polite-engineer-31217
08/15/2022, 9:45 PMError: Invalid API key
Please check your /home/runner/.config/infracost/credentials.yml file or INFRACOST_API_KEY environment variable.
I replace the API key, thinking I pasted a wrong key or added a whitespace but when I try to debug to see the key
k=$(infracost configure get api_key)
echo ${k: -2}
cat /home/runner/.config/infracost/credentials.yml
du
version: "0.1"
api_key: ***
and du are the correct 2 last chars of my key.
Any idea what could be wrong ?white-airport-8778
INFRACOST_API_KEY
as a repo secret with the key, are you using https://github.com/infracost/actions/#quick-start ? that mentions this in step 2 and you can see how it’s used by the “Setup Infracost” action.polite-engineer-31217
08/15/2022, 10:32 PM- name: Setup Infracost
uses: infracost/actions/setup@v2
# See <https://github.com/infracost/actions/tree/master/setup> for other inputs
# If you can't use this action, see Docker images in <https://infracost.io/cicd>
with:
api-key: ${{ secrets.INFRACOST_API_KEY }}
But this var is just used to configure the cli instead of being used as an env variable
/home/runner/work/_temp/25a24987-d34e-445e-88a8-e429f84786fc/infracost configure set api_key ***
So the setup looks good since my /home/runner/.config/infracost/credentials.yml
contains the correct key and the version.white-airport-8778
INFRACOST_API_KEY
env variable (i.e. you don’t need the credentials.yml file at all).polite-engineer-31217
08/15/2022, 10:45 PMwhite-airport-8778
polite-engineer-31217
08/15/2022, 10:58 PMINFRACOST_API_KEY
?white-airport-8778
INFRACOST_API_KEY
I’m just tweaking this docs page to clarify that 🙂polite-engineer-31217
08/15/2022, 11:01 PMINFRACOST_ENABLE_CLOUD: true
INFRACOST_API_KEY: ${{ secrets.INFRACOST_API_KEY }}
white-airport-8778
polite-engineer-31217
08/15/2022, 11:06 PMwhite-airport-8778
polite-engineer-31217
08/15/2022, 11:08 PMwhite-airport-8778
polite-engineer-31217
08/15/2022, 11:10 PMuses: aws-actions/configure-aws-credentials@v1
white-airport-8778
--sync-usage-file
)polite-engineer-31217
08/15/2022, 11:13 PMwhite-airport-8778
--sync-usage-file
- it’s an advanced feature, don’t worry about it initially 🙂
Thanks for sending that gist - it helps a lot. So you’re using the brand new caching example… we need more community millage on it to get rid of the “broken” feeling…@little-author-61621 will probably love to ping you to see if that made your pipeline faster too. He’s in EU timezone so he’ll ping tmrw 🙂polite-engineer-31217
08/15/2022, 11:18 PMwhite-airport-8778
Configure AWS Credentials
task in the GH action step in your gist?polite-engineer-31217
08/15/2022, 11:32 PMRun infracost breakdown --path=${TF_ROOT} \
infracost breakdown --path=${TF_ROOT} \
--format=json \
--out-file=/tmp/infracost-base.json
shell: /usr/bin/bash -e {0}
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
TF_ROOT: resources/clusters
INFRACOST_ENABLE_CLOUD: false
INFRACOST_GITHUB_ACTION: true
INFRACOST_SKIP_UPDATE_CHECK: true
INFRACOST_VCS_REPOSITORY_URL: <https://github.com/xxx/infragrunt>
INFRACOST_LOG_LEVEL: info
Error: Failed to parse the Terragrunt code using the Terragrunt library:
25 errors occurred:
* Error finding AWS credentials (did you set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables?): NoCredentialProviders: no valid providers in chain. Deprecated.
25 times the same message
white-airport-8778
polite-engineer-31217
08/16/2022, 12:05 AMwith:
path: |
${{ env.TF_ROOT }}/**/.infracost/terraform_modules/**
# !${{ env.TF_ROOT }}/**/.infracost/terraform_modules/**/.git/**
little-author-61621
INFRACOST_LOG_LEVEL: debug
- it might help us see what Terragrunt is doing before it failspolite-engineer-31217
08/16/2022, 12:19 PMlittle-author-61621
polite-engineer-31217
08/16/2022, 1:00 PMiam_role = "arn:aws:iam::${local.aws_account_id}:role/Deployer"
on the parent terragrunt.hcllittle-author-61621
polite-engineer-31217
08/16/2022, 1:20 PMlittle-author-61621
polite-engineer-31217
08/16/2022, 1:22 PMwhite-airport-8778
polite-engineer-31217
08/16/2022, 3:18 PMwhite-airport-8778
polite-engineer-31217
08/16/2022, 3:36 PMwhite-airport-8778
polite-engineer-31217
08/16/2022, 4:17 PMlittle-author-61621
polite-engineer-31217
08/16/2022, 4:46 PMlittle-author-61621
iam_role
from the HCL at the moment anyway, it needs those env variables explicitly set. So this shouldn’t change its behavior.polite-engineer-31217
08/16/2022, 5:14 PMwhite-airport-8778
infracost configure set
command that didn’t work - anyhow, you have it working now so I wouldn’t change it!
Thanks for working through all these issues with us - I really appreciate your help.polite-engineer-31217
08/16/2022, 6:15 PMk=$(infracost configure get api_key)
echo ${k: -2}
cat /home/runner/.config/infracost/credentials.yml
du <-- 2 last chars of my key
version: "0.1"
api_key: ***
white-airport-8778
polite-engineer-31217
08/16/2022, 6:18 PMlittle-author-61621
.env
or .env.local
file with INFRACOST_API_KEY=ico-XXX
?white-airport-8778