Ruby on Rails: storing secrets in the application credentials
Ruby on Rails: storing secrets in the application credentials
- Rails docs, explaining credentials
How to edit credentials:
1
EDITOR="code --wait" rails credentials:edit -e development
How to access them in the app:
The right way:
1
secret_key = Rails.application.credentials.dig(:recaptcha, :secret_key_v3))
We use .dig, because if the credentials are missing/empty it will return nil, instead of crashing:
1
secret_key = Rails.application.credentials.dig[:recaptcha][:secret_key_v3]
If recaptcha is missing from credentials.yml, then this will return an undefined method '[]' for nil:NilClass (NoMethodError)
This post is licensed under CC BY-NC 4.0 by the author.