Class: Rails::Secrets

Inherits:

Object

Object
Rails::Secrets

show all

Defined in:: lib/rails/secrets.rb

Overview

Greatly inspired by Ara T. Howard’s magnificent sekrets gem. 😘

Defined Under Namespace

Classes: MissingKeyError

Class Attribute Summary collapse

.root ⇒ Object writeonly

Sets the attribute root.

Class Method Summary collapse

Class Attribute Details

.root=(value) ⇒ `Object` (writeonly)

Sets the attribute root

Parameters:

value —

the value to set the attribute root to.



21
22
23

# File 'lib/rails/secrets.rb', line 21

def root=(value)
  @root = value
end

Class Method Details

.decrypt(data) ⇒ `Object`



54
55
56

# File 'lib/rails/secrets.rb', line 54

def decrypt(data)
  encryptor.decrypt_and_verify(data)
end

.encrypt(data) ⇒ `Object`



50
51
52

# File 'lib/rails/secrets.rb', line 50

def encrypt(data)
  encryptor.encrypt_and_sign(data)
end

.generate_key ⇒ `Object`



33
34
35

# File 'lib/rails/secrets.rb', line 33

def generate_key
  SecureRandom.hex(OpenSSL::Cipher.new(@cipher).key_len)
end

.key ⇒ `Object`



37
38
39

# File 'lib/rails/secrets.rb', line 37

def key
  ENV["RAILS_MASTER_KEY"] || read_key_file || handle_missing_key
end

.parse(paths, env:) ⇒ `Object`

# File 'lib/rails/secrets.rb', line 23

def parse(paths, env:)
  paths.each_with_object(Hash.new) do |path, all_secrets|
    require "erb"

    secrets = YAML.load(ERB.new(preprocess(path)).result) || {}
    all_secrets.merge!(secrets["shared"].deep_symbolize_keys) if secrets["shared"]
    all_secrets.merge!(secrets[env].deep_symbolize_keys) if secrets[env]
  end
end

.read ⇒ `Object`



58
59
60

# File 'lib/rails/secrets.rb', line 58

def read
  decrypt(IO.binread(path))
end

.read_for_editing(&block) ⇒ `Object`



67
68
69

# File 'lib/rails/secrets.rb', line 67

def read_for_editing(&block)
  writing(read, &block)
end

.read_template_for_editing(&block) ⇒ `Object`



71
72
73

# File 'lib/rails/secrets.rb', line 71

def read_template_for_editing(&block)
  writing(template, &block)
end

.template ⇒ `Object`

# File 'lib/rails/secrets.rb', line 41

def template
  <<-end_of_template.strip_heredoc
    # See `secrets.yml` for tips on generating suitable keys.
    # production:
    #  external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289

  end_of_template
end

.write(contents) ⇒ `Object`

# File 'lib/rails/secrets.rb', line 62

def write(contents)
  IO.binwrite("#{path}.tmp", encrypt(contents))
  FileUtils.mv("#{path}.tmp", path)
end

Class: Rails::Secrets

Overview

Defined Under Namespace

Class Attribute Summary collapse

Class Method Summary collapse

Class Attribute Details

.root=(value) ⇒ Object (writeonly)

Class Method Details

.decrypt(data) ⇒ Object

.encrypt(data) ⇒ Object

.generate_key ⇒ Object

.key ⇒ Object

.parse(paths, env:) ⇒ Object

.read ⇒ Object

.read_for_editing(&block) ⇒ Object

.read_template_for_editing(&block) ⇒ Object

.template ⇒ Object

.write(contents) ⇒ Object

.root=(value) ⇒ `Object` (writeonly)

.decrypt(data) ⇒ `Object`

.encrypt(data) ⇒ `Object`

.generate_key ⇒ `Object`

.key ⇒ `Object`

.parse(paths, env:) ⇒ `Object`

.read ⇒ `Object`

.read_for_editing(&block) ⇒ `Object`

.read_template_for_editing(&block) ⇒ `Object`

.template ⇒ `Object`

.write(contents) ⇒ `Object`