Github CD fails, cannot run /app/bin/migrate

I’m trying to get the Github CD working, and it looks like it’s working but when I push the deployment action hangs for a long time before timing out. I looked on the Monitoring page of my app and found this:

 2023-06-25T06:09:01.730 runner[e28615dce096e8] ord [info] Configuring firecracker

2023-06-25T06:09:02.011 app[e28615dce096e8] ord [info] INFO Starting init (commit: 0b28cec)...

2023-06-25T06:09:02.103 app[e28615dce096e8] ord [info] INFO Preparing to run: `/app/bin/migrate` as nobody

2023-06-25T06:09:02.107 app[e28615dce096e8] ord [info] ERROR Error: failed to spawn command: /app/bin/migrate: Permission denied (os error 13)

2023-06-25T06:09:02.108 app[e28615dce096e8] ord [info] does `/app/bin/migrate` exist and is it executable?

2023-06-25T06:09:02.108 app[e28615dce096e8] ord [info] [ 0.202495] reboot: Restarting system

2023-06-25T06:09:02.189 app[e28615dce096e8] ord [warn] Virtual machine exited abruptly

2023-06-25T06:09:02.258 runner[e28615dce096e8] ord [info] machine restart policy set to 'no', not restarting 

Every time I deploy now from my dev machine it works, doing this:

 2023-06-25T05:53:55.522 runner[4d89627a610628] ams [info] Configuring firecracker

2023-06-25T05:53:55.818 app[4d89627a610628] ams [info] INFO Starting init (commit: 0b28cec)...

2023-06-25T05:53:55.835 app[4d89627a610628] ams [info] INFO Preparing to run: `/app/bin/migrate` as nobody

2023-06-25T05:53:55.846 app[4d89627a610628] ams [info] INFO [fly api proxy] listening at /.fly/api

2023-06-25T05:53:55.865 app[4d89627a610628] ams [info] 2023/06/25 05:53:55 listening on [fdaa:2:6230:a7b:c207:630a:3c53:2]:22 (DNS: [fdaa::3]:53)

2023-06-25T05:53:57.868 app[4d89627a610628] ams [info] 05:53:57.864 [info] Migrations already up

2023-06-25T05:53:58.849 app[4d89627a610628] ams [info] INFO Main child exited normally with code: 0

2023-06-25T05:53:58.850 app[4d89627a610628] ams [info] WARN Reaped child process with pid: 282 and signal: SIGUSR1, core dumped? false

2023-06-25T05:53:58.850 app[4d89627a610628] ams [info] INFO Starting clean up.

2023-06-25T05:53:58.851 app[4d89627a610628] ams [info] WARN hallpass exited, pid: 232, status: signal: 15 (SIGTERM)

2023-06-25T05:53:58.855 app[4d89627a610628] ams [info] 2023/06/25 05:53:58 listening on [fdaa:2:6230:a7b:c207:630a:3c53:2]:22 (DNS: [fdaa::3]:53)

2023-06-25T05:53:59.851 app[4d89627a610628] ams [info] [ 4.133268] reboot: Restarting system

2023-06-25T05:53:59.989 runner[4d89627a610628] ams [info] machine restart policy set to 'no', not restarting

2023-06-25T06:01:24.631 runner[6e8293ea753738] ams [info] Pulling container image

2023-06-25T06:01:29.640 runner[6e8293ea753738] ams [info] Successfully prepared image (5.00841786s) 

Here is my fly.toml:

app = "tqstools"
primary_region = "ord"
kill_signal = "SIGTERM"

  release_command = "/app/bin/migrate"

  PHX_HOST = ""
  PORT = "8080"

  internal_port = 8080
  force_https = true
  auto_stop_machines = true
  auto_start_machines = true
  min_machines_running = 0
    type = "connections"
    hard_limit = 1000
    soft_limit = 1000

My Dockerfile:

ARG DEBIAN_VERSION=bullseye-20230227-slim


FROM ${BUILDER_IMAGE} as builder

# install build dependencies
RUN apt-get update -y && apt-get install -y build-essential git \
    && apt-get clean && rm -f /var/lib/apt/lists/*_*

# prepare build dir

# install hex + rebar
RUN mix local.hex --force && \
    mix local.rebar --force

# set build ENV
ENV MIX_ENV="prod"

# install mix dependencies
COPY mix.exs mix.lock ./
RUN mix deps.get --only $MIX_ENV
RUN mkdir config

# copy compile-time config files before we compile dependencies
# to ensure any relevant config change will trigger the dependencies
# to be re-compiled.
COPY config/config.exs config/${MIX_ENV}.exs config/
RUN mix deps.compile

COPY priv priv

COPY lib lib

COPY assets assets

# compile assets
RUN mix assets.deploy

# Compile the release
RUN mix compile

# Changes to config/runtime.exs don't require recompiling the code
COPY config/runtime.exs config/

COPY rel rel
RUN mix release

# start a new build stage so that the final image will only contain
# the compiled release and other runtime necessities

RUN apt-get update -y && apt-get install -y libstdc++6 openssl libncurses5 locales \
  && apt-get clean && rm -f /var/lib/apt/lists/*_*

# Set the locale
RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen


WORKDIR "/app"
RUN chown nobody /app

# set runner ENV
ENV MIX_ENV="prod"

# Only copy the final release from the build stage
COPY --from=builder --chown=nobody:root /app/_build/${MIX_ENV}/rel/tqstools ./

USER nobody

CMD ["/app/bin/server"]

# Appended by flyctl
ENV ERL_AFLAGS "-proto_dist inet6_tcp"

And my elixir.yaml file in .github/workflows/:

name: Elixir CI

# Define workflow that runs when changes are pushed to the
# `main` branch or pushed to a PR branch that targets the `main`
# branch. Change the branch name if your project uses a
# different name for the main branch like "master" or "production".
    branches: [ "main" ]  # adapt branch for project
    branches: [ "main" ]  # adapt branch for project

# Sets the ENV `MIX_ENV` to `test` for running tests
  MIX_ENV: test

  contents: read

    # Set up a Postgres DB service. By default, Phoenix applications
    # use Postgres. This creates a database for running tests.
    # Additional services can be defined here if required.
        image: postgres:12
        ports: ['5432:5432']
          POSTGRES_PASSWORD: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5

    runs-on: ubuntu-latest
    name: Test on OTP ${{matrix.otp}} / Elixir ${{matrix.elixir}}
      # Specify the OTP and Elixir versions to use when building
      # and running the workflow steps.
        otp: ['25.3.0']       # Define the OTP version [required]
        elixir: ['1.14.4']    # Define the elixir version [required]
    # Step: Setup Elixir + Erlang image as the base.
    - name: Set up Elixir
      uses: erlef/setup-beam@v1
        otp-version: ${{matrix.otp}}
        elixir-version: ${{matrix.elixir}}

    # Step: Check out the code.
    - name: Checkout code
      uses: actions/checkout@v3

    # Step: Define how to cache deps. Restores existing cache if present.
    - name: Cache deps
      id: cache-deps
      uses: actions/cache@v3
        cache-name: cache-elixir-deps
        path: deps
        key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }}
        restore-keys: |
          ${{ runner.os }}-mix-${{ env.cache-name }}-

    # Step: Define how to cache the `_build` directory. After the first run,
    # this speeds up tests runs a lot. This includes not re-compiling our
    # project's downloaded deps every run.
    - name: Cache compiled build
      id: cache-build
      uses: actions/cache@v3
        cache-name: cache-compiled-build
        path: _build
        key: ${{ runner.os }}-mix-${{ env.cache-name }}-${{ hashFiles('**/mix.lock') }}
        restore-keys: |
          ${{ runner.os }}-mix-${{ env.cache-name }}-
          ${{ runner.os }}-mix-

    # Step: Conditionally bust the cache when job is re-run.
    # Sometimes, we may have issues with incremental builds that are fixed by
    # doing a full recompile. In order to not waste dev time on such trivial
    # issues (while also reaping the time savings of incremental builds for
    # *most* day-to-day development), force a full recompile only on builds
    # that are retried.
    - name: Clean to rule out incremental build as a source of flakiness
      if: github.run_attempt != '1'
      run: |
        mix deps.clean --all
        mix clean
      shell: sh

    # Step: Download project dependencies. If unchanged, uses
    # the cached version.
    - name: Install dependencies
      run: mix deps.get

    # Step: Compile the project treating any warnings as errors.
    # Customize this step if a different behavior is desired.
    - name: Compiles without warnings
      run: mix compile --warnings-as-errors

    # Step: Check that the checked in code has already been formatted.
    # This step fails if something was found unformatted.
    # Customize this step as desired.
    #- name: Check Formatting
    #  run: mix format --check-formatted

    # Step: Execute the tests.
    - name: Run tests
      run: mix test

    needs: test
    name: Deploy app
    runs-on: ubuntu-latest
      - uses: actions/checkout@v3
      - uses: superfly/flyctl-actions/setup-flyctl@master
      - run: flyctl deploy --remote-only
          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}

Is there something I’m doing wrong? I am pretty new at setting all this up, and I’m going mostly from the documentation.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.