aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKasper Timm Hansen <kaspth@gmail.com>2017-03-09 20:19:58 +0100
committerKasper Timm Hansen <kaspth@gmail.com>2017-03-09 20:21:52 +0100
commitb16dcc872bb3c094cf1f1d890bdd302593acbbe8 (patch)
tree8320b6276d3c1c56e57f2daeed984818459a23ae
parent0c19d97939161b907bef6e33024def25f98eb361 (diff)
downloadrails-b16dcc872bb3c094cf1f1d890bdd302593acbbe8.tar.gz
rails-b16dcc872bb3c094cf1f1d890bdd302593acbbe8.tar.bz2
rails-b16dcc872bb3c094cf1f1d890bdd302593acbbe8.zip
[ci skip] Document read_encrypted_secrets config.
Mostly just that it's there. Closes #28193.
-rw-r--r--railties/lib/rails/commands/secrets/USAGE8
1 files changed, 8 insertions, 0 deletions
diff --git a/railties/lib/rails/commands/secrets/USAGE b/railties/lib/rails/commands/secrets/USAGE
index 4b7deb4e2a..96e322fe91 100644
--- a/railties/lib/rails/commands/secrets/USAGE
+++ b/railties/lib/rails/commands/secrets/USAGE
@@ -40,6 +40,14 @@ be encrypted.
A `shared:` top level key is also supported such that any keys there is merged
into the other environments.
+Additionally, Rails won't read encrypted secrets out of the box even if you have
+the key. Add this:
+
+ config.read_encrypted_secrets = true
+
+to the environment you'd like to read encrypted secrets. `bin/rails secrets:setup`
+inserts this into the production environment by default.
+
=== Editing Secrets
After `bin/rails secrets:setup`, run `bin/rails secrets:edit`.