Secrets decryption error appeared (ActiveSupport::MessageEncryptor::InvalidMessage)
1,069 views
Skip to first unread message
tho...@mipic.co
Apr 12, 2018, 1:52:40 PM4/12/18
to Ruby on Rails: Talk
Hi,
How to fix the recent error regarding rails secrets encryption and ruby?
I have one container running since week start that allows we to "rails secrets:edit" successfully. Today, if I carbon copy the source code, do new bundle install and secrets fail. What is going on?
Message from application: ActiveSupport::MessageEncryptor::InvalidMessage (ActiveSupport::MessageEncryptor::InvalidMessage)
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:133:in `rescue in _decrypt'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:111:in `_decrypt'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:84:in `decrypt_and_verify'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:55:in `decrypt'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:96:in `preprocess'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:27:in `block in parse'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `each_with_object'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `parse'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/application.rb:391:in `secrets'
/var/www/html/config/initializers/swagger_ui_engine.rb:3:in `block in <top (required)>'
/bundle/ruby/2.5.0/gems/swagger_ui_engine-1.1.0/lib/swagger_ui_engine.rb:15:in `configure'
/var/www/html/config/initializers/swagger_ui_engine.rb:1:in `<top (required)>'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `load'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `block in load'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:258:in `load_dependency'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `load'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:655:in `block in load_config_initializer'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/notifications.rb:168:in `instrument'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:654:in `load_config_initializer'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:612:in `block (2 levels) in <class:Engine>'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:611:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:611:in `block in <class:Engine>'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:30:in `instance_exec'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:30:in `run'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:133:in `rescue in _decrypt'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:111:in `_decrypt'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/message_encryptor.rb:84:in `decrypt_and_verify'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:55:in `decrypt'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:96:in `preprocess'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:27:in `block in parse'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `each_with_object'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/secrets.rb:24:in `parse'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/application.rb:391:in `secrets'
/var/www/html/config/initializers/swagger_ui_engine.rb:3:in `block in <top (required)>'
/bundle/ruby/2.5.0/gems/swagger_ui_engine-1.1.0/lib/swagger_ui_engine.rb:15:in `configure'
/var/www/html/config/initializers/swagger_ui_engine.rb:1:in `<top (required)>'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `load'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `block in load'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:258:in `load_dependency'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/dependencies.rb:286:in `load'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:655:in `block in load_config_initializer'
/bundle/ruby/2.5.0/gems/activesupport-5.1.5/lib/active_support/notifications.rb:168:in `instrument'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:654:in `load_config_initializer'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:612:in `block (2 levels) in <class:Engine>'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:611:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/engine.rb:611:in `block in <class:Engine>'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:30:in `instance_exec'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:30:in `run'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:59:in `block in run_initializers'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:228:in `block in tsort_each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:350:in `block (2 levels) in each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:422:in `block (2 levels) in each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:431:in `each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:421:in `block in each_strongly_connected_component_from'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:48:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:48:in `tsort_each_child'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:415:in `call'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:415:in `each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:349:in `block in each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `call'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:226:in `tsort_each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:205:in `tsort_each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:58:in `run_initializers'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/application.rb:353:in `initialize!'
/var/www/html/config/environment.rb:5:in `<top (required)>'
config.ru:3:in `require_relative'
config.ru:3:in `block in <main>'
/bundle/ruby/2.5.0/gems/rack-2.0.4/lib/rack/builder.rb:55:in `instance_eval'
/bundle/ruby/2.5.0/gems/rack-2.0.4/lib/rack/builder.rb:55:in `initialize'
config.ru:1:in `new'
config.ru:1:in `<main>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:110:in `eval'
/usr/share/passenger/helper-scripts/rack-preloader.rb:110:in `preload_app'
/usr/share/passenger/helper-scripts/rack-preloader.rb:156:in `<module:App>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:30:in `<module:PhusionPassenger>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:29:in `<main>'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:228:in `block in tsort_each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:350:in `block (2 levels) in each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:422:in `block (2 levels) in each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:431:in `each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:421:in `block in each_strongly_connected_component_from'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:48:in `each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:48:in `tsort_each_child'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:415:in `call'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:415:in `each_strongly_connected_component_from'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:349:in `block in each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `call'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:347:in `each_strongly_connected_component'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:226:in `tsort_each'
/usr/local/rvm/rubies/ruby-2.5.1/lib/ruby/2.5.0/tsort.rb:205:in `tsort_each'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/initializable.rb:58:in `run_initializers'
/bundle/ruby/2.5.0/gems/railties-5.1.5/lib/rails/application.rb:353:in `initialize!'
/var/www/html/config/environment.rb:5:in `<top (required)>'
config.ru:3:in `require_relative'
config.ru:3:in `block in <main>'
/bundle/ruby/2.5.0/gems/rack-2.0.4/lib/rack/builder.rb:55:in `instance_eval'
/bundle/ruby/2.5.0/gems/rack-2.0.4/lib/rack/builder.rb:55:in `initialize'
config.ru:1:in `new'
config.ru:1:in `<main>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:110:in `eval'
/usr/share/passenger/helper-scripts/rack-preloader.rb:110:in `preload_app'
/usr/share/passenger/helper-scripts/rack-preloader.rb:156:in `<module:App>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:30:in `<module:PhusionPassenger>'
/usr/share/passenger/helper-scripts/rack-preloader.rb:29:in `<main>'
tho...@mipic.co
Apr 13, 2018, 4:17:43 AM4/13/18
to Ruby on Rails: Talk
Let me clarify the situation more, I see the typos.
In my rails app, I was able to do "rails secrets:edit". The setup was stable and worked months, pipeline was building the app container for release too. This week, I have realized that when the container gets built in the pipeline then app fails to start with the error below.
While I can run the app in my development container that had bundle installed weeks ago, in all other containers where bundle install gets performed, since this week, the app fails to start with the below error.
The app uses ruby 2.5.0 and rails 5.1.5, bundler (1.16.1), rubygems-bundler (1.4.4)
This error looks the same as a one, a few months ago, when ruby 2.5 required upgrade to the system gemset. Has anyone an idea what had gone wrong? Comparing Gemfile.lock between containers, bundled gems are of identical versions. It boils down to the ruby systems gemset, however, gemset is the latest version per below. Encryption key is identical, 100 times copied over or sent in env var ;) for not believing the app fails to start.
$ sudo gem update --system
Latest version already installed. Done.
Cheers, Thomas
tho...@mipic.co
Apr 13, 2018, 6:13:35 AM4/13/18
to Ruby on Rails: Talk
Let's ditch encrypted secrets. Rails 5.2 has been released. Moving to credentials.
Ralph Shnelvar
Apr 13, 2018, 6:31:42 AM4/13/18
to rubyonra...@googlegroups.com
Thomas,
Could you point me at documentation about credentials v. encrypted secrets, please?
Ralph
Could you point me at documentation about credentials v. encrypted secrets, please?
Ralph
|
-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com. To post to this group, send email to rubyonra...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/c262ea56-237a-4bd0-adcc-a23d41f67ae9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. |
Ralph
tho...@mipic.co
Apr 13, 2018, 9:35:07 AM4/13/18
to Ruby on Rails: Talk
Reply all
Reply to author
Forward
0 new messages