I'm unable to authenticate to AWS CodeArtifact from within a GitHub action. The AWS response is always 401.
I'm doing the following steps:
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- run: aws configure --profile my-custom-profile set region ${{ secrets.AWS_REGION }}
- run: aws configure --profile my-custom-profile set role_arn ${{ secrets.AWS_ARN }}
- run: aws configure --profile my-custom-profile set source_profile default
- run: dotnet tool install -g AWS.CodeArtifact.NuGet.CredentialProvider
- run: dotnet codeartifact-creds install
- run: dotnet codeartifact-creds configure set profile my-custom-profile
- uses: actions/checkout@v2
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: 5.0.100
- name: Restore dependencies
run: dotnet restore
and it keeps dying on the dotnet restore
line:
Can anyone please suggest what steps I have made incorrectly -or- are missing?
Side note: Before all of this, it took some time but I did end up getting it working on my localhost windows development machine. So the credentials I have on file seem to be working.
Here are the steps to authenticate with AWS CodeArtifact in a GitHub action.
High level steps
./aws/credentials
with a[default]
profile/creds.config
file with some specific AWS CodeArtifact creds.GitHub action code
NOTE: replace things like
<domain>
or<some-id>
etc.. with your own custom AWS settings, etc.Notice the
--store-password-in-clear-text
when manually adding the nuget source. This is crap, but needed to work on linux machines at least. Otherwise, it fails to add the source because it doesn't know how to encrypt it, or something.So there might be better ways to do this but at least this now works!