CredentialsForRailsEnv

Now you can easily fetch different credentials for the each of your RAILS_ENV environments. The new Rails.application.credentials.env object does the work for you. Here is a sample credentials file.

$ EDITOR=vim rails credentials:edit

foo: global foo
development:
  foo: development foo
production:
  foo: production foo

The new credentials.env object will return values from the RAILS_ENV slice of the credentials. For example when RAILS_ENV == "development":

Rails.application.credentials.env.foo         => "development foo"
Rails.application.credentials.env[:foo]       => "development foo"
Rails.application.credentials.env.dig(:foo)   => "development foo"
Rails.application.credentials.env.fetch(:foo) => "development foo"
Rails.application.credentials.env.config      => { foo: "development foo" }

This makes it very easy to migrate from the deprecated Rails 5.1 secrets convention to the new Rails 5.2 credentials convention. Just add the contents of your secrets file to your credentials file and replace all calls to "Rails.application.secrets" with calls to "Rails.application.credentials.env". Then you can delete your secrets files.

You can still call "Rails.application.credentials" as usual to see the global credentials view.

Rails.application.credentials.foo => "global foo"

This works by extending ActiveSupport::EncryptedConfiguration to take an optional rails_env parameter.

module Rails
  class Application < Engine
    def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
      ActiveSupport::EncryptedConfiguration.new(
        config_path: Rails.root.join(path),
        key_path: Rails.root.join(key_path),
        env_key: env_key,
        raise_if_missing_key: config.require_master_key,
        rails_env: Rails.env
      )
    end
  end
end

You can use this interface to open any encrypted file and access the RAILS_ENV specific configuration values.

my_credentials = Rails.application.encrypted("config/my_credentials.yml.enc")
my_bar = my_credentials.env.bar

Installation

Add this line to your application's Gemfile:

gem 'credentials_for_rails_env'

And then execute:

$ bundle

Or install it yourself as:

$ gem install credentials_for_rails_env

Usage

Rails.application.credentials.env.foo
Rails.application.credentials.env[:foo]
Rails.application.credentials.env.dig(:foo)
Rails.application.credentials.env.fetch(:foo)
Rails.application.credentials.env.config

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/jgorman/credentials_for_rails_env.

License

The gem is available as open source under the terms of the MIT License.