Question:
I’m trying to run the aws command (to invalidate cloudfront) using official aws image and have the following config of .gitlab-ci.yml:
|
1 2 3 4 5 6 7 8 9 10 |
static-invalidation: <<: *production-env stage: static_invalidation image: amazon/aws-cli:latest variables: AWS_ACCESS_KEY_ID: $CLOUDFRONT_AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY: $CLOUDFRONT_AWS_SECRET_ACCESS_KEY script: - aws cloudfront create-invalidation --distribution-id $CLOUDFRONT_DISTRIBUTION --invalidation-batch file://deployment/configs/inv-batch.json |
The job fails with the following error:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
Using docker image sha256:00cf4f100b03d1b26e93cce377c1311c34efa753e379cd5c6ea5d458337cbaab for amazon/aws-cli:2.2.17 with digest amazon/aws-cli@sha256:39e9898fc43f618636a2190f82b9babcdc618d054e66b49c9959b9cd23285ade ... usage: aws [options] To see help text, you can run: aws help aws aws aws: error: argument command: Invalid choice, valid choices are: accessanalyzer | acm acm-pca | alexaforbusiness ... ERROR: Job failed: exit code 252 |
Any ideas why it’s not working?
When I run the command locally it works.
Answer:
amazon/aws-cli docker has set entrypoint to aws as it’s expected to be executed as
|
1 2 |
$ docker run amazon/aws-cli cloudfront create-invalidation --distribution-id ... |
but gitlab expects entry point to shell so it can then execute script commands.
Check out gitlab documentation: https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#available-settings-for-image
You will find there how to override docker image entrypoint.
Working config is:
|
1 2 3 4 |
image: name: amazon/aws-cli:2.2.18 entrypoint: [""] |