diff options
| author | Claudio B <claudiob@users.noreply.github.com> | 2017-09-19 15:08:32 -0700 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2017-09-19 17:08:32 -0500 |
| commit | 2f8ecdb21d110ae2f862582cc31e5a10f487a3b7 (patch) | |
| tree | acefb4537d816eac682c027bdd2744632eff4eb7 /railties/lib | |
| parent | e0484a3730194ccafa2e86e5d663116fc2febf02 (diff) | |
| download | rails-2f8ecdb21d110ae2f862582cc31e5a10f487a3b7.tar.gz rails-2f8ecdb21d110ae2f862582cc31e5a10f487a3b7.tar.bz2 rails-2f8ecdb21d110ae2f862582cc31e5a10f487a3b7.zip | |
Use credentials, not secrets, for Active Storage (#30650)
According to #30067:
> This PR will deprecate secrets.yml* and instead adopt
> config/credentials.yml.enc to signify what these secrets are specifically
> for: Keeping API keys, database passwords, and any other integration
> credentials in one place.
[ci skip] since only comments are being edited.
Diffstat (limited to 'railties/lib')
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/storage.yml | 8 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/credentials/credentials_generator.rb | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/storage.yml b/railties/lib/rails/generators/rails/app/templates/config/storage.yml index 089ed4567a..9ad779d334 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/storage.yml +++ b/railties/lib/rails/generators/rails/app/templates/config/storage.yml @@ -6,10 +6,10 @@ local: service: Disk root: <%%= Rails.root.join("storage") %> -# Use rails secrets:edit to set the AWS secrets (as shared:aws:access_key_id|secret_access_key) +# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key) # amazon: # service: S3 -# access_key_id: <%%= Rails.application.secrets.dig(:aws, :access_key_id) %> +# access_key_id: <%%= Rails.application.credentials.dig(:aws, :access_key_id) %> # secret_access_key: <%%= Rails.application.secrets.dig(:aws, :secret_access_key) %> # region: us-east-1 # bucket: your_own_bucket @@ -21,12 +21,12 @@ local: # keyfile: <%%= Rails.root.join("path/to/gcs.keyfile") %> # bucket: your_own_bucket -# Use rails secrets:edit to set the Azure Storage secret (as shared:azure_storage:storage_access_key) +# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key) # microsoft: # service: AzureStorage # path: your_azure_storage_path # storage_account_name: your_account_name -# storage_access_key: <%%= Rails.application.secrets.dig(:azure_storage, :storage_access_key) %> +# storage_access_key: <%%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %> # container: your_container_name # mirror: diff --git a/railties/lib/rails/generators/rails/credentials/credentials_generator.rb b/railties/lib/rails/generators/rails/credentials/credentials_generator.rb index ddcccd5ce5..21ca566818 100644 --- a/railties/lib/rails/generators/rails/credentials/credentials_generator.rb +++ b/railties/lib/rails/generators/rails/credentials/credentials_generator.rb @@ -37,7 +37,7 @@ module Rails private def credentials_template - "# amazon:\n# access_key_id: 123\n# secret_access_key: 345\n\n" + + "# aws:\n# access_key_id: 123\n# secret_access_key: 345\n\n" + "# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.\n" + "secret_key_base: #{SecureRandom.hex(64)}" end |