Skip to content

Instantly share code, notes, and snippets.

@chainhead

chainhead/0-intro.md

Last active September 24, 2020 14:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save chainhead/d21a43c6971957c51cb14cb31261d68a to your computer and use it in GitHub Desktop.
Save chainhead/d21a43c6971957c51cb14cb31261d68a to your computer and use it in GitHub Desktop.
Download ZIP
Getting git credentials from AWS Systems Manager
Raw
0-intro.md

Introduction

This is a short description of how to get git credentials in an EC2 instance set-up for CI/CD scripts. In the following scripts, we do the following:

  • Install the AWS CLI. See here for description of steps on Linux.
  • Install jq to parse the JSON output from CLI.
  • Run the aws CLI for ssm (AWS Systems Manager) to extract parameter values for git user.
  • Set the git user name globally.
  • Set the name of the script in GIT_ASKPASS that will return the git password.

To use the script, first, add the following parameters in AWS Systems Manager. Then, set CREDS_SCRIPT to a location where git-pass.sh can be reached. Run git-creds.sh.

Parameter name Value
GIT_USER Git user name
GIT_PASSWORD Git password
Raw
git-creds.sh
#!/bin/bash
## Install unzip, jq and build tools
sudo apt-get update
sudo apt-get install -y unzip jq
## Install AWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
## Get git user
GIT_USER=`aws ssm get-parameter --with-decryption --name GIT_USER | jq -r .Parameter.Value`
## Set git configuration
git config --global credential.https://github.com.username ${GIT_USER}
export GIT_ASKPASS=${CREDS_SCRIPT}/git-pass.sh
Raw
git-pass.sh
#!/bin/bash
GIT_PASS=`aws ssm get-parameter --with-decryption --name GIT_PASSWORD | jq -r .Parameter.Value`
echo ${GIT_PASS}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment