简体繁体 English

Laravel 部署在 CodePipeline 中的 Elastic Beanstalk 应用程序给出 500 SERVER ERROR

[英]Laravel Elastic Beanstalk app deployed in CodePipeline giving 500 SERVER ERROR

原文 2020-12-17 11:34:12 2 2 php/ laravel/ amazon-web-services/ amazon-elastic-beanstalk/ aws-codepipeline

I've created a Laravel app locally.我在本地创建了一个 Laravel 应用程序。 (This is working fine) （这工作正常）

After, deployed that app to AWS Elastic Beanstalk with a.zip file.之后，使用 .zip 文件将该应用程序部署到 AWS Elastic Beanstalk。 (This is working fine) （这工作正常）

Then, created a simple pipeline using AWS CodePipeline to grab data from a particular GitHub repo and deploy to that specific AWS Elastic Beanstalk environment.然后，使用 AWS CodePipeline 创建一个简单的管道，以从特定的 GitHub 存储库中获取数据并部署到该特定的 AWS Elastic Beanstalk 环境。 I see that any push I make to that particular repo, the CodePipeline does then deploy to that particular AWS Elastic Beanstalk environment.我看到我对该特定存储库所做的任何推送，CodePipeline 都会部署到该特定 AWS Elastic Beanstalk 环境。

The problem is that the instance now has问题是实例现在有

with the following Recent Event与以下最近的事件

Environment health has transitioned from Warning to Severe.环境健康已从警告转变为严重。 100.0 % of the requests are failing with HTTP 5xx. 100.0% 的请求以 HTTP 5xx 失败。 ELB processes are not healthy on all instances. ELB 进程并非在所有实例上都运行良好。 Application restart completed 42 seconds ago and took 7 seconds.应用程序重新启动在 42 秒前完成，耗时 7 秒。 ELB health is failing or not available for all instances. ELB 运行状况失败或不适用于所有实例。 One or more TargetGroups associated with the environment are in a reduced health state: - awseb-AWSEB-CVIEEN5EVRFC - Warning与环境关联的一个或多个 TargetGroup 的健康状况降低 state：-awseb-AWSEB-CVIEEN5EVRFC - 警告

and if I go to its URL I get a如果我 go 到它的 URL 我得到一个

500 | 500 | SERVER ERROR服务器错误

Deleted the.zip file from the root of the repo as that could've been causing a conflict.从 repo 的根目录中删除了 .zip 文件，因为这可能会导致冲突。 It didn't solve.它没有解决。

Checked the Full Logs but couldn't spot anything useful.检查了完整的日志，但找不到任何有用的东西。

2 个解决方案

Based on the comments.根据评论。

The issue was caused by missing .env file in the deployment package/artifact that CodePipeline deploys.该问题是由 CodePipeline 部署的部署包/工件中缺少.env文件引起的。 This was caused by the file not being committed into the GitHub repository.这是由于文件未提交到 GitHub 存储库中造成的。

To determine the cause, the CodePipeline's artifact was inspected.为了确定原因，检查了CodePipeline 的工件。 The artifact can be found in CodePipeline's bucket or in EB Application versions (in the Source column) and it is an objects a random name without an extension.该工件可以在 CodePipeline 的存储桶或 EB 应用程序版本（在 Source 列中）中找到，它是一个没有扩展名的随机名称的对象。 In OP's case it was S40pAMw .在 OP 的情况下，它是S40pAMw 。 It should be noted that this object is just a zip file without extension.需要注意的是，这个object只是一个没有扩展名的zip文件。 To inspect it content, adding the extension to the download object allowed for straight forward opening of the zip archive.要检查它的内容，将扩展添加到下载 object 允许直接打开zip存档。

(Please see @JackPrice-Burns answer for alternative way of dealing with env variables). （有关处理环境变量的替代方法，请参阅@JackPrice-Burns 答案）。

The solution was to commit the missing file into the repository.解决方案是将丢失的文件提交到存储库中。 Once that was done, the CodePipeline was triggered完成后，触发 CodePipeline

and once the deployment finished the Health of the Elastic Beanstalk instance changed to Ok部署完成后，Elastic Beanstalk 实例的运行状况更改为 Ok

and the 500 |和 500 | SERVER ERROR was now gone服务器错误现在消失了

This issue specifically was caused by missing environment variables.此问题具体是由缺少环境变量引起的。

It is BAD practice to commit.env or any files containing secrets to GitHub or any other source control system. commit.env 或任何包含 GitHub 或任何其他源代码控制系统机密的文件是不好的做法。

First of all, if that repository is public in any way, all of the secrets are now also public, database credentials, encryption keys, AWS access credentials.首先，如果该存储库以任何方式公开，那么所有机密现在也是公开的，包括数据库凭证、加密密钥、AWS 访问凭证。
Secondly, a common attack vector is the.git folder, and the underlying source control repository.其次，一个常见的攻击向量是.git文件夹，以及底层的源代码控制库。 Potentially a malicious user (if they found the source control details) could gain access to your secrets if your GitHub (or other accounts) were compromised.如果您的 GitHub（或其他帐户）遭到入侵，则潜在的恶意用户（如果他们发现源代码控制详细信息）可能会访问您的机密。
Thirdly, if you would like to setup multiple environments for your code, a production / develop / local environment for example.第三，如果您想为您的代码设置多个环境，例如生产/开发/本地环境。 You now can't easily change these environment variables on a per environment basis as they're committed directly to the repository.您现在无法轻松地在每个环境的基础上更改这些环境变量，因为它们直接提交到存储库。

In the ElasticBeanstalk console you can go to Configuration -> Software and add environment variables at the bottom of the page (screen shot attached).在 ElasticBeanstalk 控制台中，您可以 go 到 Configuration -> Software 并在页面底部添加环境变量（附屏幕截图）。 These environment variables will be picked up by Laravel.这些环境变量将被 Laravel 拾取。 Set all variables that are in the.env on that settings page and do not commit the.env.在该设置页面上设置 .env 中的所有变量，并且不要提交 .env。

Another good practice to follow is not committing your vendor folder.另一个要遵循的好习惯是不提交您的供应商文件夹。 AWS CodePipeline allows you to create another step which can build your source code. AWS CodePipeline 允许您创建另一个可以构建源代码的步骤。 This build step can take in your source control code, run composer install (to generate the vendor folder) and then send that to Elastic Beanstalk for deployment.此构建步骤可以接收您的源代码控制代码，运行 composer install（以生成供应商文件夹），然后将其发送到 Elastic Beanstalk 进行部署。

Firstly, committing the vendor folder drastically increases the size of your repository and how long it takes to clone your repository.首先，提交供应商文件夹会大大增加存储库的大小以及克隆存储库所需的时间。
Secondly, merging code from different branches can become difficult if you're dealing with the whole vendor folder as well which can become thousands of files and millions of lines of code.其次，如果您还要处理整个供应商文件夹，那么合并来自不同分支的代码可能会变得很困难，这可能会变成数千个文件和数百万行代码。
Thirdly, if you would like to track how much work has actually been done for your repo on a per contributor basis, it becomes difficult because if someone commits a vendor folder change, they will commit whole packages which they didn't code themselves.第三，如果您想在每个贡献者的基础上跟踪您的 repo 实际完成了多少工作，这会变得很困难，因为如果有人提交了供应商文件夹更改，他们将提交他们自己没有编码的整个包。