railsでs3にアクセスできない

dockerでrailsの環境構築をしています。
s3にファイルをアップロードできるようにaws-sdk-s3のgemを入れ、credentialsにs3のアクセスキーやシークレットキーを設定しました。
また、storage.ymlやconfig/environments/productionも設定しています。
こちらの記事を参考にしました。

s3につながることを確かめるため、以下のコードを走らせたのですがエラーになりました。
credentialsはちゃんと設定しているため、なぜエラーになるのか分かりません。

[check.rb]

rb
1# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2# SPDX - License - Identifier: Apache - 2.0
3
4require 'aws-sdk-s3'
5
6# Checks to see whether an Amazon Simple Storage Service
7#   (Amazon S3) bucket exists.
8#
9# @param s3_client [Aws::S3::Client] An initialized S3 client.
10# @param bucket_name [String] The name of the bucket.
11# @return [Boolean] true if the bucket exists; otherwise, false.
12# @example
13#   exit 1 unless bucket_exists?(
14#     Aws::S3::Client.new(region: 'us-east-1'),
15#     'doc-example-bucket'
16#   )
17def bucket_exists?(s3_client, bucket_name)
18  response = s3_client.list_buckets
19  response.buckets.each do |bucket|
20    return true if bucket.name == bucket_name
21  end
22  return false
23rescue StandardError => e
24  puts "Error listing buckets: #{e.message}"
25  return false
26end
27
28# Full example call:
29def run_me
30  bucket_name = 'hogehoge'
31  region = 'ap-northeast-1'
32  s3_client = Aws::S3::Client.new(region: region)
33
34  if bucket_exists?(s3_client, bucket_name)
35    puts 'Bucket exists.'
36  else
37    puts 'Bucket does not exist or is not accessible to you.'
38  end
39end
40
41run_me if $PROGRAM_NAME == __FILE__
42

エラー

usr/local/bundle/gems/aws-sigv4-1.2.3/lib/aws-sigv4/signer.rb:621:in `extract_credentials_provider': missing credentials, provide credentials with one of the following options: (Aws::Sigv4::Errors::MissingCredentialsError)
  - :access_key_id and :secret_access_key
  - :credentials
  - :credentials_provider

設定ファイル

[Gemfile]

source 'https://rubygems.org'
git_source(:github) { |repo| "https://github.com/#{repo}.git" }

ruby '2.7.3'

# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '~> 5.2.4', '>= 5.2.4.5'
# Use mysql as the database for Active Record
gem 'mysql2', '>= 0.4.4', '< 0.6.0'
# Use Puma as the app server
gem 'puma', '~> 3.11'
# Use SCSS for stylesheets
gem 'sass-rails', '~> 5.0'
# Use Uglifier as compressor for JavaScript assets
gem 'uglifier', '>= 1.3.0'
# See https://github.com/rails/execjs#readme for more supported runtimes
# gem 'mini_racer', platforms: :ruby

# Use CoffeeScript for .coffee assets and views
gem 'coffee-rails', '~> 4.2'
# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
gem 'turbolinks', '~> 5'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
gem 'jbuilder', '~> 2.5'
# Use Redis adapter to run Action Cable in production
# gem 'redis', '~> 4.0'
# Use ActiveModel has_secure_password
gem 'bcrypt', '~> 3.1.7'

# Use ActiveStorage variant
gem 'mini_magick', '~> 4.8'

# Use Capistrano for deployment
# gem 'capistrano-rails', group: :development

# Reduces boot times through caching; required in config/boot.rb
gem 'bootsnap', '>= 1.1.0', require: false

group :development, :test do
  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
  gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
end

group :development do
  # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
  gem 'web-console', '>= 3.3.0'
  gem 'listen', '>= 3.0.5', '< 3.2'
  # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
  gem 'spring'
  gem 'spring-watcher-listen', '~> 2.0.0'
end

group :test do
  # Adds support for Capybara system testing and selenium driver
  gem 'capybara', '>= 2.15'
  gem 'selenium-webdriver'
  # Easy installation and use of chromedriver to run system tests with Chrome
  gem 'chromedriver-helper'
end

# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]

gem 'aws-sdk-s3'

gem 'haml-rails'

gem 'pry-byebug'

[storage.yml]

yml
1test:
2  service: Disk
3  root: <%= Rails.root.join("tmp/storage") %>
4
5local:
6  service: Disk
7  root: <%= Rails.root.join("storage") %>
8
9# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
10amazon:
11  service: S3
12  access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
13  secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
14  region: ap-northeast-1
15  bucket: hogehoge

[config/production.rb]

rb
1Rails.application.configure do
2  # Settings specified here will take precedence over those in config/application.rb.
3
4  # Code is not reloaded between requests.
5  config.cache_classes = true
6
7  # Eager load code on boot. This eager loads most of Rails and
8  # your application in memory, allowing both threaded web servers
9  # and those relying on copy on write to perform better.
10  # Rake tasks automatically ignore this option for performance.
11  config.eager_load = true
12
13  # Full error reports are disabled and caching is turned on.
14  config.consider_all_requests_local       = false
15  config.action_controller.perform_caching = true
16
17  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
18  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
19  # config.require_master_key = true
20
21  # Disable serving static files from the `/public` folder by default since
22  # Apache or NGINX already handles this.
23  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
24
25  # Compress JavaScripts and CSS.
26  config.assets.js_compressor = :uglifier
27  # config.assets.css_compressor = :sass
28
29  # Do not fallback to assets pipeline if a precompiled asset is missed.
30  config.assets.compile = false
31
32  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
33
34  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
35  # config.action_controller.asset_host = 'http://assets.example.com'
36
37  # Specifies the header that your server uses for sending files.
38  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
39  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
40
41  # Store uploaded files on the local file system (see config/storage.yml for options)
42  config.active_storage.service = :amazon
43
44  # Mount Action Cable outside main process or domain
45  # config.action_cable.mount_path = nil
46  # config.action_cable.url = 'wss://example.com/cable'
47  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http://example.*/ ]
48
49  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
50  # config.force_ssl = true
51
52  # Use the lowest log level to ensure availability of diagnostic information
53  # when problems arise.
54  config.log_level = :debug
55
56  # Prepend all log lines with the following tags.
57  config.log_tags = [ :request_id ]
58
59  # Use a different cache store in production.
60  # config.cache_store = :mem_cache_store
61
62  # Use a real queuing backend for Active Job (and separate queues per environment)
63  # config.active_job.queue_adapter     = :resque
64  # config.active_job.queue_name_prefix = "app_name_#{Rails.env}"
65
66  config.action_mailer.perform_caching = false
67
68  # Ignore bad email addresses and do not raise email delivery errors.
69  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
70  # config.action_mailer.raise_delivery_errors = false
71
72  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
73  # the I18n.default_locale when a translation cannot be found).
74  config.i18n.fallbacks = true
75
76  # Send deprecation notices to registered listeners.
77  config.active_support.deprecation = :notify
78
79  # Use default logging formatter so that PID and timestamp are not suppressed.
80  config.log_formatter = ::Logger::Formatter.new
81
82  # Use a different logger for distributed setups.
83  # require 'syslog/logger'
84  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
85
86  if ENV["RAILS_LOG_TO_STDOUT"].present?
87    logger           = ActiveSupport::Logger.new(STDOUT)
88    logger.formatter = config.log_formatter
89    config.logger    = ActiveSupport::TaggedLogging.new(logger)
90  end
91
92  # Do not dump schema after migrations.
93  config.active_record.dump_schema_after_migration = false
94end

asm

2021/04/24 02:59

> 以下のコードを走らせたのですがエラーになりました。どのようなコマンドによってcheck.rbを実行しましたか?

行動規範の内容に同意します

回答1件

ベストアンサー

こんにちは。
エラーの内容は「秘匿情報が見つけられない」というものですが、このエラーの通りrun_meメソッドで秘匿情報を参照していないのが原因かと思われます。
credentialsに設定したアクセスキーやシークレットキーはstorage.ymlで参照しているとのことなのでActiveStorageでは利用可能ですが、run_meメソッドはActiveStorageとは関係ないただのRubyファイルのため、credentialsの値を参照する必要があります。

ruby
1s3_client = Aws::S3::Client.new(
2  region: region, 
3  access_key_id: Rails.application.credentials.dig(:aws, :access_key_id),
4  secret_access_key: Rails.application.credentials.dig(:aws, :secret_access_key),
5)