RailsアプリをCircleCIでデプロイしたいが、master.keyが設定できない
環境
RubyonRails 5.2.2
carrierwave
CircleCIでECSへデプロイするdockerイメージのビルドの中でアセットのプリコンパイルを行った際、CircleCIのEnvironment Variablesに入っているRAILS_MASTER_KEYが参照されずプリコンパイルがエラーになる。
アセットはAWSのS3に配置するためS3のアクセスキーをcredential.yml.encに記述しておりそれを参照したい。
エラー文
Step 17/19 : RUN RAILS_ENV=production bundle exec rake assets:precompile
---> Running in af27c5633055
rake aborted!
NoMethodError: undefined method `[]' for nil:NilClass
/usr/src/eStreak/config/initializers/carrierwave.rb:12:in `block in <main>'
/usr/local/bundle/gems/carrierwave-1.3.1/lib/carrierwave/uploader/configuration.rb:161:in `configure'
/usr/local/bundle/gems/carrierwave-1.3.1/lib/carrierwave.rb:14:in `configure'
/usr/src/eStreak/config/initializers/carrierwave.rb:5:in `<main>'
NoMethodError: undefined method `[]' for nil:NilClass
とされているがcredentials.yml.encにはしっかりと記述しており、ローカルで試したところmaster.keyが配置されていない場合にこのエラーが出るのでmaster.keyが参照されてないのではと疑っている。
以下は本番環境のdockerfileと.circleci/config.ymlです。
Dockerfile
FROM ruby:2.4.0
ENV APP_ROOT /usr/src/eStreak
WORKDIR $APP_ROOT
RUN printf "deb http://archive.debian.org/debian/ jessie main\ndeb-src http://archive.debian.org/debian/ jessie main\ndeb http://security.debian.org jessie/updates main\ndeb-src http://security.debian.org jessie/updates main" > /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y \
nodejs \
npm \
--no-install-recommends && \
rm -rf /var/lib/apt/lists/*
COPY Gemfile $APP_ROOT
COPY Gemfile.lock $APP_ROOT
RUN \
echo 'gem: --no-document' >> ~/.gemrc && \
cp ~/.gemrc /etc/gemrc && \
chmod uog+r /etc/gemrc && \
bundle config --global build.nokogiri --use-system-libraries && \
bundle config --global jobs 4 && \
bundle install && \
rm -rf ~/.gem
COPY . $APP_ROOT
EXPOSE 3000
RUN npm install
RUN npm install yarn -g
RUN npm install n -g
RUN n 10.15.3
RUN ln -s /usr/bin/nodejs /usr/bin/node
RUN RAILS_ENV=production bundle exec rake assets:precompile
RUN rm -f tmp/pids/server.pid
CMD ["bundle", "exec", "rails", "s", "puma", "-b", "0.0.0.0", "-p", "3000", "-e", "production"]
.circleci/config.yml
version: 2.1
jobs:
checkout_code:
docker:
- image: stks56/estreak_pro:latest
working_directory: ~/eStreak
steps:
- checkout
- save_cache:
key: v1-repo-{{ .Environment.CIRCLE_SHA1 }}
paths:
- ~/eStreak
test:
docker:
- image: stks56/estreak_pro:latest
environment:
RAILS_ENV: test
MYSQL_HOST: 127.0.0.1
MYSQL_USERNAME: 'root'
MYSQL_PASSWORD: ''
MYSQL_PORT: 3306
- image: mysql:5.7
environment:
MYSQL_DATABASE: eStreak_test
MYSQL_ALLOW_EMPTY_PASSWORD: true
MYSQL_ROOT_HOST: '%'
working_directory: ~/eStreak
steps:
- checkout
- restore_cache:
key: v1-repo-{{ .Environment.CIRCLE_SHA1 }}
- restore_cache:
keys:
- v1-dependencies-{{ checksum "Gemfile.lock" }}
- v1-dependencies-
- run:
name: install dependencies
command: |
bundle install --jobs=4 --retry=3 --path vendor/bundle
- save_cache:
paths:
- ./vendor/bundle
key: v1-dependencies-{{ checksum "Gemfile.lock" }}
# Database setup
- run: rm ./config/database.yml
- run: mv ./config/database.yml.ci ./config/database.yml
- run:
name: Prepare db
command: |
bundle exec rake db:create db:schema:load --trace
# run tests!
- run:
name: Run rspec
command: |
mkdir /tmp/test-results
TEST_FILES="$(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)"
bundle exec rspec --format progress --color --format documentation
# collect reports
- store_test_results:
path: /tmp/test-results
- store_artifacts:
path: /tmp/test-results
destination: test-results
deploy:
docker:
- image: circleci/python
steps:
- checkout
- setup_remote_docker
- run:
name: install aws
command: |
sudo pip install awscli
aws --version
- run:
name: Install ecs-deploy
command: |
curl https://raw.githubusercontent.com/silinternational/ecs-deploy/master/ecs-deploy | sudo tee -a /usr/bin/ecs-deploy
sudo chmod +x /usr/bin/ecs-deploy
- run:
name: Install jq
command: sudo apt-get install -y jq
- run:
name: "Log in to AWS ECR"
command: eval $(aws ecr get-login --no-include-email --region ap-northeast-1)
- run:
name: "Build & Push Docker Image"
command: |
docker build -t $AWS_ACCOUNT_ID.dkr.ecr.ap-northeast-1.amazonaws.com/estreak_app_repo:latest -t $AWS_ACCOUNT_ID.dkr.ecr.ap-northeast-1.amazonaws.com/estreak_app_repo:$CIRCLE_SHA1 -f Dockerfile_PRO .
docker push $AWS_ACCOUNT_ID.dkr.ecr.ap-northeast-1.amazonaws.com/estreak_app_repo:$CIRCLE_SHA1
- run:
name: "DB Migrate"
command: |
aws ecs run-task \
--region ap-northeast-1 \
--cluster eStreak-cluster \
--task-definition estreak_app_task \
--overrides file://ecs/run_task_db_migrate.json
- run:
name: "Sevice deploy"
environment:
command: |
ecs-deploy -c eStreak-cluster -n eStreak_app_service \
-r ap-northeast-1 -t 240 \
-i $AWS_ACCOUNT_ID.dkr.ecr.ap-northeast-1.amazonaws.com/estreak_app_repo:$CIRCLE_SHA1
workflows:
version: 2.1
test_and_deploy:
jobs:
- checkout_code
- test:
requires:
- checkout_code
- deploy:
requires:
- test
filters:
branches:
only: master