diff options
| author | Kasper Timm Hansen <kaspth@gmail.com> | 2017-05-23 21:54:01 +0200 |
|---|---|---|
| committer | Kasper Timm Hansen <kaspth@gmail.com> | 2017-05-25 15:56:55 +0200 |
| commit | 0338c81dc2ab6ef35fe68461e39c0bad0af5bb95 (patch) | |
| tree | 61b3d298cc76ddf4e01995b15462d8d2c4285266 /railties/lib/rails/secrets.rb | |
| parent | f50471751942730e3311f8c04ae4d97365ab3243 (diff) | |
| download | rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.tar.gz rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.tar.bz2 rails-0338c81dc2ab6ef35fe68461e39c0bad0af5bb95.zip | |
Reorder first secrets edit flow.
Setup config/secrets.yml.enc with template contents for people to edit.
Then generate encryption key and encrypt the initial secrets.
Diffstat (limited to 'railties/lib/rails/secrets.rb')
| -rw-r--r-- | railties/lib/rails/secrets.rb | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/railties/lib/rails/secrets.rb b/railties/lib/rails/secrets.rb index 8b644f212c..20c20cb9f1 100644 --- a/railties/lib/rails/secrets.rb +++ b/railties/lib/rails/secrets.rb @@ -1,5 +1,6 @@ require "yaml" require "active_support/message_encryptor" +require "active_support/core_ext/string/strip" module Rails # Greatly inspired by Ara T. Howard's magnificent sekrets gem. 😘 @@ -37,6 +38,15 @@ module Rails ENV["RAILS_MASTER_KEY"] || read_key_file || handle_missing_key end + def template + <<-end_of_template.strip_heredoc + # See `secrets.yml` for tips on generating suitable keys. + # production: + # external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289… + + end_of_template + end + def encrypt(data) encryptor.encrypt_and_sign(data) end @@ -54,15 +64,12 @@ module Rails FileUtils.mv("#{path}.tmp", path) end - def read_for_editing - tmp_path = File.join(Dir.tmpdir, File.basename(path)) - IO.binwrite(tmp_path, read) - - yield tmp_path + def read_for_editing(&block) + writing(read, &block) + end - write(IO.binread(tmp_path)) - ensure - FileUtils.rm(tmp_path) if File.exist?(tmp_path) + def read_template_for_editing(&block) + writing(template, &block) end private @@ -92,6 +99,17 @@ module Rails end end + def writing(contents) + tmp_path = File.join(Dir.tmpdir, File.basename(path)) + File.write(tmp_path, contents) + + yield tmp_path + + write(File.read(tmp_path)) + ensure + FileUtils.rm(tmp_path) if File.exist?(tmp_path) + end + def encryptor @encryptor ||= ActiveSupport::MessageEncryptor.new([ key ].pack("H*"), cipher: @cipher) end |