aws CLI是什么东西,暂且先不去了解,目前的需求是s3.
我在Jenkins上创建一个bucket,然后申请access_key,然后就可以使用s3来存储数据了。也就是说,s3就是一个网盘。
1.安装CLI
文档:http://docs.aws.amazon.com/cli/latest/userguide/installing.html
$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip" $ unzip awscli-bundle.zip $ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
2.配置
配置很简单,提供access_key 和secret_access_key以及region就可以了。
aws configure
3.脚本配置
由于给我的key是1h的,因此需要每次使用的时候更新它。
脚本中使用环境变量是最好的。参考:http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-environment
然后,我明明在脚本中export了key,却总是不通过。纠结了好久之后,百度了n个帖子之后,还是Linux环境变量的问题。
- 子shell复制父shell的环境变量
- export的环境变量是当前有效并且针对当前用户的
- 脚本中aws默认寻找总的环境变量,这就导致自己设置的环境变量没有读取
- 所以需要在脚本的开头声明环境变量文件:
. /etc/profile . ~/.bash_profile
#!/bin/bash
# update aws configure
# configure environment variables for the default user
# ~/.aws/credentials
# [default]
# aws_access_key_id = AKIAJB2HUQ2N2SVSWDDA
# aws_secret_access_key = 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
# ~/.aws/config
# [default]
# output = json
# region = us-west-2
. /etc/profile
. ~/.bash_profile
#get client_token
client_token_json=`curl -XPOST https://store.test.expedia.com/v1/auth/app-id/login -d '{"app_id":"d8xxxxxxxx789871","user_id":"710xxxxxxxxxb65-b8xxxxxaf1b01"}' --silent -k`
client_token=$(echo $client_token_json | jq .auth.client_token | cut -d "\"" -f 2)
aws_auth=$(curl -H "X-Vault-Token:$client_token" -X GET https://store.test.expedia.com/v1/test/creds/epc-content-mongodb --silent -k)
# set environment, only effec in this shell
access=$(echo $aws_auth | jq .data.access_key | cut -d "\"" -f 2)
secret=$(echo $aws_auth | jq .data.secret_key | cut -d "\"" -f 2)
export AWS_ACCESS_KEY_ID=$access
export AWS_SECRET_ACCESS_KEY=$secret
env | grep AWS
echo "[default]" > ~/.aws/credentials
echo "aws_access_key_id="$access>>~/.aws/credentials
echo "aws_secret_access_key="$secret>>~/.aws/credentials
echo "[default]"> ~/.aws/config
echo "output = json">>~/.aws/config
echo "region = us-west-2">>~/.aws/config
echo "aws key has updated!"
# wait for effective
#sleep 10s
#test aws s3
#aws s3 ls s3://epc-content-mongodb-export --output json --region us-west-2
唯有不断学习方能改变! -- Ryan Miao
