Using config/secrets.yml in Rails 4.0.2 version
Solution 1
This secret_key_base deprecation does not seem to have alternative syntax to remove the deprecation warning in a Rails 4.0 application. To satisfy the deprecation, follow the steps for moving the production key to secrets.yml and delete the secret_token.rb file. The implement a YAML loader in your application.rb to extract the token from your secrets.yml file.
Use rake secret to generate a new token for each of your environments. Copy and paste the output to each section of your secrets.yml file.
# config/secrets.yml
development:
secret_key_base: __pasted from rake secret___
test:
secret_key_base: __pasted from rake secret___
production:
secret_key_base: __pasted token from config/initializers/secret_token.rb___
# config/application.rb
# TODO Remove this in Rails 4.1
config.secret_key_base = YAML.load(File.open("#{Rails.root}/config/secrets.yml"))[Rails.env]['secret_key_base']
Cite: https://github.com/rails/rails/pull/13298
UPDATE:
My original post focused on Inspired by @user2998870, I added a method to my application.rb that is allows one to implement multiple secrets, not just secret_key_base. This makes top-level keys accessible as methods e.g. Rails.application.secrets.braintree_merchant_id.
If nested, one can call the nested key value using Rails.application.secrets.braintree['merchant_key'].
Note: The original code above is still needed for secret_key_base to operate correctly in Rails 4.0.
# config/application.rb
def secrets
@secrets ||= begin
yaml = YAML.load(File.open("#{Rails.root}/config/secrets.yml"))[Rails.env]
ActiveSupport::OrderedOptions.new.merge!(yaml.symbolize_keys)
end
end
Solution 2
config/secrets.yml is a feature of Rails 4.1. Upgrade to Rails 4.1 to use the feature.
Solution 3
I did like @scarver2 mentioned, but I did it by borrowing some code from Rails 4.1 (I'm currently using on 4.0.3)
# Load 3rd party service passwords from config/services.rb.
# This is patch code to support config/services.rb till we upgrade to Rails 4.1.
# TODO: Remove this section after upgrading to Rails 4.1.
# Borrowed from rails/railties/lib/rails/application/configuration.rb
config.paths.add "config/secrets", with: "config/secrets.yml"
# Borrowed from rails/railties/lib/rails/application.rb
def secrets #:nodoc:
@secrets ||= begin
secrets = ActiveSupport::OrderedOptions.new
yaml = config.paths["config/secrets"].first
if File.exist?(yaml)
require "erb"
all_secrets = YAML.load(ERB.new(IO.read(yaml)).result) || {}
env_secrets = all_secrets[Rails.env]
secrets.merge!(env_secrets.symbolize_keys) if env_secrets
end
# Fallback to config.secret_key_base if secrets.secret_key_base isn't set
secrets.secret_key_base ||= config.secret_key_base
secrets
end
end
B.I.
Updated on June 07, 2022Comments
-
B.I. almost 2 years
I was reading http://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html and saw there the trick with
config/secrets.ymlI moved my secret_base_keys to that file, and removed
secret_token.rbfile.But server doesn't start.
DEPRECATION WARNING: You didn't set config.secret_key_base. Read the upgrade documentation to learn more about this new config option. (called from service at /home/bismailov/.rvm/rubies/ruby-1.9.3-p429/lib/ruby/1.9.1/webrick/httpserver.rb:138) [2014-01-15 16:15:51] ERROR RuntimeError: You must set config.secret_key_base in your app's config.I believe that is because I don't use Rails 4.1 yet.
Is there any way to implement this new functionality (secrets.yml) in Rails version 4.0? Maybe some kind of gem...
Thank you very much!