Use credentials, not secrets, for Active Storage (#30650)

According to #30067: > This PR will deprecate secrets.yml* and instead adopt > config/credentials.yml.enc to signify what these secrets are specifically > for: Keeping API keys, database passwords, and any other integration > credentials in one place. [ci skip] since only comments are being edited.
rails · Sep 19, 2017 · 2f8ecdb · 2f8ecdb
1 parent e0484a3
commit 2f8ecdb
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md
@@ -400,7 +400,7 @@ Rails.application.config.session_store :cookie_store, key: '_your_app_session',
 Rails sets up (for the CookieStore) a secret key used for signing the session data in `config/credentials.yml.enc`. This can be changed with `bin/rails credentials:edit`.
 
 ```ruby
-# amazon:
+# aws:
 #   access_key_id: 123
 #   secret_access_key: 345
 

diff --git a/railties/lib/rails/generators/rails/app/templates/config/storage.yml b/railties/lib/rails/generators/rails/app/templates/config/storage.yml
@@ -6,10 +6,10 @@ local:
   service: Disk
   root: <%%= Rails.root.join("storage") %>
 
-# Use rails secrets:edit to set the AWS secrets (as shared:aws:access_key_id|secret_access_key)
+# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
 # amazon:
 #   service: S3
-#   access_key_id: <%%= Rails.application.secrets.dig(:aws, :access_key_id) %>
+#   access_key_id: <%%= Rails.application.credentials.dig(:aws, :access_key_id) %>
 #   secret_access_key: <%%= Rails.application.secrets.dig(:aws, :secret_access_key) %>
 #   region: us-east-1
 #   bucket: your_own_bucket
@@ -21,12 +21,12 @@ local:
 #   keyfile: <%%= Rails.root.join("path/to/gcs.keyfile") %>
 #   bucket: your_own_bucket
 
-# Use rails secrets:edit to set the Azure Storage secret (as shared:azure_storage:storage_access_key)
+# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
 # microsoft:
 #   service: AzureStorage
 #   path: your_azure_storage_path
 #   storage_account_name: your_account_name
-#   storage_access_key: <%%= Rails.application.secrets.dig(:azure_storage, :storage_access_key) %>
+#   storage_access_key: <%%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
 #   container: your_container_name
 
 # mirror:

diff --git a/railties/lib/rails/generators/rails/credentials/credentials_generator.rb b/railties/lib/rails/generators/rails/credentials/credentials_generator.rb
@@ -37,7 +37,7 @@ def add_credentials_file_silently(template = nil)
 
       private
         def credentials_template
-          "# amazon:\n#  access_key_id: 123\n#  secret_access_key: 345\n\n" +
+          "# aws:\n#  access_key_id: 123\n#  secret_access_key: 345\n\n" +
           "# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.\n" +
           "secret_key_base: #{SecureRandom.hex(64)}"
         end