.net 无法通过GitHub操作使用AWS CodeArtifact进行身份验证
我无法在GitHub操作中对AWS CodeArtifact进行身份验证。AWS响应始终为401 我正在执行以下步骤:.net 无法通过GitHub操作使用AWS CodeArtifact进行身份验证,.net,amazon-web-services,nuget,dotnet-restore,aws-codeartifact,.net,Amazon Web Services,Nuget,Dotnet Restore,Aws Codeartifact,我无法在GitHub操作中对AWS CodeArtifact进行身份验证。AWS响应始终为401 我正在执行以下步骤: steps: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secr
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- run: aws configure --profile my-custom-profile set region ${{ secrets.AWS_REGION }}
- run: aws configure --profile my-custom-profile set role_arn ${{ secrets.AWS_ARN }}
- run: aws configure --profile my-custom-profile set source_profile default
- run: dotnet tool install -g AWS.CodeArtifact.NuGet.CredentialProvider
- run: dotnet codeartifact-creds install
- run: dotnet codeartifact-creds configure set profile my-custom-profile
- uses: actions/checkout@v2
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: 5.0.100
- name: Restore dependencies
run: dotnet restore
dotnet restore旁注:在这一切发生之前,我花了一些时间,但最终还是让它在我的本地主机windows开发机器上运行。因此,我在文件中的凭据似乎正在工作。以下是在GitHub操作中使用AWS CodeArtifact进行身份验证的步骤 高级步骤
- 使用
配置文件/creds创建一些[默认值]/aws/credentials - 使用一些特定的AWS CodeArtifact cred创建一个
文件config - 从AWS CodeArtifact获取身份验证令牌
- 将此身份验证令牌保存到环境变量
- 把所有代码都拉下来。这需要在您开始使用“nuget源代码”之前发生
- 使用身份验证令牌手动将AWS CodeArtifact nuget源添加到nuget源中
- 检查AWS CodeArtifact现在是否在nuget源列表中
- dotnet恢复
- run: |
echo '[default]' >> ~/.aws/credentials
echo 'aws_access_key_id=${{ secrets.AWS_ACCESS_KEY_ID }}' >> ~/.aws/credentials
echo 'aws_secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}' >> ~/.aws/credentials
- run: |
aws configure --profile nuget-read set region us-east-1
aws configure --profile nuget-read set role_arn arn:aws:iam::<some-id>:role/nuget-read
aws configure --profile nuget-read set source_profile default
aws configure list
- run: aws codeartifact get-authorization-token --domain <some domain> --profile nuget-read > at.json
- run: echo "AUTH_TOKEN= $(jq '.authorizationToken' at.json)" >> $GITHUB_ENV
- uses: actions/checkout@v2
- run: dotnet nuget add source https://<domain>-<id>.d.codeartifact.<aws region>.amazonaws.com/nuget/cosmos-nuget/v3/index.json --name <name of this nuget source. It can be anything> --password ${{ env.AUTH_TOKEN }} --username aws --store-password-in-clear-text
- run: dotnet nuget list source
- name: Setup .NET
uses: actions/setup-dotnet@v1
with:
dotnet-version: 5.0.100
- name: Restore dependencies
run: dotnet restore
-运行:|
回显“[默认]”>~/.aws/credentials
echo'aws\u access\u key\u id=${{secrets.aws\u access\u key\u id}}>>~/.aws/credentials
echo'aws\u secret\u access\u key=${{secrets.aws\u secret\u access\u key}}>>~/.aws/credentials
-运行:|
aws配置--配置文件nuget读取集区域us-east-1
aws配置--配置文件nuget读取集角色\u arn arn:aws:iam:::角色/nuget读取
aws配置--配置文件nuget read set source\U配置文件默认值
aws配置列表
-运行:aws codeartifact get authorization token--domain--profile numget read>at.json
-运行:echo“AUTH_TOKEN=$(jq.authorizationToken'at.json)”>>GITHUB_ENV
-用途:行动/checkout@v2
-运行:dotnetnuget添加源https://-.d.codeartifact..amazonaws.com/nuget/cosmos-nuget/v3/index.json --名称--密码${env.AUTH_TOKEN}--用户名aws--以明文形式存储密码
-运行:dotnetnuget列表源
-名称:Setup.NET
用途:操作/设置-dotnet@v1
与:
dotnet版本:5.0.100
-名称:还原依赖项
运行:dotnet还原
--以明文形式存储密码。这是废话,但至少需要在linux机器上工作。否则,它无法添加源代码,因为它不知道如何对其进行加密或其他操作
因此,可能有更好的方法来做到这一点,但至少现在这个工作