Jorge Mauricio

Asked: 2024-01-28 06:17:21 +0800 CST

Set GitHub Actions Secrets on Docker Container Build/Run Command

5

Set GitHub Actions Secrets on Docker Container Build/Run Command

I'm in the early stages of building an automated pipeline. Still in the exploring phase. Right now, I'm struggling with setting the environment variables for the container I'm going to run my app.

The idea is to have my environment variables set as GitHub Actions Secrets and configure them in the container when I run the docker container command. The container was built out of a Docker Composer file.

Right now, I have this working:

- name: Backend - Build Container (proof of concept)
  run: |
    BACKEND_CONTAINER_SH_SCRIPT='eval "GITHUB_USER=123 GITHUB_REPO_NAME=321 docker-compose -f ss-build-files/ubuntu-container-build.yml up -d && docker-compose -f ss-build-files/ubuntu-container-build.yml logs";'
    echo "${{ secrets.CONFIG_SERVER_SSH_KEY }}" > id_rsa_ssh_key_server_temp.pem;
    chmod 600 id_rsa_ssh_key_server_temp.pem;
    ssh -v -t -t -i id_rsa_ssh_key_server_temp.pem -o StrictHostKeyChecking=no ubuntu@${{ env.CONFIG_SERVER_IP }} "$BACKEND_CONTAINER_SH_SCRIPT"
    rm id_rsa_ssh_key_server_temp.pem;
    echo "Status check: jobs completed successfully!";

However, when I try to integrate with the GitHub secrets, it returns me an error in the GitHub Runner:

- name: Backend - Build Container (proof of concept)
  run: |
    BACKEND_CONTAINER_SH_SCRIPT='eval "GITHUB_USER=x${{ secrets.TEST_1 }} GITHUB_REPO_NAME=xx${{ secrets.TEST_2 }} docker-compose -f ss-build-files/ubuntu-container-build.yml up -d && docker-compose -f ss-build-files/ubuntu-container-build.yml logs";'
    echo "${{ secrets.CONFIG_SERVER_SSH_KEY }}" > id_rsa_ssh_key_server_temp.pem;
    chmod 600 id_rsa_ssh_key_server_temp.pem;
    ssh -v -t -t -i id_rsa_ssh_key_server_temp.pem -o StrictHostKeyChecking=no ubuntu@${{ env.CONFIG_SERVER_IP }} "$BACKEND_CONTAINER_SH_SCRIPT"
    rm id_rsa_ssh_key_server_temp.pem;
    echo "Status check: jobs completed successfully!";

The error:

debug1: Sending command: eval "GITHUB_USER=x*** GITHUB_REPO_NAME=xx*** docker-compose -f ss-build-files/ubuntu-container-build.yml up -d && docker-compose -f ss-build-files/ubuntu-container-build.yml logs";
bash: line 1: secret1: command not found
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 3.90.173.47 closed.
Transferred: sent 2892, received 2676 bytes, in 0.5 seconds
Bytes per second: sent 6131.9, received 5673.9
debug1: Exit status 127
Error: Process completed with exit code 127.

Note: I'm building this way because eval "GITHUB_USER=123 GITHUB_REPO_NAME=321 docker-compose -f ss-build-files/ubuntu-container-build.yml up -d && docker-compose -f ss-build-files/ubuntu-container-build.yml logs" seems to be the only way it works considering what I wish to accomplish, which is to create a node script that that reads all Secrets (the app has many environment variables) from the repo and will output a string like so:

TEST_1=${{ secrets.TEST_1 }} TEST_2=${{ secrets.TEST_2 }}

And this string, I'll merge with the rest of the Docker container command.

Anyone has any idea about the reason it's giving me this error or maybe another idea of how I could automate this part without hardcoding a .env file in the server/container?

Jorge Mauricio

Asked: 2022-03-05 07:00:22 +0800 CST

Dockerfile for Jenkins Container

0

I know that there’s an image available ready for Jenkins, but I’m trying to build a Dockerfile to run Jenkins in a container, as I’m still learning the fundamentals of Docker and Jenkins.

I tried to build a container image with Dockerfile, but there’s still something going missing. So far, this is what I got in my Dockerfile:

Dockerfile for creating an image called: jorgemauriciodev/dev-docker-ubuntu-v1:

# Image.
FROM ubuntu

# Update repository.
RUN apt-get update

# Set timezone.
RUN apt install tzdata -y
ENV TZ="America/New_York"

# Install softwares.

# wget.
RUN apt-get install wget - y
# gnupg.
RUN apt-get install -y gnupg

# Install jenkins.
RUN apt-get install default-jdk - y

# Install apache2.
RUN apt-get install apache2 - y

# Donwload package.
RUN wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -

#RUN sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
  #Outdated info.
RUN sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'

RUN apt-get update

RUN apt-get install jenkins –y

And my idea to run the image created with the Docker file, would be (CMD terminal):

sudo docker run -it -d -p 8080: 8080 jorgemauriciodev/ubuntu-docker-jenkins-dev-v1 bash

After up and running, my intention would be to access through a http address, like so: http://123.123.123.123:8080/

I think there are lines missing in the Dockerfile to initialize Jekins service, besides other details that because of my low experience with Docker and Jenkins, I don’t know about. Can anyone try to point me lines / configurations that are missing so I can get this going?

Jorge Mauricio

Asked: 2022-02-28 14:28:23 +0800 CST

Puppet manifest configuration for docker image verification

1

I’m quite new to devops/ci/cd, so bear with me.

Currently, I’m getting a puppet manifest configuration set up for docker image verification. Let me try to layout it out:

I have a puppet master server with the following configuration:

Puppetmaster version: 5.5.10-4ubuntu3
Both of the servers are linux 20.04
All hosted on AWS

/etc/puppet/code/environments/production/manifests/site.pp

node default {
    include 'docker'
    docker::image { 'jorgemauriciodev/ubuntu-dockerfile-dev-v1': }
}

Every time I try a new verification command in the .pp, I restart the puppet master server with the following command: sudo systemctl restart puppet-master

I’ve installed a module called garethr-docker on both of my servers – the agent and the master.

On the slave / agent server, I have this image docker image present and running: jorgemauriciodev/ubuntu-dockerfile-dev-v1 For the first step, I just want to check if the image exists in my slave server. Later on, I’ll figure out to make sure it’s running or built with the Dockerfile.

On the slave / agent server, I run: sudo puppet agent –test

And I receive the following error message:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, Could not find class ::docker for ip-123-123-123-123.us-east-2.compute.internal (file: /etc/puppet/code/environments/production/manifests/site.pp, line: 2, column: 5) on node ip-123-123-123-123.us-east-2.compute.internal Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run

Anyone has any idea on what I’m getting wrong with the puppet manifest file?

Edit 1:

I did some changes that were suggested. Now, my file has a diferent name and changed the content: /etc/puppet/code/environments/production/manifests/init.pp

include 'docker'
class { 'docker':
  version => 'latest',
}
docker::image { 'jorgemauriciodev/ubuntu-dockerfile-dev-v1': }

Still returns me that same error message.

Here´s the full message:

/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:315: warning: deprecated Object#=~ is called on Puppet::Transaction::Report; it always returns nil
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:315: warning: deprecated Object#=~ is called on Puppet::Transaction::Report; it always returns nil
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:315: warning: deprecated Object#=~ is called on Puppet::Transaction::Report; it always returns nil
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/indirector/request.rb:272: warning: URI.unescape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
Info: Retrieving plugin
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:315: warning: deprecated Object#=~ is called on Puppet::Transaction::Report; it always returns nil
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/indirector/request.rb:272: warning: URI.unescape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
Info: Retrieving locales
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:315: warning: deprecated Object#=~ is called on Puppet::Transaction::Report; it always returns nil
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/indirector/request.rb:272: warning: URI.unescape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, Could not find class ::docker for ip-172-31-21-116.us-east-2.compute.internal (file: /etc/puppet/code/environments/production/manifests/init.pp, line: 1, column: 1) on node ip-172-31-21-116.us-east-2.compute.internal
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
/usr/lib/ruby/vendor_ruby/puppet/file_system/uniquefile.rb:126: warning: $SAFE will become a normal global variable in Ruby 3.0
/usr/lib/ruby/vendor_ruby/puppet/util.rb:461: warning: URI.escape is obsolete
/usr/lib/ruby/vendor_ruby/puppet/file_system/uniquefile.rb:126: warning: $SAFE will become a normal global variable in Ruby 3.0

Edit 2:

I installed further modules on master server and slave/agent server with this command:

sudo puppet module install puppetlabs-docker --version 4.1.2

And it´s still returning me an error message, but now seems that it´s a different one. So, probably a syntax issue now.

Here´s the important part of the message.

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: Class[Docker] is already declared; cannot redeclare (file: /etc/puppet/code/environments/production/manifests/init.pp, line: 3) (file: /etc/puppet/code/environments/production/manifests/init.pp, line: 3, column: 1) on node ip-123-123-123-123.us-east-2.compute.internal
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

Besides this message, it´s still returning me those warnings, but the list is much bigger. However, I don´t think it´s a concern at this time.

Jorge Mauricio

Asked: 2021-10-25 08:06:15 +0800 CST

How to deploy a server side rendering (SSR) react application (bundled by webpack) on windows server 2016 / IIS

0

Just a heads up: This is the first time I try to deploy a react application on a custom built Windows server, but I’ve managed to do it successfully on Heroku and Linux (PM2), so I know that the application architecture is suppose to work correctly.

The scenario:

I’ve built a Windows Server 2016 / 64 bits hosting server to host multiple websites. I’ve used VPS Contabo to do so. I’ve tested all features that are suppose to work, even with other applications such as ASP.NET, PHP, SSL certificates and everything is working fine.

As for the specific node js project that I’m trying to host on this server, It consists of 2 main parts:

Backend in node together with a CMS, also developed in node / javascript.

I created a hosting space on a subdomain for this one and it’s working perfectly, even with the Let’s Encrypt SSL certificate. In case anyone wants to access it, would be on: https://backendnode.fullstackwebdesigner.com/system

Frontend in react server side rendering.

This is where the problem is occurring. If anyone would like to access it, here’s the link: https://fullstackwebdesigner.com/

I used basically the same technique for both of them:

iisnode;
URL rewrite extension;
iis node modules;
web.config file configuration;

The problem:

I’ve managed to get it to load as a website, just like I did with the backend, but the problem is that it seems not to load the CSS files, images and so on. So the layout doesn’t load. On the console, there’s and error message: Uncaught SyntaxError: Unexpected token '<'

The react application: As I’ve said before, it was done as a server side rendering application and bundled with webpack. So it builds the bundled files to a directory called “/build”. And in this directory, there’s a “/public” directory where all assets are in, like CSS files and images.

While developing, I would run the build on the terminal as: node build/bundle.react.js

And as strange as it may seem, when I run this on the terminal on the windows server, It works perfectly. But can only be accessed through: http://localhost:3001 It loads everything that’s suppose to load.

Here’s a simplified representation of the file structure:

- /build/
--bundle.react.js
--/build/public/
---/files-layout/
---/fonts/
---bundle.react.client.js

Here’s also the web.config file I’m using on the website hosting space for the react build:

<configuration>
    <system.webServer>
        <iisnode nodeProcessCommandLine="C:\Program Files\nodejs\node.exe" />
        
        <handlers>
            <add name="iisnode" path="/build/bundle.react.js" verb="*" modules="iisnode" />
        </handlers>

        <rewrite>
            <rules>
                <!-- Redirect to HTTPS (alternative). -->
                <rule name="Redirect to HTTPS / SSL" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                    </conditions>
                    <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
                </rule>

                <!-- Don't interfere with requests for logs. -->
                <rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
                    <match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$" />
                </rule> 
                <!-- Node. -->
                <rule name="sendToNode">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="/build/bundle.react.js" />          
                </rule>
            </rules>    
        </rewrite> 
        <defaultDocument>
            <files>
                <clear />
                <add value="/build/bundle.react.js" />
            </files>
        </defaultDocument>
        <security>
            <requestFiltering>
                <hiddenSegments>
                    <add segment="node_modules" />
                </hiddenSegments>
            </requestFiltering>
        </security>
    </system.webServer>
    <system.web>
        <compilation defaultLanguage="js" />
    </system.web>
</configuration>

Anyone has any idea of what could be missing or going on, as there hasn’t been many references on hosting server side rendering on windows server on the web? Maybe an extra configuration on IIS, web.config or on the website hosting space?

Edit:

An interesting test that I just did: on my local development computer, when I run through the terminal:

node bundle.react.js

from inside the /build folder, I get the same result as the problem that’s happening online (no layout, styles, images and so on).

But when I run through the terminal:

node build/bundle.react.js

from outside the /build folder (from the base directory), it loads perfectly.

On more thing. The base directories are organized like so:

…(some folders)
- /build/
--bundle.react.js
--/build/public/
---/files-layout/
---/fonts/
---bundle.react.client.js
-node_modules
…(some root files, like webpack and so on)

I’m guessing there’s some kind of problem referencing the /node_modules folder because of how I wrote the web.config file, but I have no idea on how should reference it.