2017-08-14 13:08:09 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-08-06 13:15:47 -04:00
|
|
|
require "yaml"
|
|
|
|
require "active_support/core_ext/hash/keys"
|
|
|
|
require "active_support/core_ext/object/blank"
|
|
|
|
require "active_support/key_generator"
|
|
|
|
require "active_support/message_verifier"
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
require "active_support/encrypted_configuration"
|
2017-09-28 14:04:46 -04:00
|
|
|
require "active_support/deprecation"
|
2019-02-08 12:44:43 -05:00
|
|
|
require "active_support/hash_with_indifferent_access"
|
2017-10-21 09:08:33 -04:00
|
|
|
require "rails/engine"
|
|
|
|
require "rails/secrets"
|
2009-12-22 20:03:23 -05:00
|
|
|
|
2009-09-25 22:32:28 -04:00
|
|
|
module Rails
|
2015-05-11 09:51:45 -04:00
|
|
|
# An Engine with the responsibility of coordinating the whole boot process.
|
2010-02-02 14:05:26 -05:00
|
|
|
#
|
|
|
|
# == Initialization
|
|
|
|
#
|
2012-01-02 15:49:18 -05:00
|
|
|
# Rails::Application is responsible for executing all railties and engines
|
2011-07-12 09:37:55 -04:00
|
|
|
# initializers. It also executes some bootstrap initializers (check
|
2010-02-02 14:05:26 -05:00
|
|
|
# Rails::Application::Bootstrap) and finishing initializers, after all the others
|
|
|
|
# are executed (check Rails::Application::Finisher).
|
|
|
|
#
|
|
|
|
# == Configuration
|
|
|
|
#
|
|
|
|
# Besides providing the same configuration as Rails::Engine and Rails::Railtie,
|
|
|
|
# the application object has several specific configurations, for example
|
2012-08-01 09:27:57 -04:00
|
|
|
# "cache_classes", "consider_all_requests_local", "filter_parameters",
|
2012-01-02 15:49:18 -05:00
|
|
|
# "logger" and so forth.
|
2010-02-02 14:05:26 -05:00
|
|
|
#
|
|
|
|
# Check Rails::Application::Configuration to see them all.
|
|
|
|
#
|
|
|
|
# == Routes
|
|
|
|
#
|
|
|
|
# The application object is also responsible for holding the routes and reloading routes
|
|
|
|
# whenever the files change in development.
|
|
|
|
#
|
2010-05-29 14:07:47 -04:00
|
|
|
# == Middlewares
|
2010-02-02 14:05:26 -05:00
|
|
|
#
|
2010-05-29 14:07:47 -04:00
|
|
|
# The Application is also responsible for building the middleware stack.
|
2010-05-15 09:08:55 -04:00
|
|
|
#
|
2011-12-12 09:18:19 -05:00
|
|
|
# == Booting process
|
|
|
|
#
|
|
|
|
# The application is also responsible for setting up and executing the booting
|
|
|
|
# process. From the moment you require "config/application.rb" in your app,
|
|
|
|
# the booting process goes like this:
|
|
|
|
#
|
|
|
|
# 1) require "config/boot.rb" to setup load paths
|
|
|
|
# 2) require railties and engines
|
|
|
|
# 3) Define Rails.application as "class MyApp::Application < Rails::Application"
|
|
|
|
# 4) Run config.before_configuration callbacks
|
|
|
|
# 5) Load config/environments/ENV.rb
|
|
|
|
# 6) Run config.before_initialize callbacks
|
|
|
|
# 7) Run Railtie#initializer defined by railties, engines and application.
|
2011-12-13 02:49:04 -05:00
|
|
|
# One by one, each engine sets up its load paths, routes and runs its config/initializers/* files.
|
2013-03-09 12:42:02 -05:00
|
|
|
# 8) Custom Railtie#initializers added by railties, engines and applications are executed
|
|
|
|
# 9) Build the middleware stack and run to_prepare callbacks
|
|
|
|
# 10) Run config.before_eager_load and eager_load! if eager_load is true
|
|
|
|
# 11) Run config.after_initialize callbacks
|
2011-12-12 09:18:19 -05:00
|
|
|
#
|
2013-04-04 21:25:31 -04:00
|
|
|
# == Multiple Applications
|
|
|
|
#
|
|
|
|
# If you decide to define multiple applications, then the first application
|
|
|
|
# that is initialized will be set to +Rails.application+, unless you override
|
|
|
|
# it with a different application.
|
|
|
|
#
|
|
|
|
# To create a new application, you can instantiate a new instance of a class
|
|
|
|
# that has already been created:
|
|
|
|
#
|
|
|
|
# class Application < Rails::Application
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
# first_application = Application.new
|
|
|
|
# second_application = Application.new(config: first_application.config)
|
|
|
|
#
|
|
|
|
# In the above example, the configuration from the first application was used
|
|
|
|
# to initialize the second application. You can also use the +initialize_copy+
|
|
|
|
# on one of the applications to create a copy of the application which shares
|
|
|
|
# the configuration.
|
|
|
|
#
|
2016-12-19 21:06:12 -05:00
|
|
|
# If you decide to define Rake tasks, runners, or initializers in an
|
2016-03-04 07:22:31 -05:00
|
|
|
# application other than +Rails.application+, then you must run them manually.
|
2010-01-21 17:14:20 -05:00
|
|
|
class Application < Engine
|
2016-08-06 13:15:47 -04:00
|
|
|
autoload :Bootstrap, "rails/application/bootstrap"
|
|
|
|
autoload :Configuration, "rails/application/configuration"
|
|
|
|
autoload :DefaultMiddlewareStack, "rails/application/default_middleware_stack"
|
|
|
|
autoload :Finisher, "rails/application/finisher"
|
|
|
|
autoload :Railties, "rails/engine/railties"
|
|
|
|
autoload :RoutesReloader, "rails/application/routes_reloader"
|
2010-01-23 09:05:13 -05:00
|
|
|
|
2009-10-08 15:14:57 -04:00
|
|
|
class << self
|
2010-01-21 17:14:20 -05:00
|
|
|
def inherited(base)
|
|
|
|
super
|
2014-08-06 21:27:16 -04:00
|
|
|
Rails.app_class = base
|
2014-11-04 17:54:52 -05:00
|
|
|
add_lib_to_load_path!(find_root(base.called_from))
|
2016-07-25 19:12:55 -04:00
|
|
|
ActiveSupport.run_load_hooks(:before_configuration, base)
|
2009-10-08 15:14:57 -04:00
|
|
|
end
|
2013-04-04 21:25:31 -04:00
|
|
|
|
2014-08-07 18:28:31 -04:00
|
|
|
def instance
|
|
|
|
super.run_load_hooks!
|
|
|
|
end
|
|
|
|
|
2014-08-07 18:50:46 -04:00
|
|
|
def create(initial_variable_values = {}, &block)
|
|
|
|
new(initial_variable_values, &block).run_load_hooks!
|
|
|
|
end
|
|
|
|
|
2014-11-04 17:54:52 -05:00
|
|
|
def find_root(from)
|
|
|
|
find_root_with_flag "config.ru", from, Dir.pwd
|
|
|
|
end
|
|
|
|
|
2013-04-04 21:25:31 -04:00
|
|
|
# Makes the +new+ method public.
|
|
|
|
#
|
|
|
|
# Note that Rails::Application inherits from Rails::Engine, which
|
|
|
|
# inherits from Rails::Railtie and the +new+ method on Rails::Railtie is
|
|
|
|
# private
|
|
|
|
public :new
|
2009-11-02 20:19:03 -05:00
|
|
|
end
|
2009-09-28 20:57:36 -04:00
|
|
|
|
2012-12-21 18:42:47 -05:00
|
|
|
attr_accessor :assets, :sandbox
|
2011-05-24 19:37:55 -04:00
|
|
|
alias_method :sandbox?, :sandbox
|
2016-02-21 20:25:52 -05:00
|
|
|
attr_reader :reloaders, :reloader, :executor
|
2011-05-24 19:37:55 -04:00
|
|
|
|
2012-10-14 06:03:39 -04:00
|
|
|
delegate :default_url_options, :default_url_options=, to: :routes
|
2010-07-08 09:42:40 -04:00
|
|
|
|
2013-04-04 21:25:31 -04:00
|
|
|
INITIAL_VARIABLES = [:config, :railties, :routes_reloader, :reloaders,
|
2013-12-10 10:04:07 -05:00
|
|
|
:routes, :helpers, :app_env_config, :secrets] # :nodoc:
|
2013-04-04 21:25:31 -04:00
|
|
|
|
|
|
|
def initialize(initial_variable_values = {}, &block)
|
|
|
|
super()
|
2013-11-21 20:42:10 -05:00
|
|
|
@initialized = false
|
|
|
|
@reloaders = []
|
|
|
|
@routes_reloader = nil
|
|
|
|
@app_env_config = nil
|
|
|
|
@ordered_railties = nil
|
|
|
|
@railties = nil
|
|
|
|
@message_verifiers = {}
|
2014-08-07 18:28:31 -04:00
|
|
|
@ran_load_hooks = false
|
|
|
|
|
2016-02-21 20:25:52 -05:00
|
|
|
@executor = Class.new(ActiveSupport::Executor)
|
|
|
|
@reloader = Class.new(ActiveSupport::Reloader)
|
|
|
|
@reloader.executor = @executor
|
|
|
|
|
2014-08-07 18:28:31 -04:00
|
|
|
# are these actually used?
|
|
|
|
@initial_variable_values = initial_variable_values
|
|
|
|
@block = block
|
|
|
|
end
|
|
|
|
|
|
|
|
# Returns true if the application is initialized.
|
|
|
|
def initialized?
|
|
|
|
@initialized
|
|
|
|
end
|
|
|
|
|
|
|
|
def run_load_hooks! # :nodoc:
|
|
|
|
return self if @ran_load_hooks
|
|
|
|
@ran_load_hooks = true
|
2013-04-04 21:25:31 -04:00
|
|
|
|
2014-08-07 18:28:31 -04:00
|
|
|
@initial_variable_values.each do |variable_name, value|
|
2013-04-04 21:25:31 -04:00
|
|
|
if INITIAL_VARIABLES.include?(variable_name)
|
|
|
|
instance_variable_set("@#{variable_name}", value)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-08-07 18:28:31 -04:00
|
|
|
instance_eval(&@block) if @block
|
|
|
|
self
|
2012-06-29 09:25:47 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
# Reload application routes regardless if they changed or not.
|
|
|
|
def reload_routes!
|
|
|
|
routes_reloader.reload!
|
|
|
|
end
|
|
|
|
|
2015-09-28 10:45:53 -04:00
|
|
|
# Returns the application's KeyGenerator
|
2012-09-30 22:34:12 -04:00
|
|
|
def key_generator
|
|
|
|
# number of iterations selected based on consultation with the google security
|
|
|
|
# team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
|
2019-01-16 16:17:52 -05:00
|
|
|
@caching_key_generator ||= ActiveSupport::CachingKeyGenerator.new(
|
|
|
|
ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
|
|
|
|
)
|
2012-09-30 22:34:12 -04:00
|
|
|
end
|
|
|
|
|
2013-12-02 19:42:10 -05:00
|
|
|
# Returns a message verifier object.
|
2013-11-19 19:34:32 -05:00
|
|
|
#
|
2013-12-02 19:42:10 -05:00
|
|
|
# This verifier can be used to generate and verify signed messages in the application.
|
2013-11-19 19:34:32 -05:00
|
|
|
#
|
2013-11-21 21:02:10 -05:00
|
|
|
# It is recommended not to use the same verifier for different things, so you can get different
|
|
|
|
# verifiers passing the +verifier_name+ argument.
|
2013-11-21 20:42:10 -05:00
|
|
|
#
|
|
|
|
# ==== Parameters
|
|
|
|
#
|
2013-12-19 14:00:53 -05:00
|
|
|
# * +verifier_name+ - the name of the message verifier.
|
2013-11-21 20:42:10 -05:00
|
|
|
#
|
|
|
|
# ==== Examples
|
|
|
|
#
|
2013-12-19 14:00:53 -05:00
|
|
|
# message = Rails.application.message_verifier('sensitive_data').generate('my sensible data')
|
|
|
|
# Rails.application.message_verifier('sensitive_data').verify(message)
|
2013-11-19 19:34:32 -05:00
|
|
|
# # => 'my sensible data'
|
|
|
|
#
|
2013-11-21 21:02:10 -05:00
|
|
|
# See the +ActiveSupport::MessageVerifier+ documentation for more information.
|
2013-12-19 14:00:53 -05:00
|
|
|
def message_verifier(verifier_name)
|
|
|
|
@message_verifiers[verifier_name] ||= begin
|
2013-12-19 14:04:07 -05:00
|
|
|
secret = key_generator.generate_key(verifier_name.to_s)
|
2013-11-19 19:26:52 -05:00
|
|
|
ActiveSupport::MessageVerifier.new(secret)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-07-10 15:40:07 -04:00
|
|
|
# Convenience for loading config/foo.yml for the current Rails env.
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# # config/exception_notification.yml:
|
|
|
|
# production:
|
|
|
|
# url: http://127.0.0.1:8080
|
|
|
|
# namespace: my_app_production
|
|
|
|
# development:
|
|
|
|
# url: http://localhost:3001
|
|
|
|
# namespace: my_app_development
|
|
|
|
#
|
2016-02-08 15:20:41 -05:00
|
|
|
# # config/environments/production.rb
|
2014-09-19 13:30:31 -04:00
|
|
|
# Rails.application.configure do
|
2014-07-10 15:40:07 -04:00
|
|
|
# config.middleware.use ExceptionNotifier, config_for(:exception_notification)
|
|
|
|
# end
|
2015-10-30 14:46:15 -04:00
|
|
|
def config_for(name, env: Rails.env)
|
2015-12-15 12:50:56 -05:00
|
|
|
if name.is_a?(Pathname)
|
|
|
|
yaml = name
|
|
|
|
else
|
|
|
|
yaml = Pathname.new("#{paths["config"].existent.first}/#{name}.yml")
|
|
|
|
end
|
2014-07-10 15:40:07 -04:00
|
|
|
|
|
|
|
if yaml.exist?
|
|
|
|
require "erb"
|
2018-10-19 08:37:06 -04:00
|
|
|
config = YAML.load(ERB.new(yaml.read).result) || {}
|
|
|
|
config = (config["shared"] || {}).merge(config[env] || {})
|
2018-09-11 17:47:41 -04:00
|
|
|
|
2019-02-08 12:44:43 -05:00
|
|
|
ActiveSupport::OrderedOptions.new.tap do |options|
|
|
|
|
options.update(NonSymbolAccessDeprecatedHash.new(config))
|
2018-10-19 08:37:06 -04:00
|
|
|
end
|
2014-07-10 15:40:07 -04:00
|
|
|
else
|
|
|
|
raise "Could not load configuration. No such file - #{yaml}"
|
|
|
|
end
|
|
|
|
rescue Psych::SyntaxError => e
|
|
|
|
raise "YAML syntax error occurred while parsing #{yaml}. " \
|
|
|
|
"Please note that YAML must be consistently indented using spaces. Tabs are not allowed. " \
|
|
|
|
"Error: #{e.message}"
|
|
|
|
end
|
|
|
|
|
2012-06-29 09:25:47 -04:00
|
|
|
# Stores some of the Rails initial environment parameters which
|
|
|
|
# will be used by middlewares and engines to configure themselves.
|
|
|
|
def env_config
|
2013-03-18 23:00:39 -04:00
|
|
|
@app_env_config ||= begin
|
2016-04-11 12:20:59 -04:00
|
|
|
super.merge(
|
2012-11-01 00:20:16 -04:00
|
|
|
"action_dispatch.parameter_filter" => config.filter_parameters,
|
2012-09-30 18:00:44 -04:00
|
|
|
"action_dispatch.redirect_filter" => config.filter_redirect,
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
"action_dispatch.secret_key_base" => secret_key_base,
|
2012-11-01 00:20:16 -04:00
|
|
|
"action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
|
|
|
|
"action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
|
|
|
|
"action_dispatch.logger" => Rails.logger,
|
|
|
|
"action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner,
|
2012-11-01 18:02:09 -04:00
|
|
|
"action_dispatch.key_generator" => key_generator,
|
|
|
|
"action_dispatch.http_auth_salt" => config.action_dispatch.http_auth_salt,
|
|
|
|
"action_dispatch.signed_cookie_salt" => config.action_dispatch.signed_cookie_salt,
|
|
|
|
"action_dispatch.encrypted_cookie_salt" => config.action_dispatch.encrypted_cookie_salt,
|
2014-01-10 06:57:50 -05:00
|
|
|
"action_dispatch.encrypted_signed_cookie_salt" => config.action_dispatch.encrypted_signed_cookie_salt,
|
2017-02-23 13:54:17 -05:00
|
|
|
"action_dispatch.authenticated_encrypted_cookie_salt" => config.action_dispatch.authenticated_encrypted_cookie_salt,
|
2017-09-23 17:18:01 -04:00
|
|
|
"action_dispatch.use_authenticated_cookie_encryption" => config.action_dispatch.use_authenticated_cookie_encryption,
|
2017-09-23 17:16:21 -04:00
|
|
|
"action_dispatch.encrypted_cookie_cipher" => config.action_dispatch.encrypted_cookie_cipher,
|
|
|
|
"action_dispatch.signed_cookie_digest" => config.action_dispatch.signed_cookie_digest,
|
2014-08-12 15:57:51 -04:00
|
|
|
"action_dispatch.cookies_serializer" => config.action_dispatch.cookies_serializer,
|
2017-09-23 17:16:21 -04:00
|
|
|
"action_dispatch.cookies_digest" => config.action_dispatch.cookies_digest,
|
2017-11-15 16:07:28 -05:00
|
|
|
"action_dispatch.cookies_rotations" => config.action_dispatch.cookies_rotations,
|
2018-05-19 04:01:57 -04:00
|
|
|
"action_dispatch.use_cookies_with_metadata" => config.action_dispatch.use_cookies_with_metadata,
|
2017-11-15 16:07:28 -05:00
|
|
|
"action_dispatch.content_security_policy" => config.content_security_policy,
|
2018-02-16 08:21:48 -05:00
|
|
|
"action_dispatch.content_security_policy_report_only" => config.content_security_policy_report_only,
|
2019-02-02 21:33:44 -05:00
|
|
|
"action_dispatch.content_security_policy_nonce_generator" => config.content_security_policy_nonce_generator,
|
|
|
|
"action_dispatch.content_security_policy_nonce_directives" => config.content_security_policy_nonce_directives
|
2016-04-11 12:20:59 -04:00
|
|
|
)
|
2012-11-01 00:20:16 -04:00
|
|
|
end
|
2012-06-29 09:25:47 -04:00
|
|
|
end
|
|
|
|
|
2016-12-19 21:06:12 -05:00
|
|
|
# If you try to define a set of Rake tasks on the instance, these will get
|
|
|
|
# passed up to the Rake tasks defined on the application's class.
|
2013-04-04 21:25:31 -04:00
|
|
|
def rake_tasks(&block)
|
|
|
|
self.class.rake_tasks(&block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Sends the initializers to the +initializer+ method defined in the
|
|
|
|
# Rails::Initializable module. Each Rails::Application class has its own
|
|
|
|
# set of initializers, as defined by the Initializable module.
|
2016-10-28 23:05:58 -04:00
|
|
|
def initializer(name, opts = {}, &block)
|
2013-04-04 21:25:31 -04:00
|
|
|
self.class.initializer(name, opts, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Sends any runner called in the instance of a new application up
|
|
|
|
# to the +runner+ method defined in Rails::Railtie.
|
|
|
|
def runner(&blk)
|
|
|
|
self.class.runner(&blk)
|
|
|
|
end
|
|
|
|
|
2014-04-14 17:56:59 -04:00
|
|
|
# Sends any console called in the instance of a new application up
|
|
|
|
# to the +console+ method defined in Rails::Railtie.
|
|
|
|
def console(&blk)
|
|
|
|
self.class.console(&blk)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Sends any generators called in the instance of a new application up
|
|
|
|
# to the +generators+ method defined in Rails::Railtie.
|
|
|
|
def generators(&blk)
|
|
|
|
self.class.generators(&blk)
|
|
|
|
end
|
|
|
|
|
2013-04-04 21:25:31 -04:00
|
|
|
# Sends the +isolate_namespace+ method up to the class method.
|
|
|
|
def isolate_namespace(mod)
|
|
|
|
self.class.isolate_namespace(mod)
|
|
|
|
end
|
|
|
|
|
2012-06-29 09:25:47 -04:00
|
|
|
## Rails internal API
|
|
|
|
|
2010-06-20 07:03:08 -04:00
|
|
|
# This method is called just after an application inherits from Rails::Application,
|
|
|
|
# allowing the developer to load classes in lib and use them during application
|
|
|
|
# configuration.
|
|
|
|
#
|
|
|
|
# class MyApplication < Rails::Application
|
|
|
|
# require "my_backend" # in lib/my_backend
|
|
|
|
# config.i18n.backend = MyBackend
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
# Notice this method takes into consideration the default root path. So if you
|
|
|
|
# are changing config.root inside your application definition or having a custom
|
|
|
|
# Rails application, you will need to add lib to $LOAD_PATH on your own in case
|
|
|
|
# you need to load files in lib/ during the application configuration as well.
|
2014-11-04 17:54:52 -05:00
|
|
|
def self.add_lib_to_load_path!(root) #:nodoc:
|
2016-08-06 13:15:47 -04:00
|
|
|
path = File.join root, "lib"
|
2013-10-31 14:47:51 -04:00
|
|
|
if File.exist?(path) && !$LOAD_PATH.include?(path)
|
2013-04-04 21:25:31 -04:00
|
|
|
$LOAD_PATH.unshift(path)
|
|
|
|
end
|
2010-06-01 18:42:20 -04:00
|
|
|
end
|
|
|
|
|
2010-06-20 07:03:08 -04:00
|
|
|
def require_environment! #:nodoc:
|
2010-10-06 11:18:59 -04:00
|
|
|
environment = paths["config/environment"].existent.first
|
2010-01-23 10:59:32 -05:00
|
|
|
require environment if environment
|
2009-12-21 19:35:54 -05:00
|
|
|
end
|
|
|
|
|
2011-12-12 09:18:19 -05:00
|
|
|
def routes_reloader #:nodoc:
|
2010-09-29 14:05:34 -04:00
|
|
|
@routes_reloader ||= RoutesReloader.new
|
2010-01-23 09:05:13 -05:00
|
|
|
end
|
2009-12-14 18:54:41 -05:00
|
|
|
|
2012-06-29 09:25:47 -04:00
|
|
|
# Returns an array of file paths appended with a hash of
|
|
|
|
# directories-extensions suitable for ActiveSupport::FileUpdateChecker
|
|
|
|
# API.
|
|
|
|
def watchable_args #:nodoc:
|
2012-01-14 21:34:51 -05:00
|
|
|
files, dirs = config.watchable_files.dup, config.watchable_dirs.dup
|
2011-12-12 16:51:33 -05:00
|
|
|
|
|
|
|
ActiveSupport::Dependencies.autoload_paths.each do |path|
|
|
|
|
dirs[path.to_s] = [:rb]
|
|
|
|
end
|
|
|
|
|
2011-12-13 05:23:21 -05:00
|
|
|
[files, dirs]
|
2011-12-12 09:18:19 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
# Initialize the application passing the given group. By default, the
|
2013-06-04 04:52:54 -04:00
|
|
|
# group is :default
|
2016-10-28 23:05:58 -04:00
|
|
|
def initialize!(group = :default) #:nodoc:
|
2010-07-22 06:07:45 -04:00
|
|
|
raise "Application has been already initialized." if @initialized
|
2011-09-23 19:56:49 -04:00
|
|
|
run_initializers(group, self)
|
2010-07-22 06:07:45 -04:00
|
|
|
@initialized = true
|
2010-01-23 09:05:13 -05:00
|
|
|
self
|
2009-12-14 18:54:41 -05:00
|
|
|
end
|
|
|
|
|
2011-12-12 09:18:19 -05:00
|
|
|
def initializers #:nodoc:
|
2010-10-08 10:58:24 -04:00
|
|
|
Bootstrap.initializers_for(self) +
|
2012-06-29 10:50:51 -04:00
|
|
|
railties_initializers(super) +
|
2010-10-08 10:58:24 -04:00
|
|
|
Finisher.initializers_for(self)
|
2010-01-22 19:29:29 -05:00
|
|
|
end
|
2010-01-23 12:41:53 -05:00
|
|
|
|
2011-12-12 09:18:19 -05:00
|
|
|
def config #:nodoc:
|
2014-11-04 17:54:52 -05:00
|
|
|
@config ||= Application::Configuration.new(self.class.find_root(self.class.called_from))
|
2010-07-19 11:53:14 -04:00
|
|
|
end
|
|
|
|
|
2018-03-29 22:29:55 -04:00
|
|
|
attr_writer :config
|
2013-04-04 21:25:31 -04:00
|
|
|
|
2014-12-23 11:32:31 -05:00
|
|
|
# Returns secrets added to config/secrets.yml.
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# development:
|
|
|
|
# secret_key_base: 836fa3665997a860728bcb9e9a1e704d427cfc920e79d847d79c8a9a907b9e965defa4154b2b86bdec6930adbe33f21364523a6f6ce363865724549fdfc08553
|
|
|
|
# test:
|
|
|
|
# secret_key_base: 5a37811464e7d378488b0f073e2193b093682e4e21f5d6f3ae0a4e1781e61a351fdc878a843424e81c73fb484a40d23f92c8dafac4870e74ede6e5e174423010
|
|
|
|
# production:
|
|
|
|
# secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
|
|
|
# namespace: my_app_production
|
|
|
|
#
|
|
|
|
# +Rails.application.secrets.namespace+ returns +my_app_production+ in the
|
|
|
|
# production environment.
|
|
|
|
def secrets
|
2013-12-10 10:04:07 -05:00
|
|
|
@secrets ||= begin
|
|
|
|
secrets = ActiveSupport::OrderedOptions.new
|
2017-04-01 00:22:25 -04:00
|
|
|
files = config.paths["config/secrets"].existent
|
|
|
|
files = files.reject { |path| path.end_with?(".enc") } unless config.read_encrypted_secrets
|
|
|
|
secrets.merge! Rails::Secrets.parse(files, env: Rails.env)
|
2013-12-10 10:04:07 -05:00
|
|
|
|
|
|
|
# Fallback to config.secret_key_base if secrets.secret_key_base isn't set
|
|
|
|
secrets.secret_key_base ||= config.secret_key_base
|
2017-09-28 14:04:46 -04:00
|
|
|
|
2013-12-10 10:04:07 -05:00
|
|
|
secrets
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-03-29 22:29:55 -04:00
|
|
|
attr_writer :secrets
|
2013-12-10 10:04:07 -05:00
|
|
|
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
# The secret_key_base is used as the input secret to the application's key generator, which in turn
|
2017-09-13 15:26:45 -04:00
|
|
|
# is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
#
|
2019-03-22 20:53:55 -04:00
|
|
|
# In development and test, this is randomly generated and stored in a
|
|
|
|
# temporary file in <tt>tmp/development_secret.txt</tt>.
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
#
|
|
|
|
# In all other environments, we look for it first in ENV["SECRET_KEY_BASE"],
|
2017-09-13 15:26:45 -04:00
|
|
|
# then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications,
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
# the correct place to store it is in the encrypted credentials file.
|
|
|
|
def secret_key_base
|
2019-03-10 19:37:46 -04:00
|
|
|
if Rails.env.development? || Rails.env.test?
|
|
|
|
secrets.secret_key_base ||= generate_development_secret
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
else
|
2017-11-25 14:10:34 -05:00
|
|
|
validate_secret_key_base(
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
|
2017-11-25 14:10:34 -05:00
|
|
|
)
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-11-19 00:42:45 -05:00
|
|
|
# Decrypts the credentials hash as kept in +config/credentials.yml.enc+. This file is encrypted with
|
|
|
|
# the Rails master key, which is either taken from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading
|
|
|
|
# +config/master.key+.
|
2018-09-19 17:02:00 -04:00
|
|
|
# If specific credentials file exists for current environment, it takes precedence, thus for +production+
|
|
|
|
# environment look first for +config/credentials/production.yml.enc+ with master key taken
|
2018-09-20 06:23:47 -04:00
|
|
|
# from <tt>ENV["RAILS_MASTER_KEY"]</tt> or from loading +config/credentials/production.key+.
|
2018-09-19 17:02:00 -04:00
|
|
|
# Default behavior can be overwritten by setting +config.credentials.content_path+ and +config.credentials.key_path+.
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
def credentials
|
2018-09-19 17:02:00 -04:00
|
|
|
@credentials ||= encrypted(config.credentials.content_path, key_path: config.credentials.key_path)
|
2017-11-14 05:44:23 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
# Shorthand to decrypt any encrypted configurations or files.
|
|
|
|
#
|
2018-06-26 16:02:51 -04:00
|
|
|
# For any file added with <tt>rails encrypted:edit</tt> call +read+ to decrypt
|
2017-11-14 05:44:23 -05:00
|
|
|
# the file with the master key.
|
2017-11-19 00:42:45 -05:00
|
|
|
# The master key is either stored in +config/master.key+ or <tt>ENV["RAILS_MASTER_KEY"]</tt>.
|
2017-11-14 05:44:23 -05:00
|
|
|
#
|
2017-11-16 03:52:51 -05:00
|
|
|
# Rails.application.encrypted("config/mystery_man.txt.enc").read
|
2017-11-14 05:44:23 -05:00
|
|
|
# # => "We've met before, haven't we?"
|
|
|
|
#
|
2017-11-19 00:42:45 -05:00
|
|
|
# It's also possible to interpret encrypted YAML files with +config+.
|
2017-11-14 05:44:23 -05:00
|
|
|
#
|
|
|
|
# Rails.application.encrypted("config/credentials.yml.enc").config
|
|
|
|
# # => { next_guys_line: "I don't think so. Where was it you think we met?" }
|
|
|
|
#
|
|
|
|
# Any top-level configs are also accessible directly on the return value:
|
|
|
|
#
|
|
|
|
# Rails.application.encrypted("config/credentials.yml.enc").next_guys_line
|
|
|
|
# # => "I don't think so. Where was it you think we met?"
|
|
|
|
#
|
|
|
|
# The files or configs can also be encrypted with a custom key. To decrypt with
|
2017-11-19 00:42:45 -05:00
|
|
|
# a key in the +ENV+, use:
|
2017-11-14 05:44:23 -05:00
|
|
|
#
|
|
|
|
# Rails.application.encrypted("config/special_tokens.yml.enc", env_key: "SPECIAL_TOKENS")
|
|
|
|
#
|
2017-11-19 00:42:45 -05:00
|
|
|
# Or to decrypt with a file, that should be version control ignored, relative to +Rails.root+:
|
2017-11-14 05:44:23 -05:00
|
|
|
#
|
|
|
|
# Rails.application.encrypted("config/special_tokens.yml.enc", key_path: "config/special_tokens.key")
|
|
|
|
def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
|
2017-11-25 14:10:34 -05:00
|
|
|
ActiveSupport::EncryptedConfiguration.new(
|
2017-11-14 05:44:23 -05:00
|
|
|
config_path: Rails.root.join(path),
|
|
|
|
key_path: Rails.root.join(key_path),
|
2017-12-05 07:41:19 -05:00
|
|
|
env_key: env_key,
|
|
|
|
raise_if_missing_key: config.require_master_key
|
2017-11-25 14:10:34 -05:00
|
|
|
)
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
end
|
|
|
|
|
2012-06-29 09:25:47 -04:00
|
|
|
def to_app #:nodoc:
|
2011-06-06 16:56:41 -04:00
|
|
|
self
|
|
|
|
end
|
|
|
|
|
2011-12-12 09:18:19 -05:00
|
|
|
def helpers_paths #:nodoc:
|
2011-11-23 14:06:45 -05:00
|
|
|
config.helpers_paths
|
|
|
|
end
|
|
|
|
|
2014-04-04 08:05:29 -04:00
|
|
|
console do
|
|
|
|
require "pp"
|
|
|
|
end
|
|
|
|
|
|
|
|
console do
|
|
|
|
unless ::Kernel.private_method_defined?(:y)
|
2014-11-28 21:38:08 -05:00
|
|
|
require "psych/y"
|
2014-04-04 08:05:29 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-08-30 18:39:38 -04:00
|
|
|
# Return an array of railties respecting the order they're loaded
|
|
|
|
# and the order specified by the +railties_order+ config.
|
|
|
|
#
|
2015-03-05 08:17:01 -05:00
|
|
|
# While running initializers we need engines in reverse order here when
|
|
|
|
# copying migrations from railties ; we need them in the order given by
|
|
|
|
# +railties_order+.
|
2014-05-23 08:34:05 -04:00
|
|
|
def migration_railties # :nodoc:
|
2014-08-30 18:39:38 -04:00
|
|
|
ordered_railties.flatten - [self]
|
2014-05-23 08:34:05 -04:00
|
|
|
end
|
|
|
|
|
2011-04-15 12:42:51 -04:00
|
|
|
protected
|
|
|
|
alias :build_middleware_stack :app
|
2011-03-29 22:16:44 -04:00
|
|
|
|
2012-06-29 10:50:51 -04:00
|
|
|
def run_tasks_blocks(app) #:nodoc:
|
|
|
|
railties.each { |r| r.run_tasks_blocks(app) }
|
|
|
|
super
|
2017-10-21 09:08:33 -04:00
|
|
|
require "rails/tasks"
|
2012-06-29 10:50:51 -04:00
|
|
|
task :environment do
|
2013-07-09 16:36:50 -04:00
|
|
|
ActiveSupport.on_load(:before_initialize) { config.eager_load = false }
|
|
|
|
|
2012-06-29 10:50:51 -04:00
|
|
|
require_environment!
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def run_generators_blocks(app) #:nodoc:
|
|
|
|
railties.each { |r| r.run_generators_blocks(app) }
|
|
|
|
super
|
|
|
|
end
|
|
|
|
|
|
|
|
def run_runner_blocks(app) #:nodoc:
|
|
|
|
railties.each { |r| r.run_runner_blocks(app) }
|
|
|
|
super
|
|
|
|
end
|
|
|
|
|
|
|
|
def run_console_blocks(app) #:nodoc:
|
|
|
|
railties.each { |r| r.run_console_blocks(app) }
|
|
|
|
super
|
|
|
|
end
|
|
|
|
|
|
|
|
# Returns the ordered railties for this application considering railties_order.
|
|
|
|
def ordered_railties #:nodoc:
|
|
|
|
@ordered_railties ||= begin
|
|
|
|
order = config.railties_order.map do |railtie|
|
|
|
|
if railtie == :main_app
|
|
|
|
self
|
|
|
|
elsif railtie.respond_to?(:instance)
|
|
|
|
railtie.instance
|
|
|
|
else
|
|
|
|
railtie
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
all = (railties - order)
|
|
|
|
all.push(self) unless (all + order).include?(self)
|
|
|
|
order.push(:all) unless order.include?(:all)
|
|
|
|
|
|
|
|
index = order.index(:all)
|
|
|
|
order[index] = all
|
2014-08-30 18:39:38 -04:00
|
|
|
order
|
2012-06-29 10:50:51 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def railties_initializers(current) #:nodoc:
|
|
|
|
initializers = []
|
2014-08-30 18:39:38 -04:00
|
|
|
ordered_railties.reverse.flatten.each do |r|
|
2012-06-29 10:50:51 -04:00
|
|
|
if r == self
|
|
|
|
initializers += current
|
|
|
|
else
|
|
|
|
initializers += r.initializers
|
|
|
|
end
|
|
|
|
end
|
|
|
|
initializers
|
|
|
|
end
|
|
|
|
|
2012-06-29 09:25:47 -04:00
|
|
|
def default_middleware_stack #:nodoc:
|
2013-06-15 22:22:15 -04:00
|
|
|
default_stack = DefaultMiddlewareStack.new(self, config, paths)
|
|
|
|
default_stack.build_stack
|
2013-03-03 15:20:44 -05:00
|
|
|
end
|
|
|
|
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
def validate_secret_key_base(secret_key_base)
|
|
|
|
if secret_key_base.is_a?(String) && secret_key_base.present?
|
|
|
|
secret_key_base
|
|
|
|
elsif secret_key_base
|
|
|
|
raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
|
2019-01-16 16:17:52 -05:00
|
|
|
else
|
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 14:21:20 -04:00
|
|
|
raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `rails credentials:edit`"
|
2013-06-18 00:22:52 -04:00
|
|
|
end
|
|
|
|
end
|
2015-09-29 16:35:13 -04:00
|
|
|
|
|
|
|
private
|
2019-03-10 19:37:46 -04:00
|
|
|
def generate_development_secret
|
|
|
|
if secrets.secret_key_base.nil?
|
|
|
|
key_file = Rails.root.join("tmp/development_secret.txt")
|
|
|
|
|
|
|
|
if !File.exist?(key_file)
|
|
|
|
random_key = SecureRandom.hex(64)
|
2019-03-14 02:39:23 -04:00
|
|
|
FileUtils.mkdir_p(key_file.dirname)
|
2019-03-10 19:37:46 -04:00
|
|
|
File.binwrite(key_file, random_key)
|
|
|
|
end
|
|
|
|
|
|
|
|
secrets.secret_key_base = File.binread(key_file)
|
|
|
|
end
|
|
|
|
|
|
|
|
secrets.secret_key_base
|
|
|
|
end
|
|
|
|
|
2016-08-06 13:55:02 -04:00
|
|
|
def build_request(env)
|
|
|
|
req = super
|
|
|
|
env["ORIGINAL_FULLPATH"] = req.fullpath
|
|
|
|
env["ORIGINAL_SCRIPT_NAME"] = req.script_name
|
|
|
|
req
|
|
|
|
end
|
2015-09-30 14:23:00 -04:00
|
|
|
|
2016-08-06 13:55:02 -04:00
|
|
|
def build_middleware
|
|
|
|
config.app_middleware + super
|
|
|
|
end
|
2019-02-08 12:44:43 -05:00
|
|
|
|
|
|
|
class NonSymbolAccessDeprecatedHash < HashWithIndifferentAccess # :nodoc:
|
|
|
|
def initialize(value = nil)
|
|
|
|
if value.is_a?(Hash)
|
|
|
|
value.each_pair { |k, v| self[k] = v }
|
|
|
|
else
|
|
|
|
super
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def []=(key, value)
|
2019-02-13 07:00:47 -05:00
|
|
|
regular_writer(key.to_sym, convert_value(value, for: :assignment))
|
2019-02-08 12:44:43 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
def convert_key(key)
|
|
|
|
unless key.kind_of?(Symbol)
|
|
|
|
ActiveSupport::Deprecation.warn(<<~MESSAGE.squish)
|
|
|
|
Accessing hashes returned from config_for by non-symbol keys
|
|
|
|
is deprecated and will be removed in Rails 6.1.
|
|
|
|
Use symbols for access instead.
|
|
|
|
MESSAGE
|
|
|
|
|
|
|
|
key = key.to_sym
|
|
|
|
end
|
|
|
|
|
|
|
|
key
|
|
|
|
end
|
2019-02-13 07:00:47 -05:00
|
|
|
|
|
|
|
def convert_value(value, options = {}) # :doc:
|
|
|
|
if value.is_a? Hash
|
|
|
|
if options[:for] == :to_hash
|
|
|
|
value.to_hash
|
|
|
|
else
|
|
|
|
self.class.new(value)
|
|
|
|
end
|
|
|
|
elsif value.is_a?(Array)
|
|
|
|
if options[:for] != :assignment || value.frozen?
|
|
|
|
value = value.dup
|
|
|
|
end
|
|
|
|
value.map! { |e| convert_value(e, options) }
|
|
|
|
else
|
|
|
|
value
|
|
|
|
end
|
|
|
|
end
|
2019-02-08 12:44:43 -05:00
|
|
|
end
|
2009-09-25 22:32:28 -04:00
|
|
|
end
|
2011-05-07 04:19:01 -04:00
|
|
|
end
|