## gitlabci 계정 AWSElasticBeanstalk 정책 추가
## .gitlab-ci.yml
variables:
ARTIFACT_NAME: cars-api-v$CI_PIPELINE_IID.jar
APP_NAME: cars-api
stages:
- build
- test
- deploy
build:
stage: build
image: openjdk:12-alpine
script:
- ./gradlew build
- mv ./build/libs/cars-api.jar ./build/libs/$ARTIFACT_NAME
artifacts:
paths:
- ./build/libs/
smoke test:
stage: test
image: openjdk:12-alpine
before_script:
- apk --no-cache add curl
script:
- java -jar ./build/libs/$ARTIFACT_NAME &
- sleep 30
- curl http://localhost:5000/actuator/health | grep "UP"
deploy:
stage: deploy
image:
name: amazon/aws-cli
entrypoint: [""]
script:
- aws configure set region ap-northeast-2
- aws s3 cp ./build/libs/$ARTIFACT_NAME s3://$S3_BUCKET/$ARTIFACT_NAME
- aws elasticbeanstalk create-application-version --application-name $APP_NAME --version-label $CI_PIPELINE_IID --source-bundle S3Bucket=$S3_BUCKET,S3Key=$ARTIFACT_NAME
- aws elasticbeanstalk update-environment --application-name $APP_NAME --environment-name Carsapi-env --version-label $CI_PIPELINE_IID
==========================================
When job fails, it is always a good idea to start right from the beginning and to understand step by
step what happened in this process.
In this case, the comment that generated the error is to create application version command.
As you can see, as soon as we started uploading our artifact to Elastic Bienstock to create a new version,
there was an error.
And in this case, the error that occurred is EXIS denied.
So it seems that our user in this case, the catalepsy, a user that we have created, is not authorized
to perform, create application version and create application version.
Obviously, in this case is a permission that our user does not have.
In order to fix this, all we have to do is to modify the security settings in I for the user catalepsy.
I'm going to go to the users catalepsy.
And you will see here that we have the possibility of adding permissions now, even if we don't know
exactly which permissions we are going to add, we can start searching for the.
So the quickest way to solve this is to start searching for Elastica Bienstock.
And the permission that we're going to sign is the full access permission, and this will provide full
access to the AWACS, Elastic Bienstock and all the underlying services.
And this case will be the S3 bucket.
And Ishita is for elastic compute.
And this creates virtual machines.
So let's check this.
Review it.
And permissions.
Now we're used that will now have all the provisions necessary for the pipeline to run.
Since Elastic Bienstock already includes access to S3, you may want to remove this permission as now
this is redundant.
Because the rest of the pipeline is OK, I'm going to simply retried the deployed job.
But going back to the console, we can now see that everything is successful.
So what has happened is that we have created a version and we have get a response back.
And, for example, we'll see here that the version is seven.
And this was the artifact that we have used from version seven and so on.
'[AWS] > GITLAB' 카테고리의 다른 글
15: GitLab CI Deploy to Remote Server over SSH (0) | 2022.03.04 |
---|---|
sed 명령어 (0) | 2022.03.02 |
63장. AWS CLI를 사용하여 AWS Elastic Beanstalk에 Java 애플리케이션을 배포하는 방법 (0) | 2022.03.02 |
62장. GitLab CI에서 AWS S3로 파일을 업로드하는 방법 (0) | 2022.03.01 |
[AWS] GitLab CICD Pipelines with AWS EC2 and S3 (0) | 2022.02.28 |
댓글