@@ -12,11 +12,27 @@ phases:
1212 commands :
1313 - |
1414 if [ ! -z "$INTEGRATION_TEST_ROLE_ARN" ]; then
15- ASSUME_ROLE_OUTPUT=`aws sts assume-role --role-arn "$INTEGRATION_TEST_ROLE_ARN" --role-session-name "integration-tests" --duration-seconds 7200 --query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]' --output text`
16- AWS_ACCESS_KEY_ID=`echo $ASSUME_ROLE_OUTPUT | awk '{ print $1 }'`
17- AWS_SECRET_ACCESS_KEY=`echo $ASSUME_ROLE_OUTPUT | awk '{ print $2 }'`
18- AWS_SESSION_TOKEN=`echo $ASSUME_ROLE_OUTPUT | awk '{ print $3 }'`
19- echo "Using role $INTEGRATION_TEST_ROLE_ARN with access key $AWS_ACCESS_KEY_ID."
15+ echo "Attempting to assume role: $INTEGRATION_TEST_ROLE_ARN"
16+
17+ if ! ASSUME_ROLE_OUTPUT=$(aws sts assume-role --role-arn "$INTEGRATION_TEST_ROLE_ARN" --role-session-name "integration-tests" --duration-seconds 3600 --query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]' --output text 2>&1); then
18+ echo "Failed to assume role: $ASSUME_ROLE_OUTPUT"
19+ exit 1
20+ fi
21+
22+ export AWS_ACCESS_KEY_ID=$(echo $ASSUME_ROLE_OUTPUT | awk '{ print $1 }')
23+ export AWS_SECRET_ACCESS_KEY=$(echo $ASSUME_ROLE_OUTPUT | awk '{ print $2 }')
24+ export AWS_SESSION_TOKEN=$(echo $ASSUME_ROLE_OUTPUT | awk '{ print $3 }')
25+
26+ if [ -z "$AWS_ACCESS_KEY_ID" ] || [ -z "$AWS_SECRET_ACCESS_KEY" ] || [ -z "$AWS_SESSION_TOKEN" ]; then
27+ echo "Failed to parse credentials from assume role output"
28+ exit 1
29+ fi
30+
31+ echo "Current identity after assume role:"
32+ aws sts get-caller-identity
33+ echo "Using role $INTEGRATION_TEST_ROLE_ARN with access key $AWS_ACCESS_KEY_ID"
34+ else
35+ echo "INTEGRATION_TEST_ROLE_ARN not set, using default credentials"
2036 fi
2137mvn clean install -Dskip.unit.tests -P integration-tests -Dfindbugs.skip -Dcheckstyle.skip -T1C $MAVEN_OPTIONS
2238 - JAVA_VERSION=$(java -version 2>&1 | grep -i version | cut -d'"' -f2 | cut -d'.' -f1-1)
0 commit comments