Stubbing Rails Secrets into Build

Hi, I’ve been trying to set up circleci in but I’m having trouble stubbing in variables from my secrets.yml file that is not included in the repo. I’ve tried to set them through Settings -> Environment Variables as well as adding this to the config file

        - mv config/ config/secrets.yml

and create a second secrets file with fake information that I can add to the repo.

I’ve also tried to add the variable directly to the config.yml file like this

    apikey_id: "123"

They are still failing, asking me to include an API key that is in the secrets.yml file

Does anyone have any ideas?

What software reads that file? What is asking you to include an API key?

We use a gem called mailchimp and then initialize it
$mailchimp =

This is the error it gives me in circleci

** Invoke db:create (first_time) 
** Invoke db:load_config (first_time) 
** Execute db:load_config 
** Execute db:create Created database 'circle_ruby_test' 
** Invoke db:schema:load (first_time) 
** Invoke environment (first_time) 
** Execute environment rake aborted! Mailchimp::Error: You must provide a MailChimp API key /home/ubuntu/myapp/vendor/bundle/ruby/2.3.0/gems/mailchimp-api-2.0.6/lib/mailchimp.rb:22:in `initialize'```

What is the absolute path it is expecting to see your secrets file? I wonder if it is looking in the wrong location (or you are copying the file to the wrong location)?

This is the config file

# Check for more details
version: 2

    - mv config/ config/secrets.yml
      # specify the version you desire here
      # Specify service dependencies here if necessary
      # CircleCI maintains a library of pre-built images
      # documented at
      # - image: circleci/postgres:9.4

      mailchimp_api_key: "asdfasdfasdfasdf-us9"
    working_directory: ~/repo
      - checkout

      # Download and cache dependencies
      - restore_cache:
          - v1-dependencies-{{ checksum "Gemfile.lock" }}
          # fallback to using the latest cache if no exact match is found
          - v1-dependencies-

      - run:
          name: install dependencies
          command: |
            bundle install --jobs=4 --retry=3 --path vendor/bundle

      - save_cache:
            - ./vendor/bundle
          key: v1-dependencies-{{ checksum "Gemfile.lock" }}
      # Database setup
      - run: bundle exec rake db:create
      - run: bundle exec rake db:schema:load

      # run tests!
      - run:
          name: run tests
          command: |
            mkdir /tmp/test-results            
            bundle exec rake test

      # collect reports
      - store_test_results:
          path: /tmp/test-results
      - store_artifacts:
          path: /tmp/test-results
          destination: test-results

With the absolute path to my secrets being /Users/nguyen1990/Repositories/myapp/config/secrets.yml

Hmm, I wonder whether you are getting your syntaxes mixed up. There is no top-level key called dependencies as far as I know. Docs are here.

Where did you get that syntax from?

I honestly dont remember where I saw this. Where should I put the dependencies key?

There is no such thing, that’s my point. What you do want it to do? :slightly_smiling_face:

If this is part of an ordinary job flow, then you need to make a run step after your checkout.

Oh thats strange. I saw it here How can I set secrets.yml for test environment for CircleCI?

Essentially I just need to load a fake secrets.yml file or just replace the mailchimp_api_key secrets key that is called.

Is there a reason why I can’t just use Settings -> Environment Variables?

Ah, from 2016 - I expect that is valid in Circle 1.0, which is now no longer in operation.

I would certainly try it, good idea.

I’ve tried using the variables and it does not work. It shows that it’s loading in, but still errors out

And the code that is called is $mailchimp =

Did you have any idea @halfer?

Not really; it’s a bit hard to help, since rake is just a task runner, and it could be doing any number of things (and the code is not visible here). Can you create a minimum problem example on GitHub? You can use an invalid key, since presumably the error will be different if a key is provided and incorrect.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.