Tell users how to assign a $EDITOR.

In case there's no $EDITOR assigned users would see a cryptic:

```
% EDITOR= bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied
New secrets encrypted and saved.
```

That error is misleading, so give a hint in this easily detectable case.

Fixes #28143.

1 files changed, 11 insertions, 0 deletions

diff --git a/railties/lib/rails/commands/secrets/secrets_command.rb b/railties/lib/rails/commands/secrets/secrets_command.rb
index 3ba8c0c85b..9438eeb9f7 100644
--- a/railties/lib/rails/commands/secrets/secrets_command.rb
+++ b/railties/lib/rails/commands/secrets/secrets_command.rb
@@ -18,6 +18,17 @@ module Rails
       end
 
       def edit
+        if ENV["EDITOR"].empty?
+          say "No $EDITOR to open decrypted secrets in. Assign one like this:"
+          say ""
+          say %(EDITOR="mate --wait" bin/rails secrets:edit)
+          say ""
+          say "For editors that fork and exit immediately, it's important to pass a wait flag,"
+          say "otherwise the secrets will be saved immediately with no chance to edit."
+
+          return
+        end
+
         require_application_and_environment!
 
         Rails::Secrets.read_for_editing do |tmp_path|