Github ActionsでRailsアプリのCI/CDを構築しています。
Github Secretsに定義した環境変数(RAILS_MASTER_KEY)が読み込まれないという問題に遭遇しました。
ご助言をいただけると幸いです。
開発環境
- ruby 3.0.1
- Rails 6.1.4.4
- docker 20.10.12
- docker-compos 1.29.2
起きている問題
Github Secretsに環境変数"RAILS_SECRET_KEY"を定義したところ、.github/workflows/ci.yml
では読み込みに成功し、.github/workflows/cd.yml
では読み込みに失敗する。
その結果、Actionの中でcredentials.yml.enc
を参照できずに、デプロイに失敗する。
関連コード
Github Actions"cd.yml
"のログ
Preparing to unpack .../yarn_1.22.19-1_all.deb ... Unpacking yarn (1.22.19-1) ... Setting up nodejs (16.15.0-deb-1nodesource1) ... Setting up yarn (1.22.19-1) ... Processing triggers for libc-bin (2.28-10) ... Removing intermediate container f4c6ae32085f ---> 31d1d6f23430 Step 15/23 : COPY ./src /var/www/myapp ---> 0f64a1f3786a Step 16/23 : COPY ./src/entrypoint.sh /usr/bin/ ---> 506a8cf41485 Step 17/23 : RUN chmod +x /usr/bin/entrypoint.sh ---> Running in fd40812a73fc Removing intermediate container fd40812a73fc ---> b5d512066a58 Step 18/23 : ENTRYPOINT ["entrypoint.sh"] ---> Running in 99d3882bbb9a Removing intermediate container 99d3882bbb9a ---> a1f89be36d9f Step 19/23 : RUN bundle exec rails assets:precompile ---> Running in 266a8564b5c9 rails aborted! NoMethodError: undefined method `[]' for nil:NilClass /var/www/myapp/config/initializers/aws.rb:5:in `<main>' /var/www/myapp/config/environment.rb:5:in `<main>' Tasks: TOP => environment (See full trace by running task with --trace) The command '/bin/sh -c bundle exec rails assets:precompile' returned a non-zero code: 1 Service 'app' failed to build : Build failed Error: Process completed with exit code 1.
config/initializers/aws.rb
以下の箇所でRailsのmasterkeyが読み込めていないため、NoMethodError
が出ていると考えています。
ruby
require 'aws-sdk' Aws::Rails.add_action_mailer_delivery_method( :ses, credentials: Aws::Credentials.new(Rails.application.credentials.aws[:access_key_id], Rails.application.credentials.aws[:secret_access_key]), region: 'ap-northeast-1' )
.github/workflows/ci.yml
CIの場合、RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}が読み込まれてRails Credentialsを参照することができます。
yml
name: CI on: push: pull_request: jobs: rspec: runs-on: ubuntu-latest defaults: run: working-directory: ./src services: mysql: image: mysql:8.0.28 ports: - 3306:3306 env: MYSQL_ALLOW_EMPTY_PASSWORD: yes BIND-ADDRESS: 0.0.0.0 options: --health-cmd "mysqladmin ping" --health-interval 10s --health-timeout 5s --health-retries 5 env: RAILS_ENV: test MYSQL_DATABASE_HOST: 127.0.0.1 RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} steps: - uses: actions/checkout@v2.3.4 - name: set up ruby uses: ruby/setup-ruby@v1.68.0 with: ruby-version: 3.0.1 bundler-cache: true - name: cache node modules uses: actions/cache@v2.1.4 with: path: node_modules key: ${{ runner.os }}-node-${{ hashFiles('**/yarn.lock') }} restore-keys: ${{ runner.os }}-node- - name: bundle install run: | gem install bundler bundle install --jobs 4 --retry 3 --path vendor/bundle - name: yarn install run: yarn install --check-files - name: migrate db run: | bundle exec rails db:create bundle exec rails db:test:prepare - name: build tailwind CSS run: bundle exec rails tailwindcss:build - name: run rspec run: bundle exec rspec
.github/workflows/cd.yml
docker-compose -f docker-compose.production.yml build
の部分で、RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}が読み込まれません。
yml
name: CD on: push: jobs: ecs_deploy: runs-on: ubuntu-latest # if: ${{ github.event.workflow_run.conclusion == 'success' }} env: RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} steps: - uses: actions/checkout@v2 - name: aws authentication uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name : ecr login id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - name: build and push id: build-image env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} run: | docker-compose -f docker-compose.production.yml build docker image tag myapp_app $ECR_REGISTRY/app:latest docker image tag myapp_nginx $ECR_REGISTRY/nginx:latest docker push $ECR_REGISTRY/app:latest docker push $ECR_REGISTRY/nginx:latest - name: sleep run: sleep 10 - name: update service run: | aws ecs update-service --cluster myapp --service myapp --force-new-deployment
docker-compose.yml
yml
version: '3' services: nginx: build: context: . dockerfile: ./nginx/Dockerfile ports: - 80:80 app: build: context: . dockerfile: ./src/Dockerfile
docker-compose.production.yml
yml
version: '3' services: nginx: extends: file: docker-compose.yml service: nginx container_name: myapp_nginx app: extends: file: docker-compose.yml service: app container_name: myapp_app
解決へのヒントをいただけると幸いです。
よろしくお願いいたします。
まだ回答がついていません
会員登録して回答してみよう