Message ID | 20231120135933.129426-1-felix.moessbauer@siemens.com |
---|---|
State | Accepted, archived |
Commit | c534526ea73805ee7cc16f3168b05ece10e0c03c |
Headers | show |
Series | [1/1] fetch2/aws: forward env-vars used in gitlab-ci K8s | expand |
diff --git a/lib/bb/fetch2/__init__.py b/lib/bb/fetch2/__init__.py index 35e9ca96..22a2f801 100644 --- a/lib/bb/fetch2/__init__.py +++ b/lib/bb/fetch2/__init__.py @@ -872,6 +872,8 @@ FETCH_EXPORT_VARS = ['HOME', 'PATH', 'AWS_PROFILE', 'AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', + 'AWS_ROLE_ARN', + 'AWS_WEB_IDENTITY_TOKEN_FILE', 'AWS_DEFAULT_REGION', 'GIT_CACHE_PATH', 'REMOTE_CONTAINERS_IPC',
This patch adds the following variables to the allow-list, which are used in the "IAM roles for AWS when using the GitLab chart": - AWS_ROLE_ARN - AWS_WEB_IDENTITY_TOKEN_FILE These variables are set in the CI job environment and are needed to access the sstate cache artifacts in a connected S3 bucket. [1] https://docs.gitlab.com/charts/advanced/external-object-storage/aws-iam-roles.html Reported-by: Zhi Bin Dong <zhibin.dong@siemens.com> Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com> --- lib/bb/fetch2/__init__.py | 2 ++ 1 file changed, 2 insertions(+)