I am running a DB job using Maven liquibase plugin on circle ci. I need to read the parameters like username,password, dburl etc from AWS Parameter store.But when I try to set the value returned by aws cli to a custom variable, its always blank/empty. I know the value exists because the same command on mac terminal returns a value.
I am using a Bash script to install AWS CLI with circle ci job.When I echo the password with in the .sh file I see the value but when I echo it on my config.yml I see blank empty value. I also try to get the value using aws ssm with the config.yml file but even there the value is blank empty.
My Config.yml
version: 2
references:
defaults: &defaults
working_directory: ~/tmp
environment:
PROJECT_NAME: DB Job
build-filters: &filters
filters:
tags:
only: /^v[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-(dev)/
branches:
ignore: /.*/
jobs:
checkout-code:
<<: *defaults
docker:
- image: circleci/openjdk:8-jdk-node
steps:
- attach_workspace:
at: ~/tmp
- checkout
- restore_cache:
key: cache-{{ checksum "pom.xml" }}
- save_cache:
paths:
- ~/.m2
key: cache-{{ checksum "pom.xml" }}
- persist_to_workspace:
root: ~/tmp
paths: ./
build-app:
<<: *defaults
docker:
- image: circleci/openjdk:8-jdk-node
steps:
- attach_workspace:
at: ~/tmp
- restore_cache:
key: cache-{{ checksum "pom.xml" }}
- run: chmod 700 resources/circleci/*.sh
- run:
name: Getting DB password
command: resources/circleci/env-setup.sh
- run: echo 'export ENV="$(echo $CIRCLE_TAG | cut -d '-' -f 2)"' >> $BASH_ENV
- run: echo $ENV
- run: echo $dbPasswordDev
- run: export PASS=$(aws ssm get-parameters --names "/enterprise/org/dev/spring.datasource.password" --with-decryption --query "Parameters[0].Value" | tr -d '"') >> $BASH_ENV
- run: echo $PASS
- run: mvn resources:resources liquibase:update -P$ENV,pre-release
workflows:
version: 2
build-deploy:
jobs:
- checkout-code:
<<: *filters
- build-app:
requires:
- checkout-code
<<: *filters
env-setup.sh
sudo apt-get update
sudo apt-get install -y python-pip python-dev
sudo pip install awscli
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
aws configure set aws_region $AWS_DEFAULT_REGION
dbPassword=`aws ssm get-parameters --names "/enterprise/org/dev/spring.datasource.password" --with-decryption --query "Parameters[0].Value" | tr -d '"' `
echo "dbPassword = ${dbPassword}"
export dbPasswordDev=$dbPassword >> $BASH_ENV
echo $"Custom = $dbPasswordDev"
When I echo $dbPasswordDev with in env-set.sh I see the value however in config.yml I don't see the value and I see blank/empty string. Also when I try to echo $PASS with in config.yml I expect to see the value however I see blank empty string
According to their official documentation, you need to echo the "export foo=bar" into $BASH_ENV (which is just a file that runs when the a bash session starts):
so in your env-setup.sh file:
echo "export dbPasswordDev=$dbPassword" >> $BASH_ENV