Ask A Question


You’re not receiving notifications from this thread.

How to resolve the master.key problem with a Rails 5.2 dockerized project, using Gitlab CI ?

soykje asked in General

Hi everyone,

First, a great thank you for this platform: I learned a lot here!

I'm trying to deploy a dockerized Rails 5.2 application, using Gitlab CI/CD... First steps were going fine, but when I want to build my app, I get an error of missing master.key... So I learned here and there, to find how to solve this...

So I put the master key as a Gitlab variable (through settings > CI), and tried to copy it into a master.key file generated by script (see below). After trying a lot of methods, I'm still stuck with a "base64" issue, which I can't understand how to fix.

I'm getting started on Rails, and also on CI/CD... So if anyone could help me, it would be really great! Thx in advance.


image: docker
  - docker:dind

    - node_modules

  - build
  - test
  - release
  - deploy # staging ?

  stage: build
    - apk add --no-cache py-pip python-dev libffi-dev openssl-dev gcc libc-dev make
    - pip install docker-compose
    - docker-compose --version
    - docker-compose build
    - docker-compose run app docker/ db:5433 --  "rake db:create db:migrate"

  stage: test
    - apk add --no-cache py-pip python-dev libffi-dev openssl-dev gcc libc-dev make
    - pip install docker-compose
    - docker-compose --version
    - docker-compose --version
    # Here we will run tests when available...

  stage: release
    - "feat-dockerisation"
    - docker info
    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN
    - echo "$RAILS_MASTER_KEY" | tr -d '\r' > config/master.key
    - docker build -t --pull .
    - docker push
    - docker logout


FROM ruby:2.5.5-slim


RUN apt-get update && apt-get install -y curl gnupg
RUN echo "deb stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list
RUN curl -q | apt-key add -

RUN apt-get -y update && \
    apt-get install --fix-missing --no-install-recommends -qq -y \
      build-essential \
      vim \
      wget gnupg \
      git-all \
      curl \
      ssh \
      postgresql-client-10 libpq5 libpq-dev -y && \
    wget -qO-  | bash - && \
    apt-get install -y nodejs && \
    wget -qO- | apt-key add - && \
    echo "deb stable main" | tee /etc/apt/sources.list.d/yarn.list && \
    apt-get update && \
    apt-get install yarn && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN gem install bundler
#Install gems
RUN mkdir /gems
COPY Gemfile .
COPY Gemfile.lock .
RUN bundle install

ARG INSTALL_PATH=/opt/beweeg
COPY . .

# Precompile assets (or not)

Hey soykje!

Rails will actually look for the RAILS_MASTER_KEY env variable, so if you just set that you should be fine. Saves you from the trouble of trying to write that out to a file and you can just set the env var like any other environment variable through docker.


Hi Chris,

Thx for your quick answer! Maybe I don't understand... but your suggestion is exactly what I am trying to do :

  1. Save the master key as Gitlab variable
  2. Use this variable to generate a master.key file, through Docker

And here is my problem: the echo "$RAILS_MASTER_KEY" | tr -d '\r' > config/master.key doesn't seem to work, and I'm stuck with a base64 issue... I also tried using the | base64 -d filter instead of | tr -d '\r', and then I'm having a missing key error... What am I missing?

Thank you for your help and your explanations.


I haven't actually used Gitlab's CI, but it's close.

So you don't need a master.key file as long as you have the RAILS_MASTER_KEY environment variable. Rails will check for the env var first and use that if it exists, otherwise it falls back to the file.

You should be able to set the env var using Gitlab and then you'd just need to make sure the env var from Gitlab is accessible in your docker image.

No need to write anything to master.key this way.

Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 84,111+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.