diff options
| author | Kasper Timm Hansen <kaspth@gmail.com> | 2017-05-23 21:54:01 +0200 |
|---|---|---|
| committer | Kasper Timm Hansen <kaspth@gmail.com> | 2017-05-25 15:56:55 +0200 |
| commit | 0338c81dc2ab6ef35fe68461e39c0bad0af5bb95 (patch) | |
| tree | 61b3d298cc76ddf4e01995b15462d8d2c4285266 /railties/lib/rails/generators | |
| parent | f50471751942730e3311f8c04ae4d97365ab3243 (diff) | |
| download | rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.tar.gz rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.tar.bz2 rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.zip | |
Reorder first secrets edit flow.
Setup config/secrets.yml.enc with template contents for people to edit.
Then generate encryption key and encrypt the initial secrets.
Diffstat (limited to 'railties/lib/rails/generators')
| -rw-r--r-- | railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb | 30 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc | 3 |
2 files changed, 17 insertions, 16 deletions
diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb index 8b29213610..1da2fbc1a5 100644 --- a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb +++ b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb @@ -36,25 +36,29 @@ module Rails end def add_encrypted_secrets_file - unless File.exist?("config/secrets.yml.enc") + unless (defined?(@@skip_secrets_file) && @@skip_secrets_file) || File.exist?("config/secrets.yml.enc") say "Adding config/secrets.yml.enc to store secrets that needs to be encrypted." say "" + say "For now the file contains this but it's been encrypted with the generated key:" + say "" + say Secrets.template, :on_green + say "" - template "config/secrets.yml.enc" do |prefill| - say "" - say "For now the file contains this but it's been encrypted with the generated key:" - say "" - say prefill, :on_green - say "" - - Secrets.encrypt(prefill) - end + Secrets.write(Secrets.template) say "You can edit encrypted secrets with `bin/rails secrets:edit`." - - say "Add this to your config/environments/production.rb:" - say "config.read_encrypted_secrets = true" + say "" end + + say "Add this to your config/environments/production.rb:" + say "config.read_encrypted_secrets = true" + end + + def self.skip_secrets_file + @@skip_secrets_file = true + yield + ensure + @@skip_secrets_file = false end private diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc b/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc deleted file mode 100644 index 70426a66a5..0000000000 --- a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc +++ /dev/null @@ -1,3 +0,0 @@ -# See `secrets.yml` for tips on generating suitable keys. -# production: -# external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289… |