Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Heroku] Getting 'no production secrets' when I try to deploy to Heroku? #395

Closed
tuckyeah opened this issue Sep 30, 2016 · 17 comments
Closed

[Heroku] Getting 'no production secrets' when I try to deploy to Heroku? #395

tuckyeah opened this issue Sep 30, 2016 · 17 comments

Comments

@tuckyeah
Copy link

@tuckyeah tuckyeah commented Sep 30, 2016

So I went through the steps in the Heroku deployment guide with no issues, except when I try to open it, I get:

Internal Server Error

Missing `secret_token` and `secret_key_base` for 'production' environment, set these values in `config/secrets.yml`
WEBrick/1.3.1 (Ruby/2.3.1/2016-04-26) at fast-citadel-82471.herokuapp.com:443

I went into my config/secrets.yml and added a new secret for Production under the name SECRET_KEY_BASE. Then I went into my .gitignore and uncommented the config/secrets.yml file. I committed and pushed to heroku, did all my db:migrations/seeds/examples (which all seems to work), ran heroku restart but when I do heroku open, I'm still getting the same error! Any suggestions?

@tuckyeah
Copy link
Author

@tuckyeah tuckyeah commented Sep 30, 2016

I just checked my github repo and it looks like config/secrets.yml is NOT in there... regardless of if it's commented out in the .gitignore file (I've tried both ways) @rebekahheacock and I are trying to figure it out but no dice!

@berziiii
Copy link

@berziiii berziiii commented Sep 30, 2016

You need to set this production variable in Heroku's config settings.

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

Chiming in to say that config/secrets.yml is commented out in my .gitignore file as well:

# Only include if you have production secrets in this file, which is no longer a Rails default
# config/secrets.yml

And yet secrets.yml is not being tracked by git: when I edit that file locally, it doesn't appear as a modified file when I run git status; it also doesn't get pushed to GitHub (see my config directory here).

@tuckyeah
Copy link
Author

@tuckyeah tuckyeah commented Sep 30, 2016

@berziiii So there is a secret in the Heroku config settings under "SECRET_KEY_BASE", and I took that secret and put that in my .env file that referenced the production secret... but it's still giving me the same error.... I know I'm not supposed to commit my .env file with my secrets in it to the repo, so is there another work around?

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

I've tried running these two commands:

heroku config:set SECRET_KEY_BASE=`rake secret`
heroku config:set SECRET_TOKEN=`rake secret`

and am still getting the same "Missing secret_token and secret_key_base for 'production' environment, set these values in config/secrets.yml" error.

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

In case it's relevant: I'm seeing values for SECRET_KEY_BASE and SECRET_TOKEN in Heroku's dashboard interface for my API, but am still getting the same error.

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

Just for funsies: deleted the two (commented out, so it should't make a difference) lines mentioned above from my .gitignore file and committed and pushed that file. config/secrets.yml still isn't being tracked by git locally.

I've looked through the .gitignore file for mentions of config, yml, and secrets, and as far as I can tell, nothing else should be blocking config/secrets.yml from being tracked.

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

@tuckyeah @berziiii Forcibly adding my config/secrets.yml file (git add -f config/secrets.yml), committing/pushing to GitHub, and repushing to Heroku worked, but this seems like a terrible solution.

(Though it looks like this is the recommended fix, as per #249?)

Any help figuring out why config/secrets.yml wasn't being tracked in the first place would be welcome.

@berziiii
Copy link

@berziiii berziiii commented Sep 30, 2016

Yeah, your secrets file should be uncommented in the gitignore. That is fine because no secret keys actually live in that file. They are imported through an Environment Variable.

@jrhorn424
Copy link

@jrhorn424 jrhorn424 commented Sep 30, 2016

@rebekahheacock This is the correct fix. @tuckyeah Does Rebekah's suggestion fix your issue?

Any help figuring out why config/secrets.yml wasn't being tracked in the first place would be welcome.

Comment out config/secrets.yml in your ~/.gitignore. This is your "global" gitignore and will be applied in addition to any other gitignore.

It's my fault. We'll fix it during the next installfest. Thanks!

@jrhorn424
Copy link

@jrhorn424 jrhorn424 commented Sep 30, 2016

@rhjones
Copy link

@rhjones rhjones commented Sep 30, 2016

Thanks, @jrhorn424. I had looked in what GitHub gives as an example global gitignore file (~/.gitignore_global) and didn't see anything relevant, but didn't remember that I/we had used a different filename.

@berziiii
Copy link

@berziiii berziiii commented Sep 30, 2016

Is this issue closed then? @tuckyeah

@payne-chris-r
Copy link
Contributor

@payne-chris-r payne-chris-r commented Sep 30, 2016

This is a great issue (for now and for future devs). Thanks for posting relevant code and progress. @tuckyeah and @rebekahheacock FTW. Keep up the good work.

@tuckyeah
Copy link
Author

@tuckyeah tuckyeah commented Sep 30, 2016

Yep, thanks everyone!! I haven't had a chance to give these solutions a shot yet but I'll reopen if I run into any further issues. For now it seems solved :)

@jrhorn424
Copy link

@jrhorn424 jrhorn424 commented Sep 30, 2016

Did you intend to close this @tuckyeah?

@tuckyeah
Copy link
Author

@tuckyeah tuckyeah commented Sep 30, 2016

OH WHOOPS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants