096d-40b3-a5a9-e0e4d4e1611f%40googlegroups.com >> <https://groups.google.com/d/msgid/packer-tool/e7cfb131-096d-40b3-a5a9-e0e4d4e1611f%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to a topic in the > Google Groups "Packer" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/packer-tool/csnkpxrtgtM/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/packer-tool/CALz9Rt-rvmj1bHeqa7YdjkcB69BhbwtQgd_TtAP5GouOsL%2Bfrg%40mail.gmail.com > <https://groups.google.com/d/msgid/packer-tool/CALz9Rt-rvmj1bHeqa7YdjkcB69BhbwtQgd_TtAP5GouOsL%2Bfrg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Seth Floyd Jr. DevOps Terbium Labs -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CAM0N5m5rAbK3akijSNbQdE%3D%2BauyVg%2BmKe4i0-eUsP4PrSR74Cg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
