Sha256: 538affff5155b3d5c63fab859b069383bb68224cb61b4108110e9950d13b7e04
Contents?: true
Size: 1.48 KB
Versions: 1
Compression:
Stored size: 1.48 KB
Contents
# frozen_string_literal: true
module EJSON
module Rails
Rails = ::Rails
private_constant :Rails
class Railtie < Rails::Railtie
singleton_class.attr_accessor(:ejson_secret_source)
config.before_configuration do
secrets = load_secrets_from_config || load_secrets_from_disk
next unless secrets
secrets = JSON.parse(secrets, symbolize_names: true)
# Merging into `credentials.config` because in Rails 7.0, reading a credential with
# Rails.application.credentials[:some_credential] won't work otherwise.
Rails.application.credentials.config.deep_merge!(secrets) do |key|
raise "A credential already exists with the same name: #{key}"
end
# Delete the loaded JSON files so they are no longer readable by the app.
if ENV["EJSON_RAILS_DELETE_SECRETS"] == "true"
json_files.each do |pathname|
File.delete(pathname) if File.writable?(pathname)
end
end
end
class << self
private
def load_secrets_from_config
ejson_secret_source&.call
end
def load_secrets_from_disk
json_files.detect { |file| valid?(file) }&.read
end
def valid?(pathname)
pathname.exist?
end
def json_files
[
Rails.root.join("config", "secrets.json"),
Rails.root.join("config", "secrets.#{Rails.env}.json"),
]
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| ejson-rails-1.0.0 | lib/ejson/rails/railtie.rb |