| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Allow edits of existing encrypted secrets generated on Rails 5.1,
but refer to credentials when attempting to setup.
This also removes the need for any of the setup code, so the
generator can be ripped out altogether.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In encrypted secrets, the tmp file is used as a fixed file
(`secrets.yml.enc` under the tmp directory).
And that tmp file will be removed after process.
Therefore, if edit secrets at the same time with multiple applications,
the tmp file was conflicting.
In order to avoid the above issue, added pid to tmp file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until Rails 5.1.1 secrets was treated as binary inside Rails.
https://github.com/rails/rails/blob/v5.1.1/railties/lib/rails/secrets.rb#L59
https://github.com/rails/rails/blob/v5.1.1/railties/lib/rails/secrets.rb#L63
However, it is treated as String in Rails 5.1.2(changed by 157db872103429e8782b62d1cb5d1d91337177a7).
https://github.com/rails/rails/blob/v5.1.2/railties/lib/rails/secrets.rb#L104
https://github.com/rails/rails/blob/v5.1.2/railties/lib/rails/secrets.rb#L108
As a result, when upgrading from Rails 5.1.1 to 5.1.2, to write the value
treated as binary using `File.write`, causing an error.
In order to avoid `UndefinedConversionError`, fixed it to treat it as
binary like 5.1.1.
Fixes #29696
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, if open a file with `secrets:edit` command, `secrets.yml.enc`
will be changed even if its contents do not change.
Therefore, even if only want to check secrets, the difference will come
out. This is a little inconvenient.
As a fix to the above problem, when content does not change,
`secrets.yml.ecn` is fixed so that it is not changed.
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |
|
| |
|
|
|
|
|
|
| |
Setup config/secrets.yml.enc with template contents for people to edit.
Then generate encryption key and encrypt the initial secrets.
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, `read_encrypted_secrets` is set with initializer.
Therefore if refer to `secrets` in config, `read_encrypted_secrets` is false,
so can not get the value of `secrets.yml.enc`.
In order to be able to refer to secrets in config, modified to refer to
`config.read_encrypted_secrets` when calling `secrets`.
Fixes #28618.
|
| |
|
| |
|
| |
|
|
|
|
| |
Fixes #28135.
|
| |
|
| |
|
|
|