Deeper into the Cloud January 10, 2025

Sometimes I'm dumb. Google Cloud Build works fine and everything is good again :)

Today was a dumb day. For me. I have Cloud Build all set up as per my previous post. This is great. I can just merge to my deployment branch and a few minutes later, the latest code is running on whatever site I want! Simple. And it's working great, and copying all of the files it should be copying, so I learned after thinking it wasn't ;)

For my altarschedule.com site, I use sendgrid to send emails. This is accompanied with code to build the email, and code to send the email, and a secret API key that tells sengrid which account is sending the account. This is great and perfect, and works fine except for the occasional email ending up in spam.

It's the API key that was causing me problems. It's a secret. And even though my git repository is not public, I don't feel comfortable putting that in a file that sites on the internet somewhere. So I use .gitignore to keep it out of git and only on my computer.

And this was working in that I would run my local build, and test email sending, and I would receive an email! Good stuff.

Enter Cloud Build.  I couldn't figure out why email stopped working? This is what I'm referring to when I say I was dumb :)  I have it there. I made sure it's not ignored in the .gcloudignore file. Explicitly include it with !sendgrid.key etc. WTF Google Cloud Build?!?

Ah yes. Google Cloud Build pulls from my repository on github, which is explicitly and with very good reason bereft of that file. It just didn't occur to me because I was dumb.

Google Cloud offers a ton of neat features. You just have to enable what you need. One such feature is the “Secret Manager”. Very useful!!

A few trip ups on which permissions should be enabled on the principle  (I enabled the main service account to have “Secret Manager Secret Accessor”), and the actual name needed to access the secret. It expects something like “projects/{{projectID}}/secrets/{{name}}/versions/1”. I'll only ever have one version.

Then it's just, create a Secret Manager client in Go, and access the secret! Simple

Happy Coding!

Tags computer science cloud

Archive

2025
Jan
2024
Jan May Jun Sep Oct
2023
May Jul Dec
2022
Feb Dec
2021
Feb Mar Apr May Jun Jul Aug Sep
2020
Feb Apr May Sep Dec
2019
Jan Feb Mar Apr May
2018
Feb Mar Apr Aug Sep Oct Nov
2017
Jan Oct Nov Dec
2016
Feb Mar Oct
2015
Jan Feb Mar Apr May Jun Aug Sep Oct Dec
2014
Jan Feb Mar Apr Jun Jul Sep Oct Dec
2013
Jan Mar Apr May Jun Aug Oct
2012
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov
2011
Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2010
Aug Dec
2009
Apr
2008
Jan Feb Mar Apr May Jun Jul Aug Sep Oct
2007
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2006
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2005
Apr May Jun Jul Aug Sep Oct Nov Dec

Tags

computer science150 site news105 internet82 sports59 video games52 music44 go39 work38 node.js34 in the news33 family32 friends31 stories28 philly26 words26 macintosh22 brilliant ideas20 philosophy19 movies18 javascript18