How to keep using secrets.yml after upgrading to Rails 7.2

Updated . Posted . Visible to the public.

Rails 5.2 soft-deprecated the storage of secrets in secrets.yml in favor of a new thing, credentials.yml.enc Show archive.org snapshot . Rails 7.1 deprecated secrets and Rails 7.2 finally removed it.

In our permissions model, it does not matter much whether secrets or credentials are used. While we'll use credentials in new applications (for conformity), for existing applications it may be appropriate to keep using secrets.yml.

Restoring secrets in Rails 7.2+

Restoring Rails.application.secrets is really simple, thanks to config_for. Simply add this to config/application.rb:

config.require_master_key = false
config.secrets = config_for(:secrets)
config.secret_key_base = config.secrets.secret_key_base
def secrets
  config.secrets
end
  • config_for reads from config/secrets.yml. It expects config to be nested by environment.
  • def secrets defines that method on Rails.application.
  • If you are using Devise, you also need to set the Devise config secret_key to Rails.application.secret_key_base.
island94.org
Henning Koch
makandra.de
Say thanks2
Last edit
Dominik Schöler
License
Source code in this card is licensed under the MIT License.
Posted by Henning Koch to makandra dev (2018-08-22 15:16)
This website uses short-lived cookies to improve usability.
or learn more