Environment ASK_REFRESH_TOKEN ignored #409
Comments
|
I'm having the exact same problem, trying to setup a CI to deploy my skills using GitHub Actions. name: Alexa
on:
workflow_dispatch:
jobs:
alexa-deploy:
runs-on: [ubuntu-latest]
defaults:
run:
working-directory: alexa-skill
env:
ASK_DEFAULT_PROFILE: "my-skill"
ASK_ACCESS_TOKEN: ${{ secrets.ASK_ACCESS_TOKEN }}
ASK_REFRESH_TOKEN: ${{ secrets.ASK_REFRESH_TOKEN }}
ASK_VENDOR_ID: ${{ secrets.ASK_VENDOR_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: "14"
cache: "npm"
cache-dependency-path: alexa-skill
- run: npm install -g ask-cli
- run: ask deploy --profile my-skillAnd I'm getting the following: Attached the raw log as well - alexa-raw-log.txt Any chance to help with that? Without that working I cannot setup a proper CI flow. |
|
I'm having the same issue. Why is this still broken? |
|
You can use environment variables when using the You can add this profile in your # ask-resources.json
"profiles": {
"__ENVIRONMENT_ASK_PROFILE__": {
"skillMetadata": {
"src": "./skill-package"
},
"code": {
"default": {
"src": "./lambda"
}
},
"skillInfrastructure": {
"userConfig": {
"runtime": "nodejs12.x",
"handler": "index.handler",
"awsRegion": "us-east-1"
},
"type": "@ask-cli/lambda-deployer"
}
}
}For deploying in GitHub actions you can just run:
It's likely the current errors you're receiving is because you are either specifying a profile or the CLI is using the default profile which does not support environment variables. Thus it will attempt to load you config from @DrPsychick Using the environment profile should fix the errors you're encountering with the |
It should be supported according to the docs - see here. It specifically states for all environment variables that
And this seems to be broken. My use case include two different profiles for a single skill (one for a production environment, second for development environment), so using |
|
So, I've tried using the Then I renamed the So the provided solution above by @CamdenFoucht did not work for me as expected. |
|
When using
It won't work unless all are specified I believe. I have tested this on the current CLI version and it works for me. https://github.com/alexa/ask-cli/blob/develop/docs/concepts/CI-CD.md |
|
You're right @CamdenFoucht , when specifying all of them it works and takes the values from the ENV. But still requires the |
|
@DrPsychick Hmm. I'm currently doing it without the cli_config, so it should be possible without it!
|
|
Again - you're right 😉 Thanks for your help with this! |
|
@CamdenFoucht is there a way to support my case? Since I'm using the same code to deploy to two different skills (dev & prod), I can't use the |
|
Hey @galah92 Maybe we could write the config files within the github action itself without needing to use ask config. Then we could use multiple profiles for CI/CD. I added a few steps to your github workflow doing this. name: Alexa
on:
workflow_dispatch:
jobs:
alexa-deploy:
runs-on: [ubuntu-latest]
env:
ASK_DEFAULT_PROFILE: "my-skill"
ASK_ACCESS_TOKEN: ${{ secrets.ASK_ACCESS_TOKEN }}
ASK_REFRESH_TOKEN: ${{ secrets.ASK_REFRESH_TOKEN }}
ASK_VENDOR_ID: ${{ secrets.ASK_VENDOR_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: "14"
- run: |
mkdir ~/.ask
touch ~/.ask/cli_config
jq -n --arg ask_default_profile "$ASK_DEFAULT_PROFILE" --arg ask_access_token "$ASK_ACCESS_TOKEN" --arg ask_refresh_token "$ASK_REFRESH_TOKEN" --arg ask_vendor_id "$ASK_VENDOR_ID" '{"profiles": { "my-skill": {"token": {"access_token": "\($ask_access_token)", "refresh_token": "\($ask_refresh_token)", "token_type": "bearer", "expires_in": 3600, "expires_at": "2020-03-29T05:03:21.994Z"}, "vendor_id": "\($ask_vendor_id)", "aws_profile": "default"}}}' > ~/.ask/cli_config
cat ~/.ask/cli_config
- run: |
mkdir ~/.aws
touch ~/.aws/credentials
echo [default] > ~/.aws/credentials
echo aws_access_key_id="$AWS_ACCESS_KEY_ID" >> ~/.aws/credentials
echo aws_secret_access_key="$AWS_SECRET_ACCESS_KEY" >> ~/.aws/credentials
cat ~/.aws/credentials
- run: npm install -g ask-cli
- run: ask deploy --profile my-skill
Here is some of the outputs from the above steps: the ~/.ask/cli_config file created the ~/.aws/credentials file created Now that the config is created, we can deploy the skill like you want specifying any profile that we configured in the action / that also exists in the
Hope this helps! |
|
I will close this issue since @DrPsychick original issue was solved. @galah92 If you would like to request using a non |
I'm submitting a...
Expected Behavior
I expect that,
ASK_REFRESH_TOKEN,ASK_ACCESS_TOKEN,ASK_VENDOR_IDenvironment variables, if defined, take precedence over the values in thecli_configfile.Current Behavior
cli_configit simply crashescli_configwith invalidaccess_tokenandrefresh_tokenit correctly displays "Token is invalid/expired."askstill uses the values from thecli_configfileSteps to Reproduce (for bugs)
Possible Solution
Check why ENV is not working
cli_configfile, it should be createdYour Environment and Context
The text was updated successfully, but these errors were encountered: