fix(ci): revert ci-compat-e2e to AWS access keys#23211
Merged
benesjan merged 2 commits intoMay 12, 2026
Merged
Conversation
Reverts OIDC-based AWS auth in the ci-compat-e2e job back to access key credentials. The OIDC role lacks ec2:RunInstances, so spot/on-demand provisioning fails (hidden until now by continue-on-error on nightly tags). Mirrors c3c1371 which applied the same workaround to ci-release-publish. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
charlielye
approved these changes
May 12, 2026
benesjan
changed the title
benesjan
added
the
ci-compat-e2e
2 tasks
AztecBot
added a commit
that referenced
this pull request
May 13, 2026
BEGIN_COMMIT_OVERRIDE chore: kv store test fully on vitest (#23096) chore: backport kv-store vitest migration (#23096) to v4-next (#23185) test: add noir tests for get_note_hash_membership_witness (#23190) fix(aztec-up): explicit exit in CLI acceptance test harness (#23200) refactor(pxe): batch nullifier sync across scopes (#23129) refactor(pxe): backport batch nullifier sync across scopes (#23129) to v4-next (#23208) fix(ci): revert ci-compat-e2e to AWS access keys (#23211) test: drop event_logs from compat matrix and loosen avm_simulator assertion regex (#23193) fix(aztec-up): install manifest-pinned Node version instead of LTS (#23201) fix(ci): move CLI acceptance test timeout from job to step (#23205) END_COMMIT_OVERRIDE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ci-compat-e2eand run withAWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEYinstead.pipeline-exec-aztecprotocol-aztec-packages-heads-next) has noec2:RunInstancespolicy attached, so spot requests time out and the on-demand fallback fails withUnauthorizedOperation. The job has been failing on every v4 nightly since feat(ci): forward-port backwards compatibility e2e workflows to v5 #22930;continue-on-errorfor-nightly.tags has masked it.ci-release-publishon this branch.Example of the failure being patched: https://github.com/AztecProtocol/aztec-packages/actions/runs/25737242295/job/75580441745
Test plan
cijob is unaffected — it already uses static keys).ci-compat-e2elabel here to exercise the compat-e2e job end-to-end and confirm the EC2 spot/on-demand request succeeds with the static credentials.🤖 Generated with Claude Code