https://www.prisma.io/ logo
Join Slack
Powered by
I get the error message ```Authentication token is...
# orm-help
p
I get the error message
Copy code
Authentication token is invalid: Token can't be decoded: Expected token [null] to be composed of 2 or 3 parts separated by dots.
when trying to run 
prisma deploy
. I created a token with 
prisma token
. What should I do with it? Where can I store it? And where can I store my private RSA key, for deploying the service? I was never asked to which cluster/server I want to deploy.
d
this is more complex problem, see more info here ... https://github.com/graphcool/prisma/issues/2273#issuecomment-385170960
just make sure to keep cluster name in your prisma.yml and then have a correct clusterSecret in .prisma/config.yml
p
@Daniel K. I guess this tutorial here won't work with the current prisma version, am I right? The structure of the secret changed between the 2 versions. https://blog.graph.cool/how-to-deploy-a-prisma-cluster-to-aws-fargate-using-docker-cloudformation-293aa8727b89
d
haven't read the tutorial yet, but I have succesfully deployed to my AWS EC2 yesterday
p
Could you elaborate, what you did, to accomplish this?
Which version are you using?
d
1.7.3 ... the major change is that instead of RSA key you have a secret which creates symmetric token
you have to set that secret in the docker-compose.yml and then when running deploy there have to be PRISMA_MANAGEMENT_API_SECRET env variable with that secret
p
How many files do you have in total for your prisma service? Are you hosting it within a docker container?
d
how many files? not sure I understand, there are two docker containers (prisma service and db)
p
Sorry for the strange question, I'm stuck at the moment and lack the understanding of the whole deploy process.
d
I am not saying that I am some master at this, but it works so far ๐Ÿ™‚
p
I followed the tutorial and created a RDS instance using cloudformation to host my db.
d
sorry, I am not using RDS, cannot help with that
p
Do you have external access to your db within the container on AWS?
d
I assume you will have to make your own Dockerfile based on docker-compose.yml from upgrade guide and just include prisma service
well, I don't need it, I am fine with graphql playground ๐Ÿ™‚
p
That would be crucial for my application as I need to tie in another backend at some point.
d
RDS is probably better solution for scalability, I currently don't need that yet
p
Okay, wait a sec. Would It be possible for you to share your current prisma project setup (of course with dummy data), so I can understand the structure better?
It's really confusing to talk about a full project, when there are no really complete tutorials for the current version.
d
I don't have anything special really, just the docker-compose.yml from upgrade guide
p
Besides that, you have a datamodel.graphql and a prisma.yml and a .env file. Is that correct?
Or are there any more files?
d
something like that, I do have 3 .env files actually for different environments
p
And thats one of that points I don't understand as of now, because I never saw an extensive example that covered the use of those.
Are there any examples for them in the official doc repo?
d
Copy code
PRISMA_CLUSTER=
PRISMA_ENDPOINT=
PRISMA_MANAGEMENT_API_SECRET=
PRISMA_SECRET=
PRISMA_TOKEN=
Copy code
# to disable authentication:
secret: ${env:PRISMA_SECRET}

# the file path pointing to your data model
datamodel: datamodel.graphql

endpoint: ${env:PRISMA_ENDPOINT}

cluster: ${env:PRISMA_CLUSTER}

hooks:
  post-deploy:
    - echo "Deployment finished"
    - graphql get-schema --project database
    - graphql prepare
p
'PRISMA_CLUSTER' Shouldn't it be called server as of now?
d
it should ๐Ÿ˜„ the cluster is still referenced from ~/.prisma/config.yml unfortunately
p
That's the exact reason why you shouldn't release a breaking version change every month. Everyone just gets confused... WTF
d
yea, I told them already many times, they messed up with this release big time
p
Where did you copy those contents from? Is there an doc entry for the .env?
d
have you read upgrade guide ? ๐Ÿ™‚
p
I did, but this must have slipped my eyes.
d
either way env variable substitution is just YAML feature, it has nothing to do with Prisma at all
if you create additional .env files, you can then just exec eg. 
prisma deploy -e .env.aws
to read different vars and those will be used in prisma.yml
p
Oh this is all so confusing... ๐Ÿคจ The official doc says, that the prisma.yml consists of two entries and the cluster is definite not part of it and yet it is still needed...
d
well, bug... ๐Ÿ™‚
p
Last question for now: ๐Ÿ˜„ How did you setup the AWS service for the container to be deployed to. Can you recommend a good tutorial?
d
p
Great, thank you!
Now just one more thing, whats the difference between PRISMA_MANAGEMENT_API_SECRET and PRISMA_SECRET?
d
well, the first one is for securing communication to manage prisma services ... other was is for securing particular service
in other words, the first one is known by whole docker container / server / cluster ... other one is stored in the database to generate tokens (with prisma token)
p
And where is the TOKEN from you env file actually used?
d
well, if you use hooks to download schema and generate bindings and your services is secured, then obviously you need a token generated to access it ๐Ÿ™‚
Copy code
database:
    schemaPath: src/generated/prisma.graphql
    extensions:
      prisma: src/database/prisma.yml
      prepare-binding:
        output: src/generated/prisma.ts
        generator: prisma-ts
      endpoints:
        default:
          url: ${env:PRISMA_ENDPOINT}
          headers:
            Authorization: "Bearer ${env:PRISMA_TOKEN}"
but this is totally weird and I hope they are going to change it
p
Do you have experience with the following error: 
ERROR: Authentication token is invalid: Token can't be decoded: Illegal base64 character 5c
?
d
haven't seen that one yet ๐Ÿ˜„
p
I originally created my project in v 1.6.3.
d
I have project since 1.4 ๐Ÿ™‚
p
This happens, when I try to deploy it with that version.
I just don't see a reason to upgrade to a bugged version now.
d
well then it's obvious, since 1.7 has different authentication mechanism, it's incompatible
for me, 1.7 contains other bugfixes I need, so I had to go extra mile to make it working
p
It would just be nice to know, which token this error message actually refers to.
d
are you running prisma deploy? then it's most likely the secret from prisma.yml
but if the service you are deploying does not exists on the server, it also needs other secret
p
Copy code
# the name for the service (will be part of the service's HTTP endpoint)
service: service-prisma

# the cluster and stage the service is deployed to
stage: prod

# to disable authentication:
#disableAuth: true
secret: 'zgk04283LRRpRpA20cVe0i8'

# the file path pointing to your data model
datamodel: datamodel.graphql

cluster: service-prisma-live
d
and do you have that long env var defined?
p
That's the prisma.yml I'm using.
You mean the secret?
d
management_api_secret
p
No, but this is v 1.6.3 Is it required here too?
d
... you cannot deploy to 1.6.3 with prisma 1.7 ๐Ÿ˜„
p
I know, I installed an earlier version.
d
well, I cannot help you with that, you went some other path than me, sorry
p
Thank you for your time and your help @Daniel K.! ๐Ÿ™‚
n
I haven't read the entire thread. What's your situation and your questions now, @pasa?
p
@nilan I'm currently not in range of my pc. I will answer you as soon, as I'm able to.
Thanks for your response.
Open in Slack
PreviousNext
Powered by