railties 7.1.3.4 → 7.2.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (121) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +175 -744
  3. data/lib/minitest/rails_plugin.rb +5 -2
  4. data/lib/rails/all.rb +1 -3
  5. data/lib/rails/api/task.rb +3 -2
  6. data/lib/rails/application/bootstrap.rb +5 -6
  7. data/lib/rails/application/configuration.rb +34 -39
  8. data/lib/rails/application/dummy_config.rb +2 -2
  9. data/lib/rails/application/finisher.rb +7 -0
  10. data/lib/rails/application.rb +7 -48
  11. data/lib/rails/backtrace_cleaner.rb +18 -3
  12. data/lib/rails/cli.rb +0 -1
  13. data/lib/rails/command.rb +1 -1
  14. data/lib/rails/commands/app/update_command.rb +86 -0
  15. data/lib/rails/commands/console/console_command.rb +2 -21
  16. data/lib/rails/commands/console/irb_console.rb +137 -0
  17. data/lib/rails/commands/credentials/credentials_command.rb +2 -2
  18. data/lib/rails/commands/dbconsole/dbconsole_command.rb +21 -30
  19. data/lib/rails/commands/devcontainer/devcontainer_command.rb +34 -0
  20. data/lib/rails/commands/rake/rake_command.rb +1 -1
  21. data/lib/rails/commands/runner/runner_command.rb +14 -3
  22. data/lib/rails/commands/server/server_command.rb +5 -3
  23. data/lib/rails/commands/test/test_command.rb +2 -0
  24. data/lib/rails/configuration.rb +10 -1
  25. data/lib/rails/console/app.rb +5 -32
  26. data/lib/rails/console/helpers.rb +5 -16
  27. data/lib/rails/console/methods.rb +23 -0
  28. data/lib/rails/engine.rb +5 -5
  29. data/lib/rails/gem_version.rb +3 -3
  30. data/lib/rails/generators/app_base.rb +70 -49
  31. data/lib/rails/generators/base.rb +5 -1
  32. data/lib/rails/generators/database.rb +227 -69
  33. data/lib/rails/generators/erb/scaffold/templates/edit.html.erb.tt +2 -0
  34. data/lib/rails/generators/erb/scaffold/templates/index.html.erb.tt +2 -0
  35. data/lib/rails/generators/erb/scaffold/templates/new.html.erb.tt +2 -0
  36. data/lib/rails/generators/generated_attribute.rb +26 -1
  37. data/lib/rails/generators/migration.rb +3 -3
  38. data/lib/rails/generators/rails/app/app_generator.rb +52 -23
  39. data/lib/rails/generators/rails/app/templates/Dockerfile.tt +23 -14
  40. data/lib/rails/generators/rails/app/templates/Gemfile.tt +16 -16
  41. data/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt +4 -0
  42. data/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt +8 -1
  43. data/lib/rails/generators/rails/app/templates/app/views/pwa/manifest.json.erb.tt +22 -0
  44. data/lib/rails/generators/rails/app/templates/app/views/pwa/service-worker.js +26 -0
  45. data/lib/rails/generators/rails/app/templates/bin/brakeman.tt +6 -0
  46. data/lib/rails/generators/rails/app/templates/bin/rubocop.tt +7 -0
  47. data/lib/rails/generators/rails/app/templates/bin/setup.tt +6 -2
  48. data/lib/rails/generators/rails/app/templates/config/application.rb.tt +1 -1
  49. data/lib/rails/generators/rails/app/templates/config/databases/mysql.yml.tt +3 -3
  50. data/lib/rails/generators/rails/app/templates/config/databases/postgresql.yml.tt +7 -0
  51. data/lib/rails/generators/rails/app/templates/config/databases/sqlite3.yml.tt +8 -1
  52. data/lib/rails/generators/rails/app/templates/config/databases/trilogy.yml.tt +3 -3
  53. data/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt +11 -6
  54. data/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt +2 -0
  55. data/lib/rails/generators/rails/app/templates/config/environments/test.rb.tt +6 -5
  56. data/lib/rails/generators/rails/app/templates/config/initializers/filter_parameter_logging.rb.tt +1 -1
  57. data/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_7_2.rb.tt +70 -0
  58. data/lib/rails/generators/rails/app/templates/config/puma.rb.tt +42 -23
  59. data/lib/rails/generators/rails/app/templates/config/routes.rb.tt +4 -0
  60. data/lib/rails/generators/rails/app/templates/docker-entrypoint.tt +5 -0
  61. data/lib/rails/generators/rails/app/templates/dockerignore.tt +13 -0
  62. data/lib/rails/generators/rails/app/templates/github/ci.yml.tt +138 -0
  63. data/lib/rails/generators/rails/app/templates/github/dependabot.yml +12 -0
  64. data/lib/rails/generators/rails/app/templates/gitignore.tt +3 -3
  65. data/lib/rails/generators/rails/app/templates/public/406-unsupported-browser.html +66 -0
  66. data/lib/rails/generators/rails/app/templates/public/icon.png +0 -0
  67. data/lib/rails/generators/rails/app/templates/public/icon.svg +3 -0
  68. data/lib/rails/generators/rails/app/templates/rubocop.yml.tt +8 -0
  69. data/lib/rails/generators/rails/app/templates/test/application_system_test_case.rb.tt +1 -1
  70. data/lib/rails/generators/rails/controller/controller_generator.rb +1 -1
  71. data/lib/rails/generators/rails/db/system/change/change_generator.rb +131 -20
  72. data/lib/rails/generators/rails/devcontainer/devcontainer_generator.rb +166 -0
  73. data/lib/rails/generators/rails/migration/migration_generator.rb +4 -0
  74. data/lib/rails/generators/rails/plugin/plugin_generator.rb +38 -7
  75. data/lib/rails/generators/rails/plugin/templates/%name%.gemspec.tt +2 -2
  76. data/lib/rails/generators/rails/plugin/templates/Gemfile.tt +5 -1
  77. data/lib/rails/generators/rails/plugin/templates/bin/rubocop.tt +7 -0
  78. data/lib/rails/generators/rails/plugin/templates/github/ci.yml.tt +103 -0
  79. data/lib/rails/generators/rails/plugin/templates/github/dependabot.yml +12 -0
  80. data/lib/rails/generators/rails/plugin/templates/rubocop.yml.tt +8 -0
  81. data/lib/rails/generators/rails/plugin/templates/test/application_system_test_case.rb.tt +1 -1
  82. data/lib/rails/generators/test_unit/scaffold/scaffold_generator.rb +10 -0
  83. data/lib/rails/generators/test_unit/scaffold/templates/system_test.rb.tt +2 -0
  84. data/lib/rails/generators/test_unit/system/templates/application_system_test_case.rb.tt +1 -1
  85. data/lib/rails/generators/testing/assertions.rb +20 -0
  86. data/lib/rails/generators/testing/behavior.rb +7 -6
  87. data/lib/rails/generators.rb +1 -1
  88. data/lib/rails/health_controller.rb +1 -1
  89. data/lib/rails/info.rb +2 -2
  90. data/lib/rails/mailers_controller.rb +14 -1
  91. data/lib/rails/paths.rb +2 -2
  92. data/lib/rails/pwa_controller.rb +15 -0
  93. data/lib/rails/rack/logger.rb +15 -7
  94. data/lib/rails/railtie/configurable.rb +2 -2
  95. data/lib/rails/railtie.rb +2 -3
  96. data/lib/rails/tasks/framework.rake +0 -26
  97. data/lib/rails/tasks/tmp.rake +1 -1
  98. data/lib/rails/templates/layouts/application.html.erb +1 -1
  99. data/lib/rails/templates/rails/mailers/email.html.erb +12 -8
  100. data/lib/rails/templates/rails/welcome/index.html.erb +3 -2
  101. data/lib/rails/test_help.rb +2 -4
  102. data/lib/rails/test_unit/reporter.rb +8 -2
  103. data/lib/rails/test_unit/runner.rb +21 -2
  104. data/lib/rails/test_unit/test_parser.rb +45 -0
  105. data/lib/rails.rb +7 -4
  106. metadata +38 -32
  107. data/lib/rails/app_updater.rb +0 -40
  108. data/lib/rails/commands/secrets/USAGE +0 -61
  109. data/lib/rails/commands/secrets/secrets_command.rb +0 -47
  110. data/lib/rails/generators/rails/app/templates/config/databases/jdbc.yml.tt +0 -68
  111. data/lib/rails/generators/rails/app/templates/config/databases/jdbcmysql.yml.tt +0 -54
  112. data/lib/rails/generators/rails/app/templates/config/databases/jdbcpostgresql.yml.tt +0 -70
  113. data/lib/rails/generators/rails/app/templates/config/databases/jdbcsqlite3.yml.tt +0 -24
  114. data/lib/rails/generators/rails/app/templates/config/databases/oracle.yml.tt +0 -62
  115. data/lib/rails/generators/rails/app/templates/config/databases/sqlserver.yml.tt +0 -53
  116. data/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_7_1.rb.tt +0 -284
  117. data/lib/rails/generators/rails/app/templates/public/apple-touch-icon-precomposed.png +0 -0
  118. data/lib/rails/generators/rails/app/templates/public/apple-touch-icon.png +0 -0
  119. data/lib/rails/generators/rails/app/templates/public/favicon.ico +0 -0
  120. data/lib/rails/ruby_version_check.rb +0 -17
  121. data/lib/rails/secrets.rb +0 -110
@@ -1,284 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
- #
3
- # This file eases your Rails 7.1 framework defaults upgrade.
4
- #
5
- # Uncomment each configuration one by one to switch to the new default.
6
- # Once your application is ready to run with all new defaults, you can remove
7
- # this file and set the `config.load_defaults` to `7.1`.
8
- #
9
- # Read the Guide for Upgrading Ruby on Rails for more info on each option.
10
- # https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
11
-
12
- ###
13
- # No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able
14
- # to manually require files that are managed by the autoloader, which you shouldn't do anyway.
15
- #
16
- # This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size
17
- # of the bootsnap cache if you use it.
18
- #
19
- # To set this configuration, add the following line to `config/application.rb` (NOT this file):
20
- # config.add_autoload_paths_to_load_path = false
21
-
22
- ###
23
- # Remove the default X-Download-Options headers since it is used only by Internet Explorer.
24
- # If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`.
25
- #++
26
- # Rails.application.config.action_dispatch.default_headers = {
27
- # "X-Frame-Options" => "SAMEORIGIN",
28
- # "X-XSS-Protection" => "0",
29
- # "X-Content-Type-Options" => "nosniff",
30
- # "X-Permitted-Cross-Domain-Policies" => "none",
31
- # "Referrer-Policy" => "strict-origin-when-cross-origin"
32
- # }
33
-
34
- ###
35
- # Do not treat an `ActionController::Parameters` instance
36
- # as equal to an equivalent `Hash` by default.
37
- #++
38
- # Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false
39
-
40
- ###
41
- # Active Record Encryption now uses SHA-256 as its hash digest algorithm.
42
- #
43
- # There are 3 scenarios to consider.
44
- #
45
- # 1. If you have data encrypted with previous Rails versions, and you have
46
- # +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default
47
- # before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too:
48
- #++
49
- # Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1
50
- #
51
- # 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default
52
- # in 7.0), then you need to configure SHA-256 for Active Record Encryption:
53
- #++
54
- # Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256
55
- #
56
- # 3. If you don't currently have data encrypted with Active Record encryption, you can disable this setting to
57
- # configure the default behavior starting 7.1+:
58
- #++
59
- # Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false
60
-
61
- ###
62
- # No longer run after_commit callbacks on the first of multiple Active Record
63
- # instances to save changes to the same database row within a transaction.
64
- # Instead, run these callbacks on the instance most likely to have internal
65
- # state which matches what was committed to the database, typically the last
66
- # instance to save.
67
- #++
68
- # Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false
69
-
70
- ###
71
- # Configures SQLite with a strict strings mode, which disables double-quoted string literals.
72
- #
73
- # SQLite has some quirks around double-quoted string literals.
74
- # It first tries to consider double-quoted strings as identifier names, but if they don't exist
75
- # it then considers them as string literals. Because of this, typos can silently go unnoticed.
76
- # For example, it is possible to create an index for a non existing column.
77
- # See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details.
78
- #++
79
- # Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true
80
-
81
- ###
82
- # Disable deprecated singular associations names.
83
- #++
84
- # Rails.application.config.active_record.allow_deprecated_singular_associations_name = false
85
-
86
- ###
87
- # Enable the Active Job `BigDecimal` argument serializer, which guarantees
88
- # roundtripping. Without this serializer, some queue adapters may serialize
89
- # `BigDecimal` arguments as simple (non-roundtrippable) strings.
90
- #
91
- # When deploying an application with multiple replicas, old (pre-Rails 7.1)
92
- # replicas will not be able to deserialize `BigDecimal` arguments from this
93
- # serializer. Therefore, this setting should only be enabled after all replicas
94
- # have been successfully upgraded to Rails 7.1.
95
- #++
96
- # Rails.application.config.active_job.use_big_decimal_serializer = true
97
-
98
- ###
99
- # Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or
100
- # `write` are given an invalid `expires_at` or `expires_in` time.
101
- # Options are `true`, and `false`. If `false`, the exception will be reported
102
- # as `handled` and logged instead.
103
- #++
104
- # Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true
105
-
106
- ###
107
- # Specify whether Query Logs will format tags using the SQLCommenter format
108
- # (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format.
109
- # Options are `:legacy` and `:sqlcommenter`.
110
- #++
111
- # Rails.application.config.active_record.query_log_tags_format = :sqlcommenter
112
-
113
- ###
114
- # Specify the default serializer used by `MessageEncryptor` and `MessageVerifier`
115
- # instances.
116
- #
117
- # The legacy default is `:marshal`, which is a potential vector for
118
- # deserialization attacks in cases where a message signing secret has been
119
- # leaked.
120
- #
121
- # In Rails 7.1, the new default is `:json_allow_marshal` which serializes and
122
- # deserializes with `ActiveSupport::JSON`, but can fall back to deserializing
123
- # with `Marshal` so that legacy messages can still be read.
124
- #
125
- # In Rails 7.2, the default will become `:json` which serializes and
126
- # deserializes with `ActiveSupport::JSON` only.
127
- #
128
- # Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`,
129
- # which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack`
130
- # can roundtrip some Ruby types that are not supported by JSON, and may provide
131
- # improved performance, but it requires the `msgpack` gem.
132
- #
133
- # For more information, see
134
- # https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer
135
- #
136
- # If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers
137
- # that have not yet been upgraded must be able to read messages from upgraded
138
- # servers, first deploy without changing the serializer, then set the serializer
139
- # in a subsequent deploy.
140
- #++
141
- # Rails.application.config.active_support.message_serializer = :json_allow_marshal
142
-
143
- ###
144
- # Enable a performance optimization that serializes message data and metadata
145
- # together. This changes the message format, so messages serialized this way
146
- # cannot be read by older versions of Rails. However, messages that use the old
147
- # format can still be read, regardless of whether this optimization is enabled.
148
- #
149
- # To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have
150
- # not yet been upgraded must be able to read messages from upgraded servers,
151
- # leave this optimization off on the first deploy, then enable it on a
152
- # subsequent deploy.
153
- #++
154
- # Rails.application.config.active_support.use_message_serializer_for_metadata = true
155
-
156
- ###
157
- # Set the maximum size for Rails log files.
158
- #
159
- # `config.load_defaults 7.1` does not set this value for environments other than
160
- # development and test.
161
- #++
162
- # if Rails.env.local?
163
- # Rails.application.config.log_file_size = 100 * 1024 * 1024
164
- # end
165
-
166
- ###
167
- # Enable raising on assignment to attr_readonly attributes. The previous
168
- # behavior would allow assignment but silently not persist changes to the
169
- # database.
170
- #++
171
- # Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true
172
-
173
- ###
174
- # Enable validating only parent-related columns for presence when the parent is mandatory.
175
- # The previous behavior was to validate the presence of the parent record, which performed an extra query
176
- # to get the parent every time the child record was updated, even when parent has not changed.
177
- #++
178
- # Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false
179
-
180
- ###
181
- # Enable precompilation of `config.filter_parameters`. Precompilation can
182
- # improve filtering performance, depending on the quantity and types of filters.
183
- #++
184
- # Rails.application.config.precompile_filter_parameters = true
185
-
186
- ###
187
- # Enable before_committed! callbacks on all enrolled records in a transaction.
188
- # The previous behavior was to only run the callbacks on the first copy of a record
189
- # if there were multiple copies of the same record enrolled in the transaction.
190
- #++
191
- # Rails.application.config.active_record.before_committed_on_all_records = true
192
-
193
- ###
194
- # Disable automatic column serialization into YAML.
195
- # To keep the historic behavior, you can set it to `YAML`, however it is
196
- # recommended to explicitly define the serialization method for each column
197
- # rather than to rely on a global default.
198
- #++
199
- # Rails.application.config.active_record.default_column_serializer = nil
200
-
201
- ###
202
- # Enable a performance optimization that serializes Active Record models
203
- # in a faster and more compact way.
204
- #
205
- # To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have
206
- # not yet been upgraded must be able to read caches from upgraded servers,
207
- # leave this optimization off on the first deploy, then enable it on a
208
- # subsequent deploy.
209
- #++
210
- # Rails.application.config.active_record.marshalling_format_version = 7.1
211
-
212
- ###
213
- # Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model.
214
- # This matches the behaviour of all other callbacks.
215
- # In previous versions of Rails, they ran in the inverse order.
216
- #++
217
- # Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true
218
-
219
- ###
220
- # Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`.
221
- #++
222
- # Rails.application.config.active_record.commit_transaction_on_non_local_return = true
223
-
224
- ###
225
- # Controls when to generate a value for <tt>has_secure_token</tt> declarations.
226
- #++
227
- # Rails.application.config.active_record.generate_secure_token_on = :initialize
228
-
229
- ###
230
- # ** Please read carefully, this must be configured in config/application.rb **
231
- #
232
- # Change the format of the cache entry.
233
- #
234
- # Changing this default means that all new cache entries added to the cache
235
- # will have a different format that is not supported by Rails 7.0
236
- # applications.
237
- #
238
- # Only change this value after your application is fully deployed to Rails 7.1
239
- # and you have no plans to rollback.
240
- # When you're ready to change format, add this to `config/application.rb` (NOT
241
- # this file):
242
- # config.active_support.cache_format_version = 7.1
243
-
244
-
245
- ###
246
- # Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your
247
- # platform.
248
- #
249
- # `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant
250
- # sanitizers if they are supported, else fall back to HTML4 sanitizers.
251
- #
252
- # In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor.
253
- #++
254
- # Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor
255
-
256
-
257
- ###
258
- # Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your
259
- # platform.
260
- #
261
- # `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant
262
- # sanitizers if they are supported, else fall back to HTML4 sanitizers.
263
- #
264
- # In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor.
265
- #++
266
- # Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor
267
-
268
-
269
- ###
270
- # Configure the log level used by the DebugExceptions middleware when logging
271
- # uncaught exceptions during requests.
272
- #++
273
- # Rails.application.config.action_dispatch.debug_exception_log_level = :error
274
-
275
-
276
- ###
277
- # Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5
278
- # parsers.
279
- #
280
- # Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4.
281
- #
282
- # In previous versions of Rails, these test helpers always used an HTML4 parser.
283
- #++
284
- # Rails.application.config.dom_testing_default_html_version = :html5
@@ -1,17 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # :stopdoc:
4
-
5
- if Gem::Version.new(RUBY_VERSION) < Gem::Version.new("2.7.0") && RUBY_ENGINE == "ruby"
6
- desc = defined?(RUBY_DESCRIPTION) ? RUBY_DESCRIPTION : "ruby #{RUBY_VERSION} (#{RUBY_RELEASE_DATE})"
7
- abort <<-end_message
8
-
9
- Rails 7 requires Ruby 2.7.0 or newer.
10
-
11
- You're running
12
- #{desc}
13
-
14
- Please upgrade to Ruby 2.7.0 or newer to continue.
15
-
16
- end_message
17
- end
data/lib/rails/secrets.rb DELETED
@@ -1,110 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "yaml"
4
- require "tempfile"
5
- require "active_support/message_encryptor"
6
-
7
- module Rails
8
- # Greatly inspired by Ara T. Howard's magnificent sekrets gem. 😘
9
- class Secrets # :nodoc:
10
- class MissingKeyError < RuntimeError
11
- def initialize
12
- super(<<-end_of_message.squish)
13
- Missing encryption key to decrypt secrets with.
14
- Ask your team for your master key and put it in ENV["RAILS_MASTER_KEY"]
15
- end_of_message
16
- end
17
- end
18
-
19
- @cipher = "aes-128-gcm"
20
- @root = File # Wonky, but ensures `join` uses the current directory.
21
-
22
- class << self
23
- attr_writer :root
24
-
25
- def parse(paths, env:)
26
- paths.each_with_object(Hash.new) do |path, all_secrets|
27
- require "erb"
28
-
29
- source = ERB.new(preprocess(path)).result
30
- secrets = YAML.respond_to?(:unsafe_load) ? YAML.unsafe_load(source) : YAML.load(source)
31
- secrets ||= {}
32
-
33
- all_secrets.merge!(secrets["shared"].deep_symbolize_keys) if secrets["shared"]
34
- all_secrets.merge!(secrets[env].deep_symbolize_keys) if secrets[env]
35
- end
36
- end
37
-
38
- def key
39
- ENV["RAILS_MASTER_KEY"] || read_key_file || handle_missing_key
40
- end
41
-
42
- def encrypt(data)
43
- encryptor.encrypt_and_sign(data)
44
- end
45
-
46
- def decrypt(data)
47
- encryptor.decrypt_and_verify(data)
48
- end
49
-
50
- def read
51
- decrypt(IO.binread(path))
52
- end
53
-
54
- def write(contents)
55
- IO.binwrite("#{path}.tmp", encrypt(contents))
56
- FileUtils.mv("#{path}.tmp", path)
57
- end
58
-
59
- def read_for_editing(&block)
60
- writing(read, &block)
61
- end
62
-
63
- private
64
- def handle_missing_key
65
- raise MissingKeyError
66
- end
67
-
68
- def read_key_file
69
- if File.exist?(key_path)
70
- IO.binread(key_path).strip
71
- end
72
- end
73
-
74
- def key_path
75
- @root.join("config", "secrets.yml.key")
76
- end
77
-
78
- def path
79
- @root.join("config", "secrets.yml.enc").to_s
80
- end
81
-
82
- def preprocess(path)
83
- if path.end_with?(".enc")
84
- decrypt(IO.binread(path))
85
- else
86
- IO.read(path)
87
- end
88
- end
89
-
90
- def writing(contents)
91
- file_name = "#{File.basename(path)}.#{Process.pid}"
92
-
93
- Tempfile.create(["", "-" + file_name]) do |tmp_file|
94
- tmp_path = Pathname.new(tmp_file)
95
- tmp_path.binwrite contents
96
-
97
- yield tmp_path
98
-
99
- updated_contents = tmp_path.binread
100
-
101
- write(updated_contents) if updated_contents != contents
102
- end
103
- end
104
-
105
- def encryptor
106
- @encryptor ||= ActiveSupport::MessageEncryptor.new([ key ].pack("H*"), cipher: @cipher)
107
- end
108
- end
109
- end
110
- end