I'm using Dotenv to populate my environment when deploying and I have a deployment server that contains all the secrets.
I want to be able to do a cap production deploy from my localhost which triggers my deployment server to do a cap production deploy from itself which contains all the secrets not available from everyone's local machines.
Is there any capistrano add on gems that solves this problem? Or can someone point me in the right direction.
I was thinking of setting up a whole new stage that points to the deployment server.
Secrets should not be copied to server while deployment , that is bad as it is vulnerable and we do not change them frequently. They should be placed on server directly to keep it safe , That is the approach I am following, we can use dontev or figaro gem to manage it
Related
I have just started developing a Golang app, and have deployed it on Google App Engine. But, when I try to connect my local server to CloudSQL instance through proxy, I am able to connect only through TCP.
However, when connecting with the same CloudSQL instance in AppEngine, I am able to connect only through UNIX.
To cope with this, I have made changes in my local environment handler file, so that it can adapt to local and GCloud config, but I'm not sure how I can skip the update on just this file for GCloud? Again, I don't want AppEngine to delete this file, I just want the CLI to avoid uploading the new version of the handler file.
I use this command for deploying: gcloud app deploy
Currently, I deploy directly to AppEngine, instead of pushing it through VCS. Also, if there is an option to detect if the app is running on AppEngine, then it'd be really great.
TIA
Got it, in case anyone gets stuck in such situation, we can make use of environment variables set in GCloud AppEngine. Although there is documentation stating the environment variables, I would still give importance to checking the environment variables in Cloud Console.
Documentation link for Go 1.12+ Runtime env:
https://cloud.google.com/appengine/docs/standard/go/runtime
I understand the process of local > staging > production deployment, although I've come across one issue which I have a solution, but it doesn't feel like it's the correct method.
I have a production .env on the server and a local .env for local development which is all fine for storing my environment variables. Although, I am using Stripe API and have testing API keys locally and live API keys for production.
My Stripe public key gets pulled into public.app.js the Vue/Inertia compilation using the MIX_ prefix in my .env. I first push this to GitHub and then Deploy this to Laravel Forge where in my deploy script it runs yarn prod, pulling in the live Stripe public API key once compiled by the server.
Basically, what I am asking is: Is there a standard deployment process where you compile production ready files locally pulling the correct API keys and push to GitHub, or is there a better way which removes the need of compiling assets on the server?
I am using gitlab as repository and want to push my code on ec2 whenever any commit is done on gitlab. The gitlab CD/CI documentation states that I have to add a file .gitlab-ci.yml at the root directory of my repo. This is actually a problem for me because, I want project repo to have only code and not any configuration related info like build and deploy etc. Also when anybody clones the repo, they would have access to location where my code is pushed/deployed on ec2. Is there any work around for this problem ?
You'll need to use a gitlab-ci.yml filke to deploy your application. The file provides instructions and a pipeline "infrastructure" which, if properly configured, will build, test and automatically deploy your code.
If you are worried about leaking credentials, you should use the built-in instance variables to mask your important bits, like a "$SERVERNAME" or "$DB_PASSWORD" for instance.
Lastly, you can use the power of gitignore, in order to not publish all of your credentials or sensitive bits to your projects' servers or instances.
I have deployed a rails application in a server using capistrano. What is the best way to debug this app in production?
Until now, when I used Apache+Phusion to deploy apps, I would write debug statements in the code and determine what was breaking.
But when I try the same now in the capistrano setup, I don't see the debug statements.
Where should I add the debug statements? In the code base that is pulled from the git repo? Or the current folder of capistrano?
Also, once I add the debug statement, is there anything I need to do to nginx server to reflect this change?
(Earlier, in Apache+Phusion, I used to do touch tmp/restart.txt to reflect the change)
Sorry for these questions, but this is my first time using Capistrano, Nginx.
I was deploying another agent's code, hence I wasn't fully aware of the deployment environment. On probing, I found out that the app server being used was Unicorn.
So, all I had to do to reflect the changes was restart Unicorn server by running unicorn appname restart
I've tried taking a look on Google for how this can be done but I thought I'd post a question anyway to see what the best practice is for doing this nowadays.
We are trying to setup a Team City build to deploy to a clients environment, basically we're generating an artifacts zip file and the plan is to (somehow) deploy this to the clients UAT, Staging and Live Servers (which are password protected). When the build is run it executes a nant script.
From our network in the office we are able to remote into the UAT box, but we can only get to the Staging and Live servers whilst on the UAT box.
What is the best way of doing this? Are there any useful resources I can look at to help me move forward?
You can try Deployer Plugin developed by TeamCity team. It offers SMB/FTP/SSH deploy options as well as SSH Exec option.