R
Railway13mo ago
nova

Is there any way to have access to AWS cli within railway?

We have some self hosted Python packages in AWS and part of the build process is to retrieve a token from AWS, which will then be used to install our private packages. We use the AWS cli for this - is there any way in which we can access the AWS cli within railway?
6 Replies
Percy
Percy13mo ago
Project ID: N/A
Brody
Brody13mo ago
I like to think I know railway quite well, but I don't know about this aws cli, so please tell me more about the aws cli so I can try to help you integrate it into the build process. how would you authentication the aws cli normally?
nova
novaOP13mo ago
Sorry, I mis-worded that. I actually don't know if the AWS cli is installed on railway the same way something like Python may be. You typically won't have AWS cli installed on your local machine and you'd need to download it like this. Then, you'd have to authenticate with the AWS cli using the aws configure command and then pass it your aws access key id and aws secret key id.
No description
Brody
Brody13mo ago
oh yeah I'm not worried about being able to install the aws cli onto a railway deployment, I'm looking to find out from you if the cli offers a headless authentication method headless meaning, you could pass in maybe a key and secret into the cli via arguments
nova
novaOP13mo ago
What I ended up doing was configuring a custom railway.toml for the build. For the build command I had it run a custom shell script called railway_setup.sh. This shell script included the running of a python script using the aws boto3 client to retrieve the credentials.
railway.toml 
[build]
builder = "nixpacks"
buildCommand = "chmod +x railway_setup.sh && ./railway_setup.sh"

[deploy]
startCommand = "python -m src.api.uvicorn_run --host 0.0.0.0 --port $PORT"
[build]
builder = "nixpacks"
buildCommand = "chmod +x railway_setup.sh && ./railway_setup.sh"

[deploy]
startCommand = "python -m src.api.uvicorn_run --host 0.0.0.0 --port $PORT"
boto3 can automatically make use of AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env to authenticate, so there is no need to use the aws client
railway_setup.sh 
#!/bin/bash

# Install dependencies from requirements.txt
pip install -r requirements.txt

# Run export_codeartifact.py and capture the output
export CODEARTIFACT_AUTH_TOKEN=$(python export_codeartifact.py)

# Check if the token was retrieved successfully
if [ -z "$CODEARTIFACT_AUTH_TOKEN" ]; then
    echo "Failed to retrieve AWS CodeArtifact authorization token."
    exit 1
fi

# Use the token to install a package from the CodeArtifact repository
pip install <our private package hosted in aws>
#!/bin/bash

# Install dependencies from requirements.txt
pip install -r requirements.txt

# Run export_codeartifact.py and capture the output
export CODEARTIFACT_AUTH_TOKEN=$(python export_codeartifact.py)

# Check if the token was retrieved successfully
if [ -z "$CODEARTIFACT_AUTH_TOKEN" ]; then
    echo "Failed to retrieve AWS CodeArtifact authorization token."
    exit 1
fi

# Use the token to install a package from the CodeArtifact repository
pip install <our private package hosted in aws>
export_code_artifact.py 
import boto3
import os

AWS_ACCESS_KEY_ID = os.getenv('AWS_ACCESS_KEY_ID')
AWS_SECRET_ACCESS_KEY = os.getenv('AWS_SECRET_ACCESS_KEY')

if (AWS_ACCESS_KEY_ID is None) or (AWS_SECRET_ACCESS_KEY is None):
    raise Exception('AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY not found in environment variables.')

# Create a CodeArtifact client
client = boto3.client('codeartifact', region_name='eu-west-2')

# Get the authorization token
response = client.get_authorization_token(
    domain='<our domain>',
    domainOwner='<our domain owner>'
)

# Extract the authorization token from the response
auth_token = response['authorizationToken']

# Set the token as an environment variable
print(auth_token)
import boto3
import os

AWS_ACCESS_KEY_ID = os.getenv('AWS_ACCESS_KEY_ID')
AWS_SECRET_ACCESS_KEY = os.getenv('AWS_SECRET_ACCESS_KEY')

if (AWS_ACCESS_KEY_ID is None) or (AWS_SECRET_ACCESS_KEY is None):
    raise Exception('AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY not found in environment variables.')

# Create a CodeArtifact client
client = boto3.client('codeartifact', region_name='eu-west-2')

# Get the authorization token
response = client.get_authorization_token(
    domain='<our domain>',
    domainOwner='<our domain owner>'
)

# Extract the authorization token from the response
auth_token = response['authorizationToken']

# Set the token as an environment variable
print(auth_token)
However, I am now getting the following error: 
1/1 replicas never became healthy!

Healthcheck failed!
1/1 replicas never became healthy!

Healthcheck failed!
Brody
Brody13mo ago
what do you have in your deployment logs?
Want results from more Discord servers?
Add your server