search

peterkimzz / aws-ssm-send-command

Github Actions for using AWS SSM Send-Command
MIT License
61 stars 32 forks source link

Issue with AWS SSM Send-Command #5

Closed rmiyazaki6499 closed 4 years ago

rmiyazaki6499 commented 4 years ago

Hello, First issue so apologize if I do anything wrong.

I have an AWS EC2 instance with a script I would like to run with github actions (primarily when anything is pushed to master). I have set my IAM user with the IAM role with AmazonSSMFullAccess

I tried following the example script (I have tried both with peterkimzz/aws-ssm-send-command@1.0.1 and peterkimzz/aws-ssm-send-command@0.0.2) and I keep running into errors. Here is the first one:

Run peterkimzz/aws-ssm-send-command@1.0.1
  with:
    aws-access-key-id: ***
    aws-secret-access-key: ***
    aws-region: us-east-2
    instance-ids: ***
    working-directory: /home/ubuntu/algoacademy
    command: ./deploy
    comment: Deploy script again
/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/request.js:31
            throw err;
            ^

InvalidInstanceId: null
    at Request.extractError (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/protocol/json.js:51:27)
    at Request.callListeners (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/request.js:685:12)
    at Request.callListeners (/home/runner/work/_actions/peterkimzz/aws-ssm-send-command/1.0.1/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
  message: null,
  code: 'InvalidInstanceId',
  time: 2020-06-30T04:43:41.516Z,
  requestId: '1d01c581-6e33-41e2-8a55-880c9694ee46',
  statusCode: 400,
  retryable: false,
  retryDelay: 39.965450441985226
}

And here are my errors with 0.0.2:

##[warning]Unexpected input 'aws-access-key-id', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
##[warning]Unexpected input 'aws-secret-access-key', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
##[warning]Unexpected input 'aws-region', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
##[warning]Unexpected input 'instance-ids', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
##[warning]Unexpected input 'working-directory', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
##[warning]Unexpected input 'command', valid inputs are ['entryPoint', 'args', 'instance_id', 'commands', 'document_name', 'working_directory', 'comment']
Run peterkimzz/aws-ssm-send-command@0.0.2
  with:
    aws-access-key-id: ***
    aws-secret-access-key: ***
    aws-region: us-east-2
    instance-ids: ***
    working-directory: /home/ubuntu/algoacademy
    command: ./deploy
    comment: Deploy script again
    document_name: AWS-RunShellScript
/usr/bin/docker run --name d372523d09d9fd42d7ad110da2b6cfb707_6a25e2 --label 3888d3 --workdir /github/workspace --rm -e INPUT_AWS-ACCESS-KEY-ID -e INPUT_AWS-SECRET-ACCESS-KEY -e INPUT_AWS-REGION -e INPUT_INSTANCE-IDS -e INPUT_WORKING-DIRECTORY -e INPUT_COMMAND -e INPUT_COMMENT -e INPUT_INSTANCE_ID -e INPUT_COMMANDS -e INPUT_DOCUMENT_NAME -e INPUT_WORKING_DIRECTORY -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/algoacademy/algoacademy":"/github/workspace" 3888d3:72523d09d9fd42d7ad110da2b6cfb707
instance-ids is required. Did you set parameter instance-ids?

I have triple checked the instance id (set in Github Secrets as INSTANCE_ID with my i-xxx instance id).

Any suggestions or help with either something I am doing wrong or something I am missing would be greatly appreciated.

peterkimzz commented 4 years ago

Hi rmiyazaki6499, thank you for opening issue.

To resolve the issue, set IAM Role to your instance. Please use 1.0.1 version, and I'll update the READMD.md file soon about the issue.

rmiyazaki6499 commented 4 years ago

Hello peterkimzz,

Thank you for the quick response! I have set the IAM Role to the instance with AmazonSSMFullAccess and unfortunately am running into the same error with 1.0.1...

When setting the Secret for INSTANCE_ID does the key need to have quotes ("i-xxxxxxx") or without quotes? (I have set them without quotes.

Again, thank you for your help!

peterkimzz commented 4 years ago 
- name: AWS SSM Send Command
        uses: peterkimzz/aws-ssm-send-command@1.0.1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ap-northeast-2
          instance-ids: ${{ secrets.INSTANCE_ID }}
          comment: Blue/Green Deployment executed by Github Actions
          working-directory: /home/ubuntu/api_production
          command: /bin/sh deploy.sh

This is my working action script.

instance_id is without quotes.

rmiyazaki6499 commented 4 years ago

Okay great! Let me try that script.

Hmmm, I thought so. I will try it again.

rmiyazaki6499 commented 4 years ago

Hi @peterkimzz,

So your script worked! I'm not sure sure on what was the cause of it but I did notice one of the differences was that you had omitted the id: ssm portion of the yml file.

Either way, thank you so much for your help and awesome project!