Unable to locate credentials - Gitlab Pipeline for S3

(I encountered this issue many times - Adding another answer for people that have the same error - from other reasons).

A quick checklist.

Go to Setting -> CI/CD -> Variables and check:

  1. If both AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY environment variables exist.
  2. If both names are spelled right.
  3. If their state is defined as protected - they can only be ran against protected branches (like master).

If error still occurs:

  1. Make sure the access keys still exist and active on your account.
  2. Delete current environment variables and replace them with new generated access keys and make sure AWS_SECRET_ACCESS_KEY doesn't contain any special characters (can lead to strange errors).

The actual problem was a collision to do with naming the variables. For both branches the variables were called AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. However the problem wasn't just to rename them as the pipeline still didn't pick them up.

I printed the password to the logs to determine which password was being picked up by which branch but found that neither was being taken up. The solution was to have a unique name for each password for each branch (e.g. PRODUCTION_ACCESS_KEY_ID and TESTING_ACCESS_KEY_ID) and in the build script refer to them:

deploy_app_production:
  environment: 
    name: production
    url: <url>
  before_script:
    - echo "Installing ruby & dpl"
    - apt-get update && apt-get install -y ruby-full
    - gem install dpl
  stage: deploy
  tags:
    - nv1
  script:
    - echo "Deploying to production"
    - sh deploy.sh production $PRODUCTION_ACCESS_KEY_ID $PRODUCTION_SECRET_ACCESS_KEY
  only:
    - master

And in the deploy.sh I referred to the passed in variables (though I did end up switching to dpl):

dpl --provider=s3 --access-key-id=$2 --secret-access-key=$3 --bucket=<my-bucket-name>-$1 --region=eu-west-1 --acl=public_read --local-dir=./dist --skip_cleanup=true