From 0338c81dc2ab6ef35fe68461e39c0bad0af5bb95 Mon Sep 17 00:00:00 2001
From: Kasper Timm Hansen <kaspth@gmail.com>
Date: Tue, 23 May 2017 21:54:01 +0200
Subject: Reorder first secrets edit flow.

Setup config/secrets.yml.enc with template contents for people to edit.

Then generate encryption key and encrypt the initial secrets.
---
 .../encrypted_secrets_generator.rb                 | 30 ++++++++++++----------
 .../templates/config/secrets.yml.enc               |  3 ---
 2 files changed, 17 insertions(+), 16 deletions(-)
 delete mode 100644 railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc

(limited to 'railties/lib/rails/generators')

diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb
index 8b29213610..1da2fbc1a5 100644
--- a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb
+++ b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb
@@ -36,25 +36,29 @@ module Rails
       end
 
       def add_encrypted_secrets_file
-        unless File.exist?("config/secrets.yml.enc")
+        unless (defined?(@@skip_secrets_file) && @@skip_secrets_file) || File.exist?("config/secrets.yml.enc")
           say "Adding config/secrets.yml.enc to store secrets that needs to be encrypted."
           say ""
+          say "For now the file contains this but it's been encrypted with the generated key:"
+          say ""
+          say Secrets.template, :on_green
+          say ""
 
-          template "config/secrets.yml.enc" do |prefill|
-            say ""
-            say "For now the file contains this but it's been encrypted with the generated key:"
-            say ""
-            say prefill, :on_green
-            say ""
-
-            Secrets.encrypt(prefill)
-          end
+          Secrets.write(Secrets.template)
 
           say "You can edit encrypted secrets with `bin/rails secrets:edit`."
-
-          say "Add this to your config/environments/production.rb:"
-          say "config.read_encrypted_secrets = true"
+          say ""
         end
+
+        say "Add this to your config/environments/production.rb:"
+        say "config.read_encrypted_secrets = true"
+      end
+
+      def self.skip_secrets_file
+        @@skip_secrets_file = true
+        yield
+      ensure
+        @@skip_secrets_file = false
       end
 
       private
diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc b/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc
deleted file mode 100644
index 70426a66a5..0000000000
--- a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc
+++ /dev/null
@@ -1,3 +0,0 @@
-# See `secrets.yml` for tips on generating suitable keys.
-# production:
-#  external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289…
-- 
cgit v1.2.3