Travis CI Build Failed (Numerous Times) Amazon Web Services

Eclipse · February 28, 2020, 6:35am

I’ve had Travis CI setup for CI/CD for my companies current Angular Project. I have been using this seamlessly for about 2 months now. Having no trouble, whatsoever, but 2 days ago my builds are continuously failing and I’m not able to figure out the exact cause from just the build log output.

I’ve changed absolutely nothing that should cause this error. I’ve just made some TypeScript and HTML changes (that have checked out locally) and I haven’t installed any new packages or changed anything on AWS (S3, buckets, etc.)

Here’s my build log if it helps at all

Deploying application
uploading "04.0284d042a6c29213aaa1.png" with {:content_type=>"image/png", :acl=>"public-read"}
uploading "Roboto-Bold.dc81817def276b4f2139.woff" with {:content_type=>"font/woff", :acl=>"public-read"}
uploading "arrow_left.270f72df47e036d9cfa1.svg" with {:content_type=>"image/svg+xml", :acl=>"public-read"}
uploading "fa-solid-900.1709a2810c3752483683.ttf" with {:content_type=>"font/ttf", :acl=>"public-read"}
uploading "Roboto-Regular.2751ee43015f9884c364.woff2" with {:content_type=>"font/woff2", :acl=>"public-read"}
/home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/plugins/raise_response_errors.rb:15:in `call': The request signature we calculated does not match the signature you provided. Check your key and signing method. (Aws::S3::Errors::SignatureDoesNotMatch)
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_sse_cpk.rb:19:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_dualstack.rb:24:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_accelerate.rb:34:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:20:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/idempotency_token.rb:18:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/param_converter.rb:20:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/plugins/response_target.rb:21:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/request.rb:70:in `send_request'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/base.rb:207:in `block (2 levels) in define_operation_methods'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:42:in `block in put_object'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:49:in `open_file'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:41:in `put_object'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:34:in `upload'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/object.rb:252:in `upload_file'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/dpl-s3-1.10.13/lib/dpl/provider/s3.rb:114:in `block (2 levels) in upload_multithreaded'
failed to deploy

Montana · February 28, 2020, 6:43am

Hey @Eclipse,

If you’re dealing with AWS you most likely have an AWS_SECRET_ACCESS_KEY value, this can be assigned to a key value pair as well, which is encrypted for some builds, and some YAML configs in the deploy section should look like this:

 access_key_id: $AWS_ACCESS_KEY_ID
    secret_access_key:
      secure: $AWS_SECRET_ACCESS_KEY

Try changing the SAK or the secret_access_key to read like this:

access_key_id: $AWS_ACCESS_KEY_ID
secret_access_key: $AWS_SECRET_ACCESS_KEY

That should solve your issue in AWS, I’ve seen this before when dealing with Route 53 deployments. Let me know how this fix treats you. I’ll be here if you need more help.

-Montana (Travis CI Staff)

Eclipse · February 28, 2020, 7:00am

Thank you @Montana! That fixed it!

Montana · February 28, 2020, 7:10am

No problem, if you have anymore questions, please feel free to come back and I will personally help you. I hope you have a wonderful day.

-Montana

rhernando · May 1, 2020, 6:05am

Hey, thanks for the answer, that actually solved my issue too.

I have a bone to pick though, regarding the docs. In the deploy section, more specifically in the Elastic Beanstalk part, the docs have this:

deploy:
  provider: elasticbeanstalk
  access_key_id:
    secure: "Encrypted <access-key-id>="
  secret_access_key:
    secure: "Encypted <secret-access-key>="
  region: "us-east-1"
  app: "example-app-name"
  env: "example-app-environment"
  bucket_name: "the-target-S3-bucket"

So I tried

  access_key_id:
    secure: "$AWS_ACCESS_KEY_ID"
  secret_access_key:
    secure: "$AWS_SECRET_ACCESS_KEY"

But what ended up working was this:

  access_key_id: $AWS_ACCESS_KEY_ID
  secret_access_key: $AWS_SECRET_ACCESS_KEY

I’m just getting started with AWS and CI/CD, so it’s a little confusing that the official documentation doesn’t reflect all the possible scenarios for this particular subject.

Best,
Rodrigo.

ankon · May 1, 2020, 12:18pm

This looks like you’re now having these values literally in the .travis.yml file. The doc snippet you quote specifically says “encrypted”, which is what the secure is for. See Environment Variables - Travis CI for some more details on encryption of environment variables.

rhernando · May 1, 2020, 2:57pm

Actually I followed the steps in the docs for it, the values are stashed as private environment keys.

Here is the history of my .travis.yml file:

access_key_id:
  secure: "$AWS_ACCESS_KEY_ID"
secret_access_key:
  secure: "$AWS_SECRET_ACCESS_KEY"

Didn’t work. Tried this:

access_key_id:
  secure: "Encrypted $AWS_ACCESS_KEY_ID"
secret_access_key:
  secure: "Encrypted $AWS_SECRET_ACCESS_KEY"

Didn’t worked. Then landed in this thread and this actually worked:

access_key_id: $AWS_ACCESS_KEY_ID
secret_access_key: $AWS_SECRET_ACCESS_KEY

Here is the image of the settings on travis:

Anyway, the positive thing is that it actually worked!! This is the actual build:

https://travis-ci.com/github/rhernandog/docker-frontend-flow-1/builds/163143943

Now I have an issue in Elastic Beanstalk actually, but the .zip file was deployed and is sitting in the S3 bucket.

Montana · May 22, 2020, 5:32am

Hey @rhernando,

Glad I could help you as well! If you need anymore help with this subject please let me know and I’ll gladly help.

Topic		Replies	Views
Travis CI build failed - (Aws::S3::Errors::SignatureDoesNotMatch) (React + Prisma) Deployment build-env , travis-build	1	675	November 11, 2020
Deploy fails with Aws::S3::Errors::SignatureDoesNotMatch Deployment	3	6953	November 8, 2019
Angular Deployment to AWS S3 via Travis Gem Travis CI Discussions & Feedback	0	719	September 14, 2018
Build Failing General Question Travis CI Discussions & Feedback python , travis-build	2	684	July 14, 2021
Sonarcloud fails to authorize Travis CI Discussions & Feedback	4	1583	November 11, 2019

Travis CI Build Failed (Numerous Times) Amazon Web Services

Related topics