curved-television-656801/13/2022, 12:14 PM
fast-nail-5540001/13/2022, 6:22 PM
The easy thing is to set/inherit HOME and be done with it, but is that an OK approach?something to be aware of: that would work with local execution, but would not work with remote execution.
hundreds-father-40401/13/2022, 6:24 PM
fast-nail-5540001/13/2022, 6:27 PM
hundreds-father-40401/13/2022, 8:01 PM
So I don't think you need to do anything new to get ~/.aws/credentials working. You only need to set up
appropriately like to get
curved-television-656801/13/2022, 8:53 PM
but would not work with remote executionnot sure that would be an issue here, though, as the
processer are run as interactive processes, which implies local, iiuc?
ought to be remotable too.. and work with exported images from a previous build step.. 🤔
So I don’t think you need to do anything new to get ~/.aws/credentials working.Exactly.. but I guess it won’t know what
should expand to unless HOME env var is set?
hundreds-father-40401/13/2022, 9:22 PM
nutritious-hair-7258001/14/2022, 9:38 AM
and the like. This would obviously work locally as well as a workaround but it’s just another step to manage. In my org, we have AWS access tied to enterprise SSO. We use a tool which reads the config file, uses chromium to login and scrape the SAML cookie, does an API call to AWS, gets an access token, and saves that to
. For Jenkins, we have an IAM service account which can assume a role, and the Jenkins plugin handles setting the env vars.