0

First of all, I know there are answers to this question:

  1. PG::ConnectionBad: FATAL: password authentication failed for user "alphauser"
  2. Rails: FATAL - Peer authentication failed for user (PG::Error)

But in every case, you have to do it manually and I would like to find an answer that I can do automatically on my CI/CD pipeline to deploy in production.

The error I get is this:

FATAL:  password authentication failed for user "Jenkins_project"
Couldn't create 'Jenkins_project_production' database. Please check your configuration.
rake aborted!
PG::ConnectionBad: FATAL:  password authentication failed for user "Jenkins_project"

This happens when I try to create and migrate the DB:

docker-compose -f docker-compose.override.yml --env-file .env run web rake db:create db:migrate

I use -f docker-compose.override.yml because I am trying to deploy it in a AWS EC2 server. The docker-compose.override.yml looks like this:

version: "3"

services:
  db:
    image: postgres
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-default}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-default}
      JENKINS_PROJECT_DATABASE_PASSWORD: ${JENKINS_PROJECT_DATABASE_PASSWORD:-default}
    volumes:
      - ./tmp/db:/var/lib/postgresql/data
  web:
    build: .
    ports:
      - "3000:3000"
    depends_on:
      - db
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-default}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-default}
      POSTGRES_HOST: ${POSTGRES_HOST:-default}
      JENKINS_PROJECT_DATABASE_PASSWORD: ${JENKINS_PROJECT_DATABASE_PASSWORD:-default}

And this is connected to the .env file, so that's why I call --env-file .env on the docker-compose command.

The .env looks like this:

POSTGRES_USER=user
POSTGRES_PASSWORD=password
POSTGRES_HOST=host
JENKINS_PROJECT_DATABASE_PASSWORD=jenkins_password

My database.yml looks like this:

default: &default
  adapter: postgresql
  encoding: unicode
  host: db
  username: user
  password: password
  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>

development:
  <<: *default
  database: Jenkins_project_development

production:
  <<: *default
  database: Jenkins_project_production
  username: Jenkins_project
  password: <%= ENV['JENKINS_PROJECT_DATABASE_PASSWORD'] %>

What I am trying to do is pass the .env file "secrets" to each service on the docker-compose.override.yml when running the command and from there fill the <%= ENV['JENKINS_PROJECT_DATABASE_PASSWORD'] %> on the database.yml.

It seems I am doing something wrong but I can't figure out what. Again, I know I can do it manually but I want to make it automatic for the CI/CD pipeline to deploy.

If anyone has any idea please share. Thanks!

josegp
  • 499
  • 6
  • 21
  • Do you have the necessary ENV variables defined in the dockerfile? -- ENV JENKINS_PROJECT_DATABASE_PASSWORD, etc. – dbugger Feb 25 '22 at 21:46
  • Thank you for the idea, but I wrote `ENV JENKINS_PROJECT_DATABASE_PASSWORD=jenkins_password` and all the other envs on my Dockerfile and it is still throwing an error @dbugger – josegp Feb 26 '22 at 03:00
  • Funny thing is that even after adding the password explicitly on the `database.yml` file (`password: jenkins_password` instead of `password: <%= ENV['JENKINS_PROJECT_DATABASE_PASSWORD'] %>`), it keeps giving the same error. Surely, there must be something I am doing wrong here... – josegp Feb 26 '22 at 03:13

1 Answers1

0

Solved it by removing the username and password from the production and keeping those values from the default one:

default: &default
  adapter: postgresql
  encoding: unicode
  host: db
  username: user
  password: password
  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>

development:
  <<: *default
  database: Jenkins_project_development

production:
  <<: *default
  database: Jenkins_project_production
josegp
  • 499
  • 6
  • 21