Ruby on rails Rails-Docker-AWS机密管理器
我们有一个停靠的ROR 4.2应用程序 我正在使用AWS secrets manager存储邮件用户名和密码 第一次尝试,如果我使用以下。 环境/staging.rb/environments/production.rbRuby on rails Rails-Docker-AWS机密管理器,ruby-on-rails,amazon-web-services,Ruby On Rails,Amazon Web Services,我们有一个停靠的ROR 4.2应用程序 我正在使用AWS secrets manager存储邮件用户名和密码 第一次尝试,如果我使用以下。 环境/staging.rb/environments/production.rb config.action_mailer.smtp_settings = { :user_name => 'apikey', :password => ENV['apikey'], :domain => "xxxx", :a
config.action_mailer.smtp_settings = {
:user_name => 'apikey',
:password => ENV['apikey'],
:domain => "xxxx",
:address => 'xxxx',
:port => 587,
:authentication => :plain,
:enable_starttls_auto => true
}
451身份验证失败:在我尝试发送电子邮件时无法进行身份验证。我可以清楚地访问docker容器中的ENV['apikey']
所以我试着跟着
module Aws
class Config
require 'aws-sdk-secretsmanager'
require 'base64'
def initialize(config_name)
@secret_name = Rails.env.production? ? "aaaa" : "bbbbb"
@region_name = "ap-southeast-2"
@config_name = config_name
end
def config
client = Aws::SecretsManager::Client.new(region: @region_name)
begin
get_secret_value_response = client.get_secret_value(secret_id: @secret_name)
rescue Aws::SecretsManager::Errors::DecryptionFailure => e
raise
rescue Aws::SecretsManager::Errors::InternalServiceError => e
raise
rescue Aws::SecretsManager::Errors::InvalidParameterException => e
raise
rescue Aws::SecretsManager::Errors::InvalidRequestException => e
raise
rescue Aws::SecretsManager::Errors::ResourceNotFoundException => e
raise
else
if get_secret_value_response.secret_string
secret = get_secret_value_response.secret_string
else
decoded_binary_secret = Base64.decode64(get_secret_value_response.secret_binary)
end
conf = {}
if secret
secret = JSON.parse(secret)
conf = { @config_name.to_sym => secret["#{@config_name}"]}
end
conf
end
end
end
end
:password => Aws::Config.new('apices').config[:apikey]
有以下几点
module Aws
class Config
require 'aws-sdk-secretsmanager'
require 'base64'
def initialize(config_name)
@secret_name = Rails.env.production? ? "aaaa" : "bbbbb"
@region_name = "ap-southeast-2"
@config_name = config_name
end
def config
client = Aws::SecretsManager::Client.new(region: @region_name)
begin
get_secret_value_response = client.get_secret_value(secret_id: @secret_name)
rescue Aws::SecretsManager::Errors::DecryptionFailure => e
raise
rescue Aws::SecretsManager::Errors::InternalServiceError => e
raise
rescue Aws::SecretsManager::Errors::InvalidParameterException => e
raise
rescue Aws::SecretsManager::Errors::InvalidRequestException => e
raise
rescue Aws::SecretsManager::Errors::ResourceNotFoundException => e
raise
else
if get_secret_value_response.secret_string
secret = get_secret_value_response.secret_string
else
decoded_binary_secret = Base64.decode64(get_secret_value_response.secret_binary)
end
conf = {}
if secret
secret = JSON.parse(secret)
conf = { @config_name.to_sym => secret["#{@config_name}"]}
end
conf
end
end
end
end
:password => Aws::Config.new('apices').config[:apikey]
这是在部署时产生的。当我访问AWS密钥时,在开发环境中工作良好
Step 22/32 : RUN su - app -c 'cd /home/app/myapp && RAILS_ENV=production bundle exec rake assets:precompile'
[91mrake aborted!
Aws::Errors::MissingCredentialsError: unable to sign request without credentials set
有人能解释一下吗
谢谢