Skip to content

freeletics/creds

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
3 branches 4 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github/workflows
 
 
bin
 
 
lib
 
 
test
 
 
.gitignore
 
 
Gemfile
 
 
Gemfile.lock
 
 
LICENSE.txt
 
 
README.md
 
 
Rakefile
 
 
creds.gemspec
 
 
Creds Installation Usage Rails 6.0 Additions Development Contributing License

README.md

Creds

Manage encrypted credentials (added in Rails 5.2.0) with multiple environments.

Installation

Available as a gem creds

Usage

Using Rails command, generate new encrypted file by

bin/rails encrypted:edit config/credentials/production.yml.enc --key config/credentials/production.key

add some content in opened editor (note there is no environment root key, ie no production):

aws_access_key_id: my-access-key-id

If config/credentials/production.key doesn't exist yet, run bin/rails generate master_key and adjust naming to match desired one. Content of file can be displayed by

bin/rails encrypted:show config/credentials/production.yml.enc --key config/credentials/production.key

Add to config/environments/production.rb (or any other env)

config.creds = Creds.new("config/credentials/production.yml.enc")

If wants to use key from custom path - by default it checks RAILS_MASTER_KEY env key and config/master.key file:

config.creds = Creds.new("config/credentials/production.yml.enc", key_path: "config/credentials/production.key")

In the code:

Rails.configuration.creds.aws_access_key_id

To ease working in development/test environments with the same API, add config/credentials/plain.yml with key/value pairs nested under environment name, like:

development:
  aws_access_key_id: "aws-key-id"

Then add to config/environments/development.rb

config.creds = Creds.new("config/credentials/plain.yml", env: "development")

Rails 6.0

In Rails 6.0 it is possible to edit files by rails credentials:edit --environment production which will look for config/credentials/production.yml.enc encrypted by ENV["RAILS_MASTER_KEY"] or config/credentials/production.key

Additions

  • To raise error in case of missing key you can add bang to the name, like Rails.configuration.creds.database_url!
  • To list all defined key/value pairs call config, like Rails.configuration.creds.config
  • Plain text file can embed Ruby (<%= %>), but not encrypted one
  • If secret_key_base is specified in credentials file, it will be assigned to Rails.configuration.secret_key_base, as it is required by Rails

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/freeletics/creds

License

The gem is available as open source under the terms of the MIT License.

About

Encrypted & plain text credentials for multiple environments

Topics

ruby rails ruby-gem credentials

Resources

Readme

License

MIT license

Stars

38 stars

Watchers

12 watching

Forks

2 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages