Capistrano task to edit staging / production credentials

Posted . Visible to the public.

When using Rails credentials, you will sometimes want to edit the encrypted credentials for staging or production environments. To do that you need the secret key which should only live on the servers.

Warning

Do not just download these keys to your local dev environment. These files are sensitive and should not simply lie around on your machine.

Instead, add the attached capistrano task to your project (as lib/capistrano/tasks/credentials.rake).

Now you can say

cap <environment> credentials:edit

to open an editor with the decrypted file. The decryption key is kept in memory and never written to disk.

Note

You require deploy permissions to do this.

Tobias Kraze
Last edit
Tobias Kraze
Attachments
License
Source code in this card is licensed under the MIT License.
Posted by Tobias Kraze to makandra dev (2024-11-05 11:51)