When using Rails credentials, you will sometimes want to edit the encrypted credentials for staging or production environments. To do that you need the secret key which should only live on the servers.
Warning
Do not just download these keys to your local dev environment. These files are sensitive and should not simply lie around on your machine.
Instead, add the attached capistrano task to your project (as lib/capistrano/tasks/credentials.rake).
Now you can say
cap <environment> credentials:edit
to open an editor with the decrypted file. The decryption key is kept in memory and never written to disk.
Note
You require deploy permissions to do this.
Posted by Tobias Kraze to makandra dev (2024-11-05 11:51)