将Jenkins文件|与凭据和签名合并_Jenkins_Jenkins Pipeline_Jenkins Declarative Pipeline

将Jenkins文件|与凭据和签名合并

jenkins

将Jenkins文件|与凭据和签名合并,jenkins,jenkins-pipeline,jenkins-declarative-pipeline,Jenkins,Jenkins Pipeline,Jenkins Declarative Pipeline,我试图在所有EC2 AWS实例中使用Jenkinsfile函数和假定角色执行ansible playbook。但我的错误率越来越低 Obtained devops/JenkinsfileDynamic from git git@bitbucket.org:tui-uk-dev/cng-airflow-dags.git Running in Durability level: MAX_SURVIVABILITY org.codehaus.groovy.control.MultipleCompil

我试图在所有EC2 AWS实例中使用Jenkinsfile函数和

假定角色执行ansible playbook

。但我的错误率越来越低

Obtained devops/JenkinsfileDynamic from git git@bitbucket.org:tui-uk-dev/cng-airflow-dags.git
Running in Durability level: MAX_SURVIVABILITY
org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
WorkflowScript: 33: illegal string body character after dollar sign;
   solution: either escape a literal dollar sign "\$5" or bracket the value expression "${5}" @ line 33, column 134.
   SION_TOKEN=${AWS_SESSION_TOKEN} AWS_DEFA
                                 ^

詹金斯档案：-

    def Host_Verification2() {
    withCredentials([[$class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'cant_be_disclosed']]) {
         sh '''
          aws sts assume-role --role-arn "arn:aws:iam::12345678901:role/cant_role_jenkins" --role-session-name "connect" > assume-role-output.txt
          export AWS_ACCESS_KEY_ID=`cat assume-role-output.txt | jq -c '.Credentials.AccessKeyId' | tr -d '"' | tr -d ' '`
          export AWS_SECRET_ACCESS_KEY=`cat assume-role-output.txt | jq -c '.Credentials.SecretAccessKey' | tr -d '"' | tr -d ' '`
          export AWS_SESSION_TOKEN=`cat assume-role-output.txt | jq -c '.Credentials.SessionToken' | tr -d '"' | tr -d ' '`
          rm assume-role-output.txt
            sshagent(credentials: ['tuiuki-cng-dev']) {
                sh '''
                    cd acm/
                          sudo AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}" AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}" AWS_SESSION_TOKEN="${AWS_SESSION_TOKEN}" inventory/ec2.py --list --refresh-cache
                          sudo AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}" AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}" AWS_SESSION_TOKEN="${AWS_SESSION_TOKEN}" AWS_DEFAULT_REGION="eu-central-1" ansible-playbook -i inventory/ec2.py plays/emr/find.yml

                    '''
                    }
         '''
    }
}

就像例外情况所说的那样：

solution: either escape a literal dollar sign "\$5" or bracket the value expression "${5}"

试试这个：

sudo AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}" AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}"  ansible-playbook -i inventory/ec2.py plays/emr/findplaybooks.yml

谢谢你的建议。我又犯了一个错误

groovy.lang.MissingPropertyException:没有这样的属性：类：groovy.lang.Binding的AWS_会话_令牌

您必须为AWS密钥/令牌创建一个环境变量。基本上，该消息告诉您Jenkins正在查找名为“AWS_会话_令牌”的变量，但找不到它。您将AWS凭据存储在何处或如何存储？我将在Jenkins中担任此角色并添加凭据

sudo AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/ec2.py --limit "tag_Name_cluster" plays/emr/find.yml --private-key=${SSH_KEY} -u hadoop