From 5280580a6964c738c49b9b4dc5616394da2a79fd Mon Sep 17 00:00:00 2001 From: Armand Date: Fri, 6 Mar 2026 01:59:32 -0600 Subject: [PATCH] fix(ci): add pip scripts dir to PATH after awscli install in deploy-secure When /usr/local/bin/aws is absent and pip3 installs awscli, the binary lands in pip's scripts directory (e.g. sysconfig.get_path('scripts')), which is not in PATH. The next step then fails with 'aws: command not found' (exit 127). Fix: after pip3 install, resolve the scripts dir via sysconfig and append it to GITHUB_PATH. Also add /opt/homebrew/bin check for macOS Homebrew installs, and short-circuit if aws is already in PATH. Applies to all three Fix AWS CLI path steps (staging, production, DR). Co-Authored-By: Claude Opus 4.6 --- .github/workflows/deploy-secure.yml | 36 +++++++++++++++++++++-------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/.github/workflows/deploy-secure.yml b/.github/workflows/deploy-secure.yml index 21f6ac518b..d4f14ecee4 100644 --- a/.github/workflows/deploy-secure.yml +++ b/.github/workflows/deploy-secure.yml @@ -260,13 +260,19 @@ jobs: - name: Fix AWS CLI path run: | - # AWS CLI v2 standalone binary lives at /usr/local/bin/aws on AL2023. - # actions/setup-python can shadow /usr/bin/aws (Python wrapper) by - # changing sys.executable, breaking the awscli import. Prefer v2. + # Find AWS CLI v2 in common locations, or install via pip3 and add its + # scripts directory to PATH. pip3 install alone does not update PATH. if /usr/local/bin/aws --version 2>/dev/null; then echo "/usr/local/bin" >> "$GITHUB_PATH" + elif /opt/homebrew/bin/aws --version 2>/dev/null; then + echo "/opt/homebrew/bin" >> "$GITHUB_PATH" + elif command -v aws 2>/dev/null; then + echo "aws already in PATH: $(which aws)" else pip3 install awscli --quiet + SCRIPTS=$(python3 -c "import sysconfig; print(sysconfig.get_path('scripts'))") + echo "$SCRIPTS" >> "$GITHUB_PATH" + echo "Installed awscli via pip3, scripts at: $SCRIPTS" fi - name: Get staging instance IDs @@ -688,13 +694,19 @@ jobs: - name: Fix AWS CLI path run: | - # AWS CLI v2 standalone binary lives at /usr/local/bin/aws on AL2023. - # actions/setup-python can shadow /usr/bin/aws (Python wrapper) by - # changing sys.executable, breaking the awscli import. Prefer v2. + # Find AWS CLI v2 in common locations, or install via pip3 and add its + # scripts directory to PATH. pip3 install alone does not update PATH. if /usr/local/bin/aws --version 2>/dev/null; then echo "/usr/local/bin" >> "$GITHUB_PATH" + elif /opt/homebrew/bin/aws --version 2>/dev/null; then + echo "/opt/homebrew/bin" >> "$GITHUB_PATH" + elif command -v aws 2>/dev/null; then + echo "aws already in PATH: $(which aws)" else pip3 install awscli --quiet + SCRIPTS=$(python3 -c "import sysconfig; print(sysconfig.get_path('scripts'))") + echo "$SCRIPTS" >> "$GITHUB_PATH" + echo "Installed awscli via pip3, scripts at: $SCRIPTS" fi - name: Get production instance IDs @@ -1121,13 +1133,19 @@ jobs: - name: Fix AWS CLI path run: | - # AWS CLI v2 standalone binary lives at /usr/local/bin/aws on AL2023. - # actions/setup-python can shadow /usr/bin/aws (Python wrapper) by - # changing sys.executable, breaking the awscli import. Prefer v2. + # Find AWS CLI v2 in common locations, or install via pip3 and add its + # scripts directory to PATH. pip3 install alone does not update PATH. if /usr/local/bin/aws --version 2>/dev/null; then echo "/usr/local/bin" >> "$GITHUB_PATH" + elif /opt/homebrew/bin/aws --version 2>/dev/null; then + echo "/opt/homebrew/bin" >> "$GITHUB_PATH" + elif command -v aws 2>/dev/null; then + echo "aws already in PATH: $(which aws)" else pip3 install awscli --quiet + SCRIPTS=$(python3 -c "import sysconfig; print(sysconfig.get_path('scripts'))") + echo "$SCRIPTS" >> "$GITHUB_PATH" + echo "Installed awscli via pip3, scripts at: $SCRIPTS" fi - name: Get DR instance IDs