Reputation: 2616
Fog-google doesn't find credentials
I have a Rails 5 application with Carrierwave. I would like to use fog-google gem but I cannot set it up because fog cannot retrieve the credentials.
I created a .fog file in my application root populated this way:
default:
google_project: XXXX-website-cdn
google_client_email: [email protected]
google_json_key_location: google-storage-cdn.json
I then tried to run pry as mentioned in the guidelines, but it doesn't get the credentials.
[3] pry(main)> connection = Fog::Compute::Google.new
ArgumentError: Missing required arguments: google_project
from /Users/ab/.rvm/gems/ruby-2.3.1/gems/fog-core-1.43.0/lib/fog/core/service.rb:244:in `validate_options'
Infact:
[4] pry(main)> Fog.credentials
=> {}
Where do I tell fog to get credentials from the .fog file?
I don't know if it might be useful to know that I'm using Figaro gem to manage my secrets.
Upvotes: 1
Views: 1189
Answers (2)
Reputation: 811
I was looking for a while for a solution on how to avoid putting this .fog file into my home directory as it makes completely no sense. Up to the point of writing this comment, the official github documentation isn't updated. However, there is an open issue on fog-google github repo that demonstrates how to acheive it.
config/initializers/carrierwave.rb
CarrierWave.configure do |config|
config.fog_provider = 'fog/google'
config.fog_credentials = {
provider: 'Google',
google_project: Rails.application.secrets.google_cloud_storage_project_name,
google_json_key_string: Rails.application.secrets.google_cloud_storage_credential_content
# can optionally use google_json_key_location if using an actual file;
# however, I am using **Heroku** where you can't store physical files unless you
# check them into the repo (and you don't want to do that with service account credentials!)
}
config.fog_directory = Rails.application.secrets.google_cloud_storage_bucket_name
end
config/secrets.yml
development:
google_cloud_storage_project_name: your-project-name
google_cloud_storage_credential_content: '{
"type": "service_account",
"project_id": "your-project-name",
"private_key_id": "REDACTED",
"private_key": "-----BEGIN PRIVATE KEY-----REDACTED-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "REDACTED",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/REDACTED%40your-project-name.iam.gserviceaccount.com"
}'
google_cloud_storage_bucket_name: your-bucket-name
All credit goes to the poster of the solution cireficc
Upvotes: 0
Reputation: 2616
QUICK SOLUTION
Put the .fog file in the root of the server (or your computer), not the one of the app.
This is pretty bad, but it's the first I found while quickly looking to solve the problem.
RIGHT SOLUTION
If you use google_json_key_location: google-storage-cdn.json Rails will look into / folder of the current server (your computer if you are working locally). In order to look into the application folder you need to use a Rails helper.
Rails.root.join( 'google-storage-cdn.json' )
# return /path/to/your/app/google-storage-cdn.json
Upvotes: 1
Related Questions
- HTTP 401 Fog::Storage::Rackspace::ServiceError
- Storage Access Credentials for Google Storage for carrierwave gem in a Rails Application
- CarrierWave Fog Credentials, Access Denied
- Google Authentication error Ruby on Rails
- fog Missing required arguments: aws_access_key_id
- "Excon::Error::Forbidden" error when trying to save files to Google Cloud Storage with Fog and Carrierwave
- Missing required arguments: aws_access_key_id, aws_secret_access_key (ArgumentError)
- Fog-Google Storage Specify Project
- Authenticating with service account (email & key) in fog-google
- Where do I centrally configure the access credentials for the fog gem?