AWS Credentials not working from SHELL Environment Variable

Hi there,

Not sure which section of the community my problem resides in, but I am having issues with authenticating aws-cli.

I am decrypting my AWS credentials from a repo and exporting it to the SHELL environment variables using the following command:

export $(grep -v '^#' /codefresh/volume/production) - production are my AWS creds.

However, when I run aws s3 ls, I am getting the following error:

An HTTP Client raised and unhandled exception: Invalid header value b'AWS4-HMAC-SHA256 Credential=xxx\r/20191108/us-east-1/s3/aws4_request, Sign
edHeaders=host;x-amz-content-sha256;x-amz-date, Signature=xxx'                                      

I did some Googling around, some users are saying it could be related to whitespace issue, and some are saying you can’t have issue. I checked my files, none of them have newlines or whitespaces at the end of the file.

Please advise.

Thank you.

It is hard to diagnose this without looking at the build with more detail. Could you please open an issue with us ?

Just click on your profile (top right) > Support > Submit a request.

Please also include the build URL of the pipeline that has the issue.

I can create a Support Ticket, however, my build URL contains sensitive information.

Please advise how I should proceed.

Thank you.

Your builds are not accessible outside of your account. Only support stuff have access to them (with your explicit permission)

Here is for example one my builds

It’s not accessible from the outside, but support staff have access to my sensitive information?

I just don’t want anything to happen to my credentials that I have written to the output log in the build. I did this for debugging purposes.

Support stuff will only access your build logs after your explicit permission. Once you submit an issue you can also give extra instructions to our support team.

@jei I would recommend just sharing the whole thing with support and planning on changing the keys once you’ve identified the issue. I’m assuming the keys are single use here.

Or you could create a duplicate pipeline with dummy keys. My guess would be you have a parsing issue after the secret is decrypted. So work backwards, first in the step just try to echo the variables. If they come back correctly then you know it’s something else. If they don’t then work backwards to when you import the keys.

@todaywasawesome No problem. I have created a Support Ticket:

Hopefully we can find the root cause of the issue and rectify it.

Thank you again @Kostis for the assistance on this matter. I really appreciate it :smiley:

Have a great day guys!