do not crash when `config/secrets.yml` is blank.

3 files changed, 14 insertions, 1 deletions

diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md
index a57d56f4aa..bade9ef543 100644
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@@ -1,3 +1,7 @@
+*   Do not crash when `config/secrets.yml` is empty.
+
+    *Yves Senn*
+
 *   Set `dump_schema_after_migration` config values in production.
 
     Set `config.active_record.dump_schema_after_migration` as false
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 36432e56ba..314a789b96 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -308,7 +308,8 @@ module Rails
         yaml = config.paths["config/secrets"].first
         if File.exist?(yaml)
           require "erb"
-          env_secrets = YAML.load(ERB.new(IO.read(yaml)).result)[Rails.env]
+          all_secrets = YAML.load(ERB.new(IO.read(yaml)).result) || {}
+          env_secrets = all_secrets[Rails.env]
           secrets.merge!(env_secrets.symbolize_keys) if env_secrets
         end
 
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index b814479540..b2d0e7e202 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -336,6 +336,14 @@ module ApplicationTests
       assert_equal 'myamazonsecretaccesskey', app.secrets.aws_secret_access_key
     end
 
+    test "blank config/secrets.yml does not crash the loading process" do
+      app_file 'config/secrets.yml', <<-YAML
+      YAML
+      require "#{app_path}/config/environment"
+
+      assert_nil app.secrets.not_defined
+    end
+
     test "protect from forgery is the default in a new app" do
       make_basic_app