aws-sam-cli
aws-sam-cli copied to clipboard
Published
20 hours ago •
aws
aws
Bug: sam build --container-env-var is not working
Description:
sam build --parameter-overrides --use-container --container-env-var GITHUB_TOKEN="pat-token" --debug
FROM public.ecr.aws/lambda/nodejs:20
# Declare GITHUB_TOKEN as a build argument
ARG GITHUB_TOKEN
# Create .npmrc file inside the Docker image
RUN echo "@abc:registry=https://npm.pkg.github.com/" > ${LAMBDA_TASK_ROOT}/.npmrc && \
echo "//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}" >> ${LAMBDA_TASK_ROOT}/.npmrc
# Optional: Echo the token to verify its presence (remove in production)
RUN echo "GITHUB_TOKEN is set to: ${GITHUB_TOKEN}"
# Set the GITHUB_TOKEN environment variable inside the Docker image
ENV GITHUB_TOKEN=${GITHUB_TOKEN}
# Copy all the files to lambda task root.
COPY . ${LAMBDA_TASK_ROOT}
# Install all the required package.
RUN npm install
# Set the CMD to your handler.
CMD [ "index.handler" ]
When i run docker inspect imgae_id, GITHUB_TOKEN value is empty.
Steps to reproduce:
sam build --use-container --container-env-var GITHUB_TOKEN="pat-token" --debug
Observed result:
i] Setting the Enviromnet variables to prepare for sam deployment!
[i] Building the Image
2024-08-16 14:35:51,852 | Config file location: /Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/samconfig.toml
2024-08-16 14:35:51,854 | Loading configuration values from [default.['build'].parameters] (env.command_name.section) in config file at
'/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/samconfig.toml'...
2024-08-16 14:35:51,855 | Configuration values successfully loaded.
2024-08-16 14:35:51,855 | Configuration values are: {'cached': True, 'parallel': True}
2024-08-16 14:35:51,860 | Using SAM Template at /Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/template.yaml
2024-08-16 14:35:51,884 | Using config file: samconfig.toml, config environment: default
2024-08-16 14:35:51,885 | Expand command line arguments to:
2024-08-16 14:35:51,885 | --template_file=/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/template.yaml --use_container
--parameter_overrides={'accountName': 'prototype', 'dynamoAccount': '988857891049', 'dynamoKey': 'prototype.all.secrets', 'dynamoDbTableName': 'test-table', 'dynamoRole': 'test-dynamodb-role',
'FunctionName': 'deployinator-v2-update-secrets-list', 'DockerContextPath': '../../src/deployinator-v2-update-secrets-list', 'LambdaArchitecture': 'x86_64', 'LambdaTimeout': '60', 'LambdaMemorySize': '160',
'LambdaDescription': 'This is a lambda that updates a dynamo table when aws secrets are created or deleted.'} --container_env_var=('GITHUB_TOKEN=pat-token',) --parallel --mount_with=READ
--build_dir=.aws-sam/build --cache_dir=.aws-sam/cache --cached
2024-08-16 14:35:51,924 | 'build' command is called
2024-08-16 14:35:51,925 | Starting Build use cache
2024-08-16 14:35:51,925 | Starting Build inside a container
2024-08-16 14:35:51,930 | Collected default values for parameters: {}
2024-08-16 14:35:51,945 | There is no customer defined id or cdk path defined for resource DeployinatorV2UpdateSecretsList, so we will use the resource logical id as the resource id
2024-08-16 14:35:51,946 | 0 stacks found in the template
2024-08-16 14:35:51,946 | Collected default values for parameters: {}
2024-08-16 14:35:51,959 | There is no customer defined id or cdk path defined for resource DeployinatorV2UpdateSecretsList, so we will use the resource logical id as the resource id
2024-08-16 14:35:51,960 | 1 resources found in the stack
2024-08-16 14:35:51,960 | Found Serverless function with name='DeployinatorV2UpdateSecretsList' and ImageUri='None'
2024-08-16 14:35:51,961 | --base-dir is not presented, adjusting uri ../../src/deployinator-v2-update-secrets-list relative to
/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/template.yaml
2024-08-16 14:35:51,961 | --base-dir is not presented, adjusting uri . relative to
/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/template.yaml
2024-08-16 14:35:51,967 | 1 resources found in the stack
2024-08-16 14:35:51,967 | Found Serverless function with name='DeployinatorV2UpdateSecretsList' and ImageUri='None'
2024-08-16 14:35:51,968 | Error occurred while trying to track an event: Event 'BuildFunctionRuntime' does not accept value 'None'.
2024-08-16 14:35:51,969 | Instantiating build definitions
2024-08-16 14:35:51,971 | Unique function build definition found, adding as new (Function Build Definition: BuildDefinition(None,
/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list, Image, , 22a6518b-38c4-4441-ae4f-f705c8600240, {'Dockerfile': 'Dockerfile',
'DockerContext': '/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/src/deployinator-v2-update-secrets-list'}, {'GITHUB_TOKEN': 'pat-token'}, x86_64, []), Function:
Function(function_id='DeployinatorV2UpdateSecretsList', name='DeployinatorV2UpdateSecretsList', functionname='deployinator-v2-update-secrets-list', runtime=None, memory='160', timeout='60', handler=None,
imageuri=None, packagetype='Image', imageconfig=None, codeuri='/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list',
environment={'Variables': {'AWS_RETRY_MODE': 'standard', 'AWS_MAX_ATTEMPTS': 1, 'accountName': 'prototype', 'dynamoAccount': '988857891049', 'dynamoKey': 'prototype.all.secrets', 'dynamoRole':
'test-dynamodb-role', 'dynamoDbTableName': 'test-table', 'awsRegion': 'awsRegion'}}, rolearn='LambdaRole', layers=[], events=None, metadata={'Dockerfile': 'Dockerfile', 'DockerContext':
'/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/src/deployinator-v2-update-secrets-list', 'SamResourceId': 'DeployinatorV2UpdateSecretsList'}, inlinecode=None,
codesign_config_arn=None, architectures=['x86_64'], function_url_config=None, function_build_info=<FunctionBuildInfo.BuildableImage: ('BuildableImage', 'Regular IMAGE function which can be build with SAM
CLI')>, stack_path='', runtime_management_config=None, logging_config=None))
2024-08-16 14:35:51,976 | Async execution started
2024-08-16 14:35:51,976 | Invoking function functools.partial(<bound method ParallelBuildStrategy.build_single_function_definition of <samcli.lib.build.build_strategy.ParallelBuildStrategy object at
0x113766490>>, <samcli.lib.build.build_graph.FunctionBuildDefinition object at 0x1137861f0>)
2024-08-16 14:35:51,977 | Running incremental build for runtime None for following resources (DeployinatorV2UpdateSecretsList)
2024-08-16 14:35:51,978 | Waiting for async results
2024-08-16 14:35:51,978 | Building codeuri: /Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list runtime: None metadata: {'Dockerfile':
'Dockerfile', 'DockerContext': '/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/src/deployinator-v2-update-secrets-list'} architecture: x86_64 functions:
DeployinatorV2UpdateSecretsList
2024-08-16 14:35:51,979 | Building to following folder
/Users/satishtripathi/Documents/glg-work/deployinator-infrastructure-lambdas/deployment/deployinator-v2-update-secrets-list/.aws-sam/build/DeployinatorV2UpdateSecretsList
2024-08-16 14:35:51,979 | Building image for DeployinatorV2UpdateSecretsList function
2024-08-16 14:35:51,987 | Setting DockerBuildArgs: {} for DeployinatorV2UpdateSecretsList function
2024-08-16 14:36:06,723 | Failed building function DeployinatorV2UpdateSecretsList
2024-08-16 14:36:06,725 | Exception raised during the execution
2024-08-16 14:36:06,727 | Telemetry endpoint configured to be https://aws-serverless-tools-telemetry.us-west-2.amazonaws.com/metrics
2024-08-16 14:36:06,792 | Telemetry endpoint configured to be https://aws-serverless-tools-telemetry.us-west-2.amazonaws.com/metrics
2024-08-16 14:36:06,793 | Sending Telemetry: {'metrics': [{'commandRun': {'requestId': 'e91a1bdc-0c9b-4d62-9394-b7545a352ba6', 'installationId': '76c9ff6c-fe20-48dc-aa2b-3cc973aacdeb', 'sessionId':
'cac9896c-53ee-43dd-92f5-5c64ef43a9da', 'executionEnvironment': 'CLI', 'ci': False, 'pyversion': '3.8.13', 'samcliVersion': '1.121.0', 'awsProfileProvided': False, 'debugFlagProvided': True, 'region': '',
'commandName': 'sam build', 'metricSpecificAttributes': {'projectType': 'CFN', 'gitOrigin': None, 'projectName': 'e48f535bcd42a7aed89fa103f014ceea7f249c08fa3582698af3d3b9fdca7bb4', 'initialCommit': None},
'duration': 14842, 'exitReason': 'DockerBuildFailed', 'exitCode': 1}}]}
2024-08-16 14:36:06,793 | Unable to find Click Context for getting session_id.
2024-08-16 14:36:06,797 | Sending Telemetry: {'metrics': [{'events': {'requestId': 'b8683d66-4a86-4b59-ad5c-a5d032061ba9', 'installationId': '76c9ff6c-fe20-48dc-aa2b-3cc973aacdeb', 'sessionId':
'cac9896c-53ee-43dd-92f5-5c64ef43a9da', 'executionEnvironment': 'CLI', 'ci': False, 'pyversion': '3.8.13', 'samcliVersion': '1.121.0', 'commandName': 'sam build', 'metricSpecificAttributes': {'events':
[{'event_name': 'SamConfigFileExtension', 'event_value': '.toml', 'thread_id': 'c6b45c12931e401dbbd8fc12c680849a', 'time_stamp': '2024-08-16 09:05:51.852', 'exception_name': None}, {'event_name':
'SamConfigFileExtension', 'event_value': '.toml', 'thread_id': '176d2a3258ed4131b673483270e8b3ad', 'time_stamp': '2024-08-16 09:05:51.884', 'exception_name': None}]}}}]}
2024-08-16 14:36:07,474 | HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1)
Error: The command '/bin/sh -c npm install' returned a non-zero code: 1
2024-08-16 14:36:07,475 | HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1)
make: *** [local-with-event] Error 1
Expected result:
docker inspect should show the value of GITHUB_TOKEN but it's blank. "GITHUB_TOKEN="
Additional environment details (Ex: Windows, Mac, Amazon Linux etc)
- OS:
-
sam --version: - AWS region:
# Paste the output of `sam --info` here
{ "version": "1.121.0", "system": { "python": "3.8.13", "os": "macOS-14.5-arm64-arm-64bit" }, "additional_dependencies": { "docker_engine": "20.10.21", "aws_cdk": "Not available", "terraform": "1.5.6" }, "available_beta_feature_env_vars": [ "SAM_CLI_BETA_FEATURES", "SAM_CLI_BETA_BUILD_PERFORMANCE", "SAM_CLI_BETA_TERRAFORM_SUPPORT", "SAM_CLI_BETA_RUST_CARGO_LAMBDA" ] }
`Add --debug flag to command you are running`
