From 273f9b5fbb17c0b6f8e64ed42baf3c54c764507b Mon Sep 17 00:00:00 2001 From: adi-herwana-nus Date: Mon, 16 Sep 2024 13:57:40 +0800 Subject: [PATCH] chore: migrate from rails secrets to rails credentials --- .gitignore | 2 ++ config/credentials/development.yml.enc | 1 + config/credentials/production.yml.enc | 1 + config/credentials/staging.yml.enc | 1 + config/credentials/test.yml.enc | 1 + config/secrets.yml | 22 ---------------------- 6 files changed, 6 insertions(+), 22 deletions(-) create mode 100644 config/credentials/development.yml.enc create mode 100644 config/credentials/production.yml.enc create mode 100644 config/credentials/staging.yml.enc create mode 100644 config/credentials/test.yml.enc delete mode 100644 config/secrets.yml diff --git a/.gitignore b/.gitignore index f759f0926d2..f89464c6cdf 100644 --- a/.gitignore +++ b/.gitignore @@ -72,3 +72,5 @@ playwright/.cache/ coverage/ dump.rdb + +/config/credentials/*.key diff --git a/config/credentials/development.yml.enc b/config/credentials/development.yml.enc new file mode 100644 index 00000000000..21eb8ca51ae --- /dev/null +++ b/config/credentials/development.yml.enc @@ -0,0 +1 @@ +cpFVpuK16dpiu5+pMhjCp2acLOuK/s3flbhMx6vRG+wXLfoGt+RyNkdO1wXI8s/S9MPWpz0OYDLKOx+WlYfp/11z4pl59DbO4dMGVvpHOJxvRRGmcIvmNgAOFUUDOESFzBYu+WIdbGQqUthuJXzBb7CiNtOxhFiXu6uvnH3qfVZBXjFBpqjO/5Us2irVG7NJNOpMp9Dkh4PEye4d4kS1BjppcVe9wwMI1qZBZggW0VOBATisrAQGwJnoQY4eH7dNw6NfkoEKC4LpVH74xhrtL/tNYmNRmiQ2gvb/y0P0MGDBsdP+vakhGmS1ZDbAxwnMXUMhPQhEmFAphUuX2t9imSty/G2pKiaQA5ltAgpxwJbhT8MFyH8ZlBN+07NrJClYxLZMcujMToJjbyNNl3E2FRZRcLRIYCydVXCyyO0+oBSGIxJDbl7gYlbVd0U+6r4NtxNCmHU8m68IlESmXoomtFqAO+BYO4Xuutj/QavX1s7wDR7HBTpRK8vBDIDV1953kWoAj4Ck/3fgQjAAu7px47rlIN8S38ZoJXb8j5ShRLAwwQ46ZoIngzM=--De0M4cyIsF6pIvXU--2DxvDZDez7Q9AZcNkJFCzQ== \ No newline at end of file diff --git a/config/credentials/production.yml.enc b/config/credentials/production.yml.enc new file mode 100644 index 00000000000..79c59893612 --- /dev/null +++ b/config/credentials/production.yml.enc @@ -0,0 +1 @@ +MXk5f8JYOC/87JGkhBbLrC7dOaZpo9FG/ZnjgTAkj4kysNI0/QkJs+P6HwUKWFOclSEgmchSkhlZoc7faWe55tHxzUXZA1cuWkfHtakbcHoMPll+imJNNRt2GkFyIVp6j4/WWcpyCZbpYGc7Yq1tzIXOxSWPpDXxNbaIIwvw5dsPyzydO3ACVuaoKYu9n7B8Q0HNCePGN5w=--QizJ3r93+f3SGTwL--9BI1T2f2lAJp5KfW939UgA== \ No newline at end of file diff --git a/config/credentials/staging.yml.enc b/config/credentials/staging.yml.enc new file mode 100644 index 00000000000..d9ca96e0755 --- /dev/null +++ b/config/credentials/staging.yml.enc @@ -0,0 +1 @@ +fvn1FPdAVmQktmAJOt22/eIq2JYMAkRGF+gEFHbn+y8IXq67--+jQ4CleTOdt+41q5--kHU/yazfeXcDbHiDFMmmpw== \ No newline at end of file diff --git a/config/credentials/test.yml.enc b/config/credentials/test.yml.enc new file mode 100644 index 00000000000..57c68291fcc --- /dev/null +++ b/config/credentials/test.yml.enc @@ -0,0 +1 @@ +Os8x0dJeIe65MOnAk0gFzYpdoRmLUPm5FtE3EyWuf1HZuOXqEGvSSvRmGyHkSynTBJ1dcR1zOKr0WY0lCJr++Q23Vrx1mqTnoA+p3aqdjE26x+vdvyAYAJ2OAgPARSeiO4I8h0rbTVkSpJMTjiBoHMj3ehKTkexr3sYnnjM/5CST6ytwSJhV4uWMuc1JPkTFlBI2FCO8EQ==--VLikj22h5LPwB5hI--lo1VepV16EWRIhkByrtyhw== \ No newline at end of file diff --git a/config/secrets.yml b/config/secrets.yml deleted file mode 100644 index a0158636b12..00000000000 --- a/config/secrets.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Your secret key is used for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! - -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -# You can use `rails secret` to generate a secure secret key. - -# Make sure the secrets in this file are kept private -# if you're sharing your code publicly. - -development: - secret_key_base: e38b6588c625976a7b79de42b6916cb32d4d349e90c8911a9dd5dda88de0675c9bc632ba90b2092e2690b5426bfc952463bf03e7ab3168172f5ee4e494f55ec9 - -test: - secret_key_base: fce273299448c1ea3ce9c2fd0138eaf745cd6498edb512cb1e9bba1faae527bd6803b88d8592953854c18ff41679e3ba8e629e45622f2332cecfab66aa0f91bd - -# Do not keep production secrets in the repository, -# instead read values from the environment. -production: - secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>