aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/commands/secrets/secrets_command.rb
blob: 45e02fa7307adcb798274487541280b642fed350 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
require "active_support"
require_relative "../../secrets"

module Rails
  module Command
    class SecretsCommand < Rails::Command::Base # :nodoc:
      no_commands do
        def help
          say "Usage:\n  #{self.class.banner}"
          say ""
          say self.class.desc
        end
      end

      def setup
        generator.start
      end

      def edit
        if ENV["EDITOR"].to_s.empty?
          say "No $EDITOR to open decrypted secrets in. Assign one like this:"
          say ""
          say %(EDITOR="mate --wait" bin/rails secrets:edit)
          say ""
          say "For editors that fork and exit immediately, it's important to pass a wait flag,"
          say "otherwise the secrets will be saved immediately with no chance to edit."

          return
        end

        require_application_and_environment!

        Rails::Secrets.read_for_editing do |tmp_path|
          system("#{ENV["EDITOR"]} #{tmp_path}")
        end

        say "New secrets encrypted and saved."
      rescue Interrupt
        say "Aborted changing encrypted secrets: nothing saved."
      rescue Rails::Secrets::MissingKeyError => error
        say error.message
      rescue Errno::ENOENT => error
        raise unless error.message =~ /secrets\.yml\.enc/

        Rails::Secrets.read_template_for_editing do |tmp_path|
          system("#{ENV["EDITOR"]} #{tmp_path}")
          generator.skip_secrets_file { setup }
        end
      end

      def show
        say Rails::Secrets.read
      end

      private
        def generator
          require_relative "../../generators"
          require_relative "../../generators/rails/encrypted_secrets/encrypted_secrets_generator"

          Rails::Generators::EncryptedSecretsGenerator
        end
    end
  end
end