21

I am using AWS CodeBuild along with Terraform for automated deployment of a Lambda based service. I have a very simple buildscript.yml that accomplishes the following:

  • Get dependencies
  • Run Tests
  • Get AWS credentials and save to file (detailed below)
  • Source the creds file
  • Run Terraform

The step "source the creds file" is where I am having my difficulty. I have a simply bash one-liner that grabs the AWS container creds off of curl 169.254.170.2$AWS_CONTAINER_CREDENTIALS_RELATIVE_URI and then saves them to a file in the following format:

export AWS_ACCESS_KEY_ID=SOMEACCESSKEY
export AWS_SECRET_ACCESS_KEY=MYSECRETKEY
export AWS_SESSION_TOKEN=MYSESSIONTOKEN

Of course, the obvious step is to simply source this file so that these variables can be added to my environment for Terraform to use. However, when I do source /path/to/creds_file.txt, CodeBuild returns: 

[Container] 2017/06/28 18:28:26 Running command source /path/to/creds_file.txt
/codebuild/output/tmp/script.sh: 4: /codebuild/output/tmp/script.sh: source: not found

I have tried to install source through apt but then I get an error saying that source cannot be found (yes, I've run apt update etc.). I am using a standard Ubuntu image with the Python 2.7 environment for CodeBuild. What can I do to either get Terraform working credentials for source this credentials file in Codebuild.

Thanks!

Tanishq dubey
  • 1,522
  • 7
  • 19
  • 42
  • 2
    Have you tried using `.` instead of `source`? `source` is not POSIX https://ss64.com/bash/source.html – jeffrey Jun 28 '17 at 19:05
  • 1
    That did it! Thanks so much! As a side question, are AWS containers strictly POSIX compliant? (also if you make your comment into an answer, I'll accept and close) – Tanishq dubey Jun 28 '17 at 19:33
  • 2
    That is a good question, I think they just do raw shell calls rather then bash or anything like that, however I am not sure. Until a certain guru told me that `source` was a common alias for `.` I had thought it was the other way around. – jeffrey Jun 28 '17 at 19:37

5 Answers5

24

Try using . instead of source. source is not POSIX compliant. ss64.com/bash/source.html

theherk
  • 6,954
  • 3
  • 27
  • 52
jeffrey
  • 965
  • 14
  • 25
15

CodeBuild now supports bash as your default shell. You just need to specify it in your buildspec.yml.

env:
  shell: bash

Reference: https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-syntax

Noel Llevares
  • 15,018
  • 3
  • 57
  • 81
4

The AWS CodeBuild images ship with a POSIX compliant shell. You can see what's inside the images here: https://github.com/aws/aws-codebuild-docker-images.

If you're using specific shell features (such as source), it is best to wrap your commands in a script file with a shebang specifying the shell you'd like the commands to execute with, and then execute this script from buildspec.yml.

build-script.sh

     #!/bin/bash
      <commands>
      ...

buildspec.yml (snippet)

build: commands: - path/to/script/build-script.sh

sdhillon
  • 139
  • 3
  • 2
    Interesting, thanks for clarifying that. I've always been able to use `source` on my linux/UNIX machines so never gave it a second thought. As of right now, we've gone POSIX compliant on our scripts just to ensure full compatibility. – Tanishq dubey Jun 28 '17 at 20:16
  • 1
    Unless you are writing something that can only be done with bash, or is drastically more efficient with something non-POSIX compliant, sticking to POSIX is a good idea for portability. – theherk Jun 28 '17 at 21:21
4

I had a similar issue. I solved it by calling the script directly via /bin/bash <script>.sh

Georgi Tenev
  • 338
  • 4
  • 18
4

I don't have enough reputation to comment so here it goes an extension of jeffrey's answer which is on spot.

Just in case if your filename starts with a dot(.), the following will fail

. .filename

You will need to qualify the filename with directory name like

 . ./.filename
brajmohan
  • 153
  • 1
  • 8