0

I typically make updates to my production Ruby on Rails application and today I updated some security vulnerabilities with gem files, pushed them to my Github repo and then did a git push heroku master and received the following errors:

remote: -----> Preparing app for Rails asset pipeline
remote:        Running: rake assets:precompile
remote:        rake aborted!
remote:        Devise.secret_key was not set. Please add the following to your Devise initializer:
remote:
remote:          config.secret_key = '<hash>'
remote:
remote:        Please ensure you restarted your application after installing Devise or setting the key....
remote:  !
remote:  !     Precompiling assets failed.
remote:  !

Not sure if there is a connection between actionview -v 5.1.6.2 that I recently updated to and this error, but I went ahead and added that config.secret_key = ... and then committed it and pushed to my repo and then did the git push heroku master and now I get this:

An unhandled lowlevel error occurred. The application logs may have details.

Heroku logs say:

 #<RuntimeError: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml`>

But I have this in my config/secrets.yml:

# Do not keep production secrets in the unencrypted secrets file.
# Instead, either read values from the environment.
# Or, use `bin/rails secrets:setup` to configure encrypted secrets
# and move the `production:` environment over there.

production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
Daniel
  • 14,004
  • 16
  • 96
  • 156
  • Do application logs indeed have details? – Aleksei Matiushkin Mar 14 '19 at 08:02
  • Does this answer your question? [An unhandled lowlevel error occurred. The application logs may have details](https://stackoverflow.com/questions/37112804/an-unhandled-lowlevel-error-occurred-the-application-logs-may-have-details) – cbr Sep 15 '22 at 20:52

1 Answers1

0

I decided not to go with what Heroku was suggesting of setting the Devise secret key in my devise.rb file and instead went over to application.rb file and added the following line of code:

config.secret_key_base = ENV["SECRET_KEY_BASE"]

I had forgotten that Heroku already has my secret key base set, so after adding this line of code to application.rb file and committing the changes to my Github repo, I ran a git push heroku master and then ran heroku run rake db:migrate and my production RoR site is up and running again, good as new.

This solution was better at avoiding having any secret key in my devise.rb file which would not be a good idea from a security standpoint.

Daniel
  • 14,004
  • 16
  • 96
  • 156