New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
credentials:edit/show commands ignores custom content_path and key_path #37631
Comments
I'd like to validate my interpretation of the issue at hand before taking a stab at it (I've yet to put up a PR to rails yet but I'm looking for opportunities) 😃 In the railties subdirectory, within Would an adequate solution be to add more guards inside of |
It looks to me that the design made in |
Thanks for your help, here are some links about the paths override : |
Hi, I hope you don't mind if I add a bit to this issue, as I would expect that the paths can also be set on a per-environment basis in config/environments/<environment>.rb, as with most/all other configuration settings. |
This issue has been automatically marked as stale because it has not been commented on for at least three months. |
This commit changes the credentials commands (e.g. `bin/rails credentials:edit`) to respect `config.credentials.content_path` and `config.credentials.key_path` when set in `config/application.rb`. Before this commit: * Unlike other `bin/rails` commands, `bin/rails credentials:edit` ignored `RAILS_ENV`, and would always edit `config/credentials.yml.enc`. * `bin/rails credentials:edit --environment foo` would create and edit `config/credentials/foo.yml.enc`. * If `config.credentials.content_path` or `config.credentials.key_path` was set, `bin/rails credentials:edit` could not be used to edit the credentials. Editing credentials required using `bin/rails encrypted:edit path/to/credentials --key path/to/key`. After this commit: * `bin/rails credentials:edit` will edit the credentials file that the app would load for the current `RAILS_ENV`. * `bin/rails credentials:edit` respects `config.credentials.content_path` and `config.credentials.key_path` when set in `config/application.rb`. Using `RAILS_ENV`, environment-specific paths can be set, such as: ```ruby # config/application.rb module MyCoolApp class Application < Rails::Application config.credentials.content_path = "my_credentials/#{Rails.env}.yml.enc" config.credentials.key_path = "path/to/production.key" if Rails.env.production? end end ``` * `bin/rails credentials:edit --environment foo` will create and edit `config/credentials/foo.yml.enc` _if_ `config.credentials.content_path` has not been set for the `foo` environment. Ultimately, it will edit the credentials file that the app would load for the `foo` environment. Note that the credentials commands do not run initializers. Therefore, they will not, for example, attempt to connect to the database of the specified environment. Fixes rails#37631. Fixes rails#41830. Fixes rails#46884. Closes rails#46904. Co-authored-by: Alex Ghiculescu <alex@tanda.co>
Steps to reproduce
In
application.rb
, configure custom credentials content_path and key_path:Rename your existing credentials files to the new names we've just configured.
rails s
andrails c
should work fine with your existing credentials.Expected behavior
rails credentials:edit
andrails credentials:show
should work with the custom paths, but it doesn't.Actual behavior
rails credentials:edit
will generate new credentials files (credentials.yml.enc
andcredentials.yml.enc
) instead of editing our current credentials with custom paths.rails credentials:show
also ignores custom paths.System configuration
Rails version: 6.0.0
Ruby version: 2.6.5
The text was updated successfully, but these errors were encountered: