I need two keys from S3 storage in my repo to make Travis tests pass.
I used travis gem to encrypt my keys:
travis encrypt "aws_access_key=MYSUPERSECRETKEY" --add env
travis encrypt "aws_secret_key=MYSUPERSECRETKEY" --add env
And got travis.yml strings:
env:
secure: SOMESTUFFuru4irlVd3Hd6c+x2joz6g=
secure: SOMESTUFFuru4gfgfgfgfgfggfgfgfHd6c+x2joz6g=
Than I added these keys to carrierwave.rb:
CarrierWave.configure do |config|
config.fog_credentials = {
provider: "AWS",
aws_access_key_id: Rails.application.secrets.aws_access_key,
aws_secret_access_key: Rails.application.secrets.aws_secret_key,
region: Rails.application.secrets.aws_region
}
config.fog_directory = "busketS3"
end
And pushed it on Github. But I got an error:
Missing required arguments: aws_access_key_id, aws_secret_access_key (ArgumentError)
My secrets.yml:
development:
facebook_key: "***********"
facebook_secret: "***************"
google_key: "***********************"
google_secret: "***********************"
aws_access_key: "***********************"
aws_secret_key: "***********************"
aws_region: "***********************"
test:
secret_key_base: "***********************"
aws_access_key: "***********************"
aws_secret_key: "***********************"
aws_region: "***********************"
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
What's wrong?
I think a problem in your secrets.yml:
secret_key_base: "***********************"
aws_access_key: "***********************"
^^^^^^^^^^^^^^
aws_secret_key: "***********************"
^^^^^^^^^^^^^^
aws_region: "***********************"
But keys should be, according error that you have:
Missing required arguments: aws_access_key_id, aws_secret_access_key
(ArgumentError)
not:
aws_access_key, aws_secret_access
Related
I'm trying to connect to the Google Calendar API using rails, but it keeps telling me Missing required parameter: client_id Can anyone tell me what i'm doing wrong?
Code:
omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_SECRET_KEY'],
{
scope: 'https://www.googleapis.com/auth/calendar, hidden#gmail.com'
}
end
secrets.yml
development:
secret_key_base: xxxxxxxxx
GOOGLE_CLIENT_ID: xxxxxxx
GOOGLE_SECRET_KEY: xxxxx
test:
secret_key_base: xxxxxxx
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
development.rb
GOOGLE_CLIENT_ID = Rails.application.secrets.GOOGLE_CLIENT_ID
GOOGLE_SECRET_KEY = Rails.application.secrets.GOOGLE_SECRET_KEY
I also have a client_secrets.json file that has the downloaded code from Google.
As others have noted, I'd advise you to regenerated new secrets: everyone can still see your keys using the edit option in SO.
But to answer your question, there is no need to do some kind of passing through using globals, you can simply access your secrets in the omniauth initializer (config/initializers/omniauth.rb):
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, Rails.application.secrets.GOOGLE_CLIENT_ID, Rails.application.secrets.GOOGLE_SECRET_KEY
end
I hope your indent in the config/secrets.yml file is by accident, development: should be on a tab/double space before its values:
development:
secret_key_base: xxxxxxxxx
GOOGLE_CLIENT_ID: xxxxxxx
GOOGLE_SECRET_KEY: xxxxx
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
GOOGLE_CLIENT_ID: <%= ENV["GOOGLE_CLIENT_ID"] %>
GOOGLE_SECRET_KEY: <%= ENV["GOOGLE_SECRET_KEY"] %>
Personally I like my YAML keys to be lowercased, but I guess that is just something of a personal preference.
I have install figaro gem.
My application.yml file:
user: 'm#am.com'
pwd: = 'password123'
Also I have in secrets.yml this:
development:
secret_key_base: d2c6dc60d0c86d32c71aa2ec2ae1fff32f338187ceaa12f0d6a294f368760ead01bc1c57115d48b80ab4042b45ca5aceadea1e888f34b5a14ab548eb07e1ad9c
test:
secret_key_base: f4c0aad565527a57110ccba77def71e2dd1b65799b94d4d24f9b34a8bc42fd01dbc64349c5555dca46b4d5d2ba85f890c718c1de0d20237704c788e4db928c66
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_token: ENV["secret_token"]
secret_key_base: ENV["secret_key_base"]
user: ENV["user"]
pwd: ENV["pwd"]
key: ENV["key"]
And I get user login like this:
Rails.application.secrets[:user]
Which gives me exactly this value:
"ENV[\"user\"]"
So what do I do?
seems like I should use
ENV["key"]
instead of Rails.application.secrets[:user]
I had Stripe Connect working in development / test environment, however I am having issues when pushing live to production, receiving the following JSON error:
{
error: {
message: "No application matches the supplied client identifier"
}
}
I am using RoR, with Devise, and Figaro. I admit that there is some confusion between the differences of both my config/locales/secrets.yml, and config/locales/application.yml
My devise.rb is shown below:
if Rails.env.production?
Rails.configuration.stripe = {
publishable_key: ENV[ 'STRIPE_PUBLISHABLE_KEY' ],
secret_key: ENV[ 'STRIPE_SECRET_KEY' ]
}
else
Rails.configuration.stripe = {
publishable_key: 'pk_test_abcdefghijklmnopqrstuvwxyz', Not Real...
secret_key: 'sk_test_abcdefghijklmnopqrstuvwxyz'
}
end
Stripe.api_key = Rails.configuration.stripe[:secret_key]
In my application.yml, I have:
STRIPE_CLIENT_ID: (live key here....)
STRIPE_SECRET_KEY: (live key here....)
STRIPE_PUBLISHABLE_KEY: (live key here....)
In my secrets.yml, I have:
development:
secret_key_base: key.....
stripe_publishable_key: key.....
stripe_secret_key: key....
stripe_client_id: key....
test:
secret_key_base: key.....
production:
secret_key_base: key.....
stripe_publishable_key: key.....
stripe_secret_key: key.....
client_id: key.....
Any help or suggestions would be hugely appreciated.
Cheers,
I am running the command rail s and it displays the following error:
/home/user/.rbenv/versions/2.0.0-p247/lib/ruby/gems/2.0.0/gems/settingslogic-2.0.9/lib/settingslogic.rb:189:in `missing_key': Missing setting 'mail_from' in /home/user/myapp/my_app/config/application.yml (Settingslogic::MissingSetting)
what is wrong in application.yml?
my config/application.yml
defaults: &defaults
site_name: site
host: site
url: site
resque:
server: 127.0.0.1:6379
namespace: resque_namespace
smtp:
domain: domain
login: login
password: secret
server: host
port: 25
mail_from: mail#example.com
robokassa:
login: login
test_mode: false
pass1: secret
pass2: secret
token: secret
avisosms:
login: login
service_id: 666
hash: secret
sdpays:
md5: secret
project_id: 666
edit_delay: 5
contest_id: 1
aws:
ses:
access_key_id: secret
secret_access_key: secret
s3:
access_key_id: secret
secret_access_key: secret
bucket: bucket
fog_directory: dir
s3cmd: /usr/bin/s3cmd
vk:
key: key
secret: secret
recaptcha:
public_key: key
private_key: private_key
development:
#<<: *defaults
host: 'localhost:3666'
url: 'http://localhost:3666'
resque:
server: '127.0.0.1:6379'
namespace: 'bdsmg_development_resque'
aws:
ses:
access_key_id: key
secret_access_key: secret
s3:
access_key_id: key
secret_access_key: secret
bucket: bucket
fog_directory: dir
s3cmd: /usr/local/bin/s3cmd
staging:
<<: *defaults
test_email: mail#example.com
host: host
url: http://host
test:
<<: *defaults
production:
<<: *defaults
Any help will be appreciated.
This seems to be some indentation issue. The mail_from field needs to be inside the smtp block.
smtp:
domain: domain
login: login
password: secret
server: host
port: 25
mail_from: mail#example.com
Like the question states, is there a way to make a secret known to all 3 environments without copy and pasting like this?
secrets.yml
development:
secret_key_base: ...
my_global_secret: foo
test:
secret_key_base: ...
my_global_secret: foo
production:
secret_key_base: ...
my_global_secret: foo
You can define and share a common key using &label and <<: *label
common: &common
secret_key_base: ...
my_global_secret: foo
development:
<<: *common
something_specific_to_development: ...
test:
<<: *common
something_specific_to_test: ...
production:
<<: *common
something_specific_to_production: ...
Update: For Rails 5.1+
Rails 5.1 adds the shared key which is automatically applied to all environments:
shared: # Everything nested under this key is automatically shared
secret_key_base: ...
my_global_secret: "foo"
development:
my_global_secret: "override value for dev"
test:
...
Using common: &common didn't work for me with Rails 5.1 - shared: did though.