Class: Rails::Generators::EncryptedSecretsGenerator

Inherits:
Base
  • Object
show all
Defined in:
lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Base

base_root, class_option, default_source_root, desc, hide!, hook_for, inherited, namespace, remove_hook_for, source_root

Methods included from Actions

#add_source, #after_bundle, #capify!, #environment, #gem, #gem_group, #generate, #git, #initialize, #initializer, #lib, #rails_command, #rake, #rakefile, #readme, #route, #vendor

Class Method Details

.skip_secrets_fileObject



57
58
59
60
61
62
# File 'lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb', line 57

def self.skip_secrets_file
  @@skip_secrets_file = true
  yield
ensure
  @@skip_secrets_file = false
end

Instance Method Details

#add_encrypted_secrets_fileObject



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb', line 38

def add_encrypted_secrets_file
  unless (defined?(@@skip_secrets_file) && @@skip_secrets_file) || File.exist?("config/secrets.yml.enc")
    say "Adding config/secrets.yml.enc to store secrets that needs to be encrypted."
    say ""
    say "For now the file contains this but it's been encrypted with the generated key:"
    say ""
    say Secrets.template, :on_green
    say ""

    Secrets.write(Secrets.template)

    say "You can edit encrypted secrets with `bin/rails secrets:edit`."
    say ""
  end

  say "Add this to your config/environments/production.rb:"
  say "config.read_encrypted_secrets = true"
end

#add_secrets_key_fileObject



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# File 'lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb', line 7

def add_secrets_key_file
  unless File.exist?("config/secrets.yml.key") || File.exist?("config/secrets.yml.enc")
    key = Rails::Secrets.generate_key

    say "Adding config/secrets.yml.key to store the encryption key: #{key}"
    say ""
    say "Save this in a password manager your team can access."
    say ""
    say "If you lose the key, no one, including you, can access any encrypted secrets."

    say ""
    create_file "config/secrets.yml.key", key
    say ""
  end
end

#ignore_key_fileObject



23
24
25
26
27
28
29
30
31
32
33
34
35
36
# File 'lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb', line 23

def ignore_key_file
  if File.exist?(".gitignore")
    unless File.read(".gitignore").include?(key_ignore)
      say "Ignoring config/secrets.yml.key so it won't end up in Git history:"
      say ""
      append_to_file ".gitignore", key_ignore
      say ""
    end
  else
    say "IMPORTANT: Don't commit config/secrets.yml.key. Add this to your ignore file:"
    say key_ignore, :on_green
    say ""
  end
end