How to resolve the master.key problem with a Rails 5.2 dockerized project, using Gitlab CI ?
First, a great thank you for this platform: I learned a lot here!
I'm trying to deploy a dockerized Rails 5.2 application, using Gitlab CI/CD... First steps were going fine, but when I want to build my app, I get an error of missing master.key... So I learned here and there, to find how to solve this...
So I put the master key as a Gitlab variable (through settings > CI), and tried to copy it into a master.key file generated by script (see below). After trying a lot of methods, I'm still stuck with a "base64" issue, which I can't understand how to fix.
I'm getting started on Rails, and also on CI/CD... So if anyone could help me, it would be really great! Thx in advance.
image: docker services: - docker:dind cache: paths: - node_modules stages: - build - test - release - deploy # staging ? build: stage: build before_script: - apk add --no-cache py-pip python-dev libffi-dev openssl-dev gcc libc-dev make - pip install docker-compose - docker-compose --version script: - docker-compose build - docker-compose run app docker/wait_for_it.sh db:5433 -- "rake db:create db:migrate" test: stage: test before_script: - apk add --no-cache py-pip python-dev libffi-dev openssl-dev gcc libc-dev make - pip install docker-compose - docker-compose --version script: - docker-compose --version # Here we will run tests when available... release: stage: release only: - "feat-dockerisation" before_script: - docker info - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com - echo "$RAILS_MASTER_KEY" | tr -d '\r' > config/master.key script: - docker build -t registry.gitlab.com/soykje/beweeg-ror:latest --pull . - docker push registry.gitlab.com/soykje/beweeg-ror:latest after_script: - docker logout registry.gitlab.com
FROM ruby:2.5.5-slim ARG PRECOMPILEASSETS RUN apt-get update && apt-get install -y curl gnupg RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list RUN curl -q https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - RUN apt-get -y update && \ apt-get install --fix-missing --no-install-recommends -qq -y \ build-essential \ vim \ wget gnupg \ git-all \ curl \ ssh \ postgresql-client-10 libpq5 libpq-dev -y && \ wget -qO- https://deb.nodesource.com/setup_9.x | bash - && \ apt-get install -y nodejs && \ wget -qO- https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \ echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \ apt-get update && \ apt-get install yarn && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN gem install bundler #Install gems RUN mkdir /gems WORKDIR /gems COPY Gemfile . COPY Gemfile.lock . RUN bundle install ARG INSTALL_PATH=/opt/beweeg ENV INSTALL_PATH $INSTALL_PATH WORKDIR $INSTALL_PATH COPY . . # Precompile assets (or not) RUN docker/potential_asset_precompile.sh $PRECOMPILEASSETS
Rails will actually look for the RAILS_MASTER_KEY env variable, so if you just set that you should be fine. Saves you from the trouble of trying to write that out to a file and you can just set the env var like any other environment variable through docker.
Thx for your quick answer! Maybe I don't understand... but your suggestion is exactly what I am trying to do :
- Save the master key as Gitlab variable
- Use this variable to generate a master.key file, through Docker
And here is my problem: the
echo "$RAILS_MASTER_KEY" | tr -d '\r' > config/master.key doesn't seem to work, and I'm stuck with a base64 issue... I also tried using the
| base64 -d filter instead of
| tr -d '\r', and then I'm having a missing key error... What am I missing?
Thank you for your help and your explanations.
I haven't actually used Gitlab's CI, but it's close.
So you don't need a master.key file as long as you have the RAILS_MASTER_KEY environment variable. Rails will check for the env var first and use that if it exists, otherwise it falls back to the file.
You should be able to set the env var using Gitlab and then you'd just need to make sure the env var from Gitlab is accessible in your docker image.
No need to write anything to
master.key this way.