Class: Quails::Secrets

Inherits:

Object

• Object
• Quails::Secrets

Defined in:

railties/lib/rails/secrets.rb

Overview

Greatly inspired by Ara T. Howard’s magnificent sekrets gem. 😘

Defined Under Namespace

Classes: MissingKeyError

Class Attribute Summary

• .root ⇒ Object writeonly

  Sets the attribute root.

Class Method Summary

• .decrypt(data) ⇒ Object
• .encrypt(data) ⇒ Object
• .generate_key ⇒ Object
• .key ⇒ Object
• .parse(paths, env:) ⇒ Object
• .read ⇒ Object
• .read_for_editing(&block) ⇒ Object
• .read_template_for_editing(&block) ⇒ Object
• .template ⇒ Object
• .write(contents) ⇒ Object

Class Attribute Details

.root=(value) ⇒ Object (writeonly)

Sets the attribute root

Parameters:

• value —

  the value to set the attribute root to.

# File 'railties/lib/rails/secrets.rb', line 23

def root=(value)
  @root = value
end

Class Method Details

.decrypt(data) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 56

def decrypt(data)
  encryptor.decrypt_and_verify(data)
end

.encrypt(data) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 52

def encrypt(data)
  encryptor.encrypt_and_sign(data)
end

.generate_key ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 35

def generate_key
  SecureRandom.hex(OpenSSL::Cipher.new(@cipher).key_len)
end

.key ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 39

def key
  ENV["RAILS_MASTER_KEY"] || read_key_file || handle_missing_key
end

.parse(paths, env:) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 25

def parse(paths, env:)
  paths.each_with_object(Hash.new) do |path, all_secrets|
    require "erb"

    secrets = YAML.load(ERB.new(preprocess(path)).result) || {}
    all_secrets.merge!(secrets["shared"].deep_symbolize_keys) if secrets["shared"]
    all_secrets.merge!(secrets[env].deep_symbolize_keys) if secrets[env]
  end
end

.read ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 60

def read
  decrypt(IO.binread(path))
end

.read_for_editing(&block) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 69

def read_for_editing(&block)
  writing(read, &block)
end

.read_template_for_editing(&block) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 73

def read_template_for_editing(&block)
  writing(template, &block)
end

.template ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 43

def template
  "    # See `secrets.yml` for tips on generating suitable keys.\n    # production:\n    #   external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289\n\n  end_of_template\nend\n".strip_heredoc

.write(contents) ⇒ Object

# File 'railties/lib/rails/secrets.rb', line 64

def write(contents)
  IO.binwrite("#{path}.tmp", encrypt(contents))
  FileUtils.mv("#{path}.tmp", path)
end