The easiest solution is to request another security key pair from Amazon until you get one that does not include a plus sign. You can have multiple keys for the same account and one extra key/pair is a small price to pay if you want to copy build artifacts to an S3 bucket.
On Saturday, April 21, 2012 1:06:19 AM UTC-4, Grant wrote: > > I've been experimenting with the Amazon S3 Publisher plugin in Jenkins > 1.460 in preparation for starting to use S3 for artifact storage & program > distribution at work. I kept getting errors with the S3 plugin, however, > stating "Can't connect to S3 service: The request signature we calculated > does not match the signature you provided. Check your key and signing > method." > > The Access & Secret Keys were correct and being stored correctly in the > hudson.plugins.s3.S3BucketPublisher.xml configuration file. I added some > logging to the plugin to discover that in > S3BucketPublisher.DescriptorImpl.doLoginCheck(), the "secretKey" element of > the StaplerRequest parameter was being returned incorrectly. There's a "+" > character in the secret key. The plus was being turn into a space (" "), > thus the plugin is unable to connect to S3. > > Here is the line of code that the error manifests itself in: > https://github.com/glimberg/s3-plugin/blob/master/src/main/java/hudson/plugins/s3/S3BucketPublisher.java#L184 > > The issue first appears with Jenkins & the S3 Publisher plugin in Jenkins > 1.455 and continues through 1.460. Versions 1.454 and prior behave as > expected. The "+" in the secret key is retained and connection to S3 is > possible. Nothing has changed in the S3 plugin in that time period, so the > issue must be somewhere inside Jenkins itself. Unfortunately, I'm rather > unfamiliar with the Jenkins architecture and plugin architecture an am > unable to trace the issue further down the chain than that. > > To recreate the issue: > > 1) get the S3 plugin (https://github.com/jenkinsci/s3-plugin) > 2) set the jenkins version on line 6 of pom.xml to 1.455 or greater. > 3) in "Configure System", add an S3 profile. Valid or not does not matter. > Make sure there's a "+" in the secret key or the access key field. > 4) Set a breakpoint, or print out the value of > req.getParameter("secretKey") in > S3BucketPublisher.DescriptorImpl.doLoginCheck(). See that the "+" has been > turned into a " ". > > The strange thing is that if you look in the actual form fields secretKey > or accessKey, the + will be in there correctly. Somehow it's not getting to > the actual plugin code as a +, though. > > Workarounds: > > None known at this time. > > I attempted to replace the + with its URLEncoded form "%2B" in the > configuration file, but "%2B" comes through instead of being decoded into a > +. > > The only hack I have to get it working for us at the office for the time > being is to replace all instances of " " in the secretKey with "+". Not a > good solution. > > I've added this issue to the bug tracker: > https://issues.jenkins-ci.org/browse/JENKINS-13531 > > Hoping it will get a little more visibility here. > > Grant Limberg > glim...@gmail.com <javascript:> > > > >