How does rake_deploy in jelastic work with ENV

Question

I am setting up a production and a pre-production server with Jelastic and nginx to run Ruby on Rails on. My database name and password are in environment variables. I have set them in the shell via ssh in .bashrc and in /etc/nginx/app_servers/nginx-passenger.conf as documented in Configuration reference for Passenger + Nginx but rake_deploy can not find them. I have written a rake-task that outputs the ENV, so I can see that it is not the same when I run the task as a part of deploy and from command-line over ssh. The Rails app gets them through the passenger.conf, so that works, but is scary duplication.

Is there a way to have my environment-variables set in one place in that setup so that both the Rails app, the rake_deploy and the shell can access them?

score 1 · Accepted Answer · answered May 11 '18 at 08:42

The answer is that it can not be done.

It is not possible to store your secrets in the environments ENV and use them for both your rails app and your rake tasks when using Jelastics Ruby setup that uses rake_deploy to run the rake tasks at deployment.

The reason is that rake_deployis run as root. I figured adding this rake-task:

task :env do puts ENV.to_h.to_yaml sh %[whoami] end

that first prints the ENV and then prints what user the command is run as.

Or, there is perhaps a way if I can first run a rake-task that edits the .bash_profile of root, without putting that in version-control. But it feels neither safe nor professional.

There is also nowhere else to put your secrets that is kept out of version control and persisted between deploys.

My PaaS provider has been in contact with Jelastic to tell them this and they are not interested in changing it.

score -1 · Answer 2 · answered Apr 26 '18 at 15:26

-1

This variables "ALL_REQUESTS_LOCAL, DB_ADAPTER, DB_HOST, DB_NAME, DB_PASSWORD, DB_USERNAME, EMAIL_USER, EMAIL_PASSWORD, EMAIL_DOMAIN, EMAIL_ADDRESS" should be set in rakefile. "nginx_passenger.conf" is a configuration file for Nginx that has nothing to do with environment variables.Also, you can try to add this variables to .bash_profile or .bashrc to make them accessible to rake

answered Apr 26 '18 at 15:26

Virtuozzo

1,993
1
10
13

1

How do you suggest that I handle having two production environments, one for real production and one for pre-producion? I prefer to have my rakefile in git. – Ed Ytterbrink Apr 27 '18 at 13:20
So you say that I can not host a 12 factor (https://12factor.net/) RubyOnRails app with your solution? It is #1 and #3 I am concerned about. – Ed Ytterbrink May 09 '18 at 17:03

How does rake_deploy in jelastic work with ENV

2 Answers2