Travis CI Build Failed (Numerous Times) Amazon Web Services

I’ve had Travis CI setup for CI/CD for my companies current Angular Project. I have been using this seamlessly for about 2 months now. Having no trouble, whatsoever, but 2 days ago my builds are continuously failing and I’m not able to figure out the exact cause from just the build log output.

I’ve changed absolutely nothing that should cause this error. I’ve just made some TypeScript and HTML changes (that have checked out locally) and I haven’t installed any new packages or changed anything on AWS (S3, buckets, etc.)

Here’s my build log if it helps at all

Deploying application
uploading "04.0284d042a6c29213aaa1.png" with {:content_type=>"image/png", :acl=>"public-read"}
uploading "Roboto-Bold.dc81817def276b4f2139.woff" with {:content_type=>"font/woff", :acl=>"public-read"}
uploading "arrow_left.270f72df47e036d9cfa1.svg" with {:content_type=>"image/svg+xml", :acl=>"public-read"}
uploading "fa-solid-900.1709a2810c3752483683.ttf" with {:content_type=>"font/ttf", :acl=>"public-read"}
uploading "Roboto-Regular.2751ee43015f9884c364.woff2" with {:content_type=>"font/woff2", :acl=>"public-read"}
/home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/plugins/raise_response_errors.rb:15:in `call': The request signature we calculated does not match the signature you provided. Check your key and signing method. (Aws::S3::Errors::SignatureDoesNotMatch)
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_sse_cpk.rb:19:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_dualstack.rb:24:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/s3_accelerate.rb:34:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:20:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/idempotency_token.rb:18:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/aws-sdk-core/plugins/param_converter.rb:20:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/plugins/response_target.rb:21:in `call'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/request.rb:70:in `send_request'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-core-2.11.394/lib/seahorse/client/base.rb:207:in `block (2 levels) in define_operation_methods'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:42:in `block in put_object'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:49:in `open_file'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:41:in `put_object'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/file_uploader.rb:34:in `upload'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/aws-sdk-resources-2.11.394/lib/aws-sdk-resources/services/s3/object.rb:252:in `upload_file'
    from /home/travis/.rvm/gems/ruby-2.4.5/gems/dpl-s3-1.10.13/lib/dpl/provider/s3.rb:114:in `block (2 levels) in upload_multithreaded'
failed to deploy

Hey @Eclipse,

If you’re dealing with AWS you most likely have an AWS_SECRET_ACCESS_KEY value, this can be assigned to a key value pair as well, which is encrypted for some builds, and some YAML configs in the deploy section should look like this:

 access_key_id: $AWS_ACCESS_KEY_ID
    secret_access_key:
      secure: $AWS_SECRET_ACCESS_KEY

Try changing the SAK or the secret_access_key to read like this:

access_key_id: $AWS_ACCESS_KEY_ID
secret_access_key: $AWS_SECRET_ACCESS_KEY

That should solve your issue in AWS, I’ve seen this before when dealing with Route 53 deployments. Let me know how this fix treats you. I’ll be here if you need more help.

-Montana (Travis CI Staff)

3 Likes

Thank you @Montana! That fixed it!

1 Like

No problem, if you have anymore questions, please feel free to come back and I will personally help you. I hope you have a wonderful day.

-Montana

Hey, thanks for the answer, that actually solved my issue too.

I have a bone to pick though, regarding the docs. In the deploy section, more specifically in the Elastic Beanstalk part, the docs have this:

deploy:
  provider: elasticbeanstalk
  access_key_id:
    secure: "Encrypted <access-key-id>="
  secret_access_key:
    secure: "Encypted <secret-access-key>="
  region: "us-east-1"
  app: "example-app-name"
  env: "example-app-environment"
  bucket_name: "the-target-S3-bucket"

So I tried

  access_key_id:
    secure: "$AWS_ACCESS_KEY_ID"
  secret_access_key:
    secure: "$AWS_SECRET_ACCESS_KEY"

But what ended up working was this:

  access_key_id: $AWS_ACCESS_KEY_ID
  secret_access_key: $AWS_SECRET_ACCESS_KEY

I’m just getting started with AWS and CI/CD, so it’s a little confusing that the official documentation doesn’t reflect all the possible scenarios for this particular subject.

Best,
Rodrigo.

This looks like you’re now having these values literally in the .travis.yml file. The doc snippet you quote specifically says “encrypted”, which is what the secure is for. See https://docs.travis-ci.com/user/environment-variables/#defining-encrypted-variables-in-travisyml for some more details on encryption of environment variables.

Actually I followed the steps in the docs for it, the values are stashed as private environment keys.

Here is the history of my .travis.yml file:

access_key_id:
  secure: "$AWS_ACCESS_KEY_ID"
secret_access_key:
  secure: "$AWS_SECRET_ACCESS_KEY"

Didn’t work. Tried this:

access_key_id:
  secure: "Encrypted $AWS_ACCESS_KEY_ID"
secret_access_key:
  secure: "Encrypted $AWS_SECRET_ACCESS_KEY"

Didn’t worked. Then landed in this thread and this actually worked:

access_key_id: $AWS_ACCESS_KEY_ID
secret_access_key: $AWS_SECRET_ACCESS_KEY

Here is the image of the settings on travis:

Anyway, the positive thing is that it actually worked!! :grinning: This is the actual build:

https://travis-ci.com/github/rhernandog/docker-frontend-flow-1/builds/163143943

Now I have an issue in Elastic Beanstalk actually, but the .zip file was deployed and is sitting in the S3 bucket.

1 Like

Hey @rhernando,

Glad I could help you as well! If you need anymore help with this subject please let me know and I’ll gladly help.

1 Like
Imprint