Don't load app environment when editing credentials #34789
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
While evaluating multi-environment credentials, I came across a problem trying to create a new environment for my app.
Once you have created your first environment (e.g.
development
) you might start adding configuration in initialisers that tries to access encrypted credentials like so:That works fine when running
rails credentials:edit --environment development
If you now decide to create a
staging
environment, doingrails credentials:edit --environment staging
will fail with something similar to...ordered_options.rb:49:in 'method_missing': :secret_key_base is blank (KeyError)
A great many gems that access 3rd party APIs use an initialiser for configuring credentials so the above situation is quite likely to occur.
I worked around the issue by creating a new empty Rails app, running
rails credentials:edit --environment staging
in it, and copying across the generated credential files.This PR attempts to fix the issue by not loading the application environment for
rails credentials:*
commands.I've added a test but I am not sure that it is correct (or sufficient) as I struggled to fully understand the railties test harness. Happy to try another way to test this.