1
0
Fork 0
forked from OpenNeo/impress
Dress to Impress, a big fancy Neopets customization tool!
Find a file
Emi Matchu 5b016673d7 Migrate secret key to Rails credentials file (and fix deprecation warn)
There's a bit happening behind the scenes of this change. Previously,
we kept a `SECRET_TOKEN` environment variable in `production.env`, and
used a `secret_token.rb` initializer to wire it up as the
`secret_key_base`.

In this change, we move to Rails's new-ish (two years old :p) encrypted
credentials system. Now, we set a `RAILS_MASTER_KEY` environment
variable in the deployed `production.env` instead (and in our local
`.env.production` in the project root for managing it), and we can run
`rails credentials:edit` to open the encrypted file in a text editor.

Inside, the content is just:
```yml
secret_key_base: "<OUR_SECRET_KEY>"
```

This indirection doesn't exactly do much for us functionally; it's just
the more standard way of achieving what our `secret_token.rb` situation
was achieving.

We could also migrate other secrets into there, and I just might! That
would simplify duplication between `/deploy/files/production.env` and
`/.env.production`, at any rate! The main notable one is
`MATCHU_EMAIL_PASSWORD` for sending auth emails from
`matchu@openneo.net` (and there's also a Stripe token that we don't
actually use in the app these days, those codepaths are old bones). Oh
and there's also the `IMPRESS_2020_SUPPORT_SECRET`!

Anyway, the motivation for this was to remove the warning when starting
the app that Devise is trying to use the deprecated
`Rails.application.secrets` method. I was expecting to have to do
[the workaround shared here](https://github.com/heartcombo/devise/issues/5644#issuecomment-1804626431),
but it turns out whatever default behavior Devise does under the hood
is happy enough with our new decision to use the credentials file, and
the deprecation warning is gone! Ok neat!
2024-02-22 12:36:30 -08:00
.devcontainer Save last trade activity time onto User 2024-01-19 00:00:46 -08:00
.husky Set up eslint for wardrobe-2020 2023-11-02 18:11:07 -07:00
app High-level caching for closet lists 2024-02-20 18:43:39 -08:00
bin Upgrade to Rails 7.1.1 2023-10-25 15:05:31 -07:00
config Migrate secret key to Rails credentials file (and fix deprecation warn) 2024-02-22 12:36:30 -08:00
db Drop item_translations table 2024-02-20 17:01:54 -08:00
deploy Use local gems instead of installing from web when deploying, oops! 2024-02-22 12:16:59 -08:00
lib Create swf_assets:remove_duplicates task 2024-02-09 09:53:41 -08:00
public Add custom 502 error page, for when the app goes down but nginx is up 2024-02-19 13:19:31 -08:00
test Save last trade activity time onto User 2024-01-19 00:00:46 -08:00
vendor Run bundle update 2024-02-22 11:48:32 -08:00
.eslintrc.json Set up eslint for wardrobe-2020 2023-11-02 18:11:07 -07:00
.gitignore Add .env.* to gitignore 2023-10-27 17:44:12 -07:00
.ruby-version Finish migrating to Ruby 3.3.0 2024-02-22 12:05:02 -08:00
.yarnrc.yml Upgrade to Yarn 4.0.2 2024-01-14 23:05:53 -08:00
config.ru Upgrade to Rails 6.1.7.4 2023-10-23 19:05:07 -07:00
falcon.rb Remove supervisor from the Falcon process? 2024-01-24 00:20:23 -08:00
Gemfile Finish migrating to Ruby 3.3.0 2024-02-22 12:05:02 -08:00
Gemfile.lock Finish migrating to Ruby 3.3.0 2024-02-22 12:05:02 -08:00
LICENSE.md Update our license 2023-10-23 19:04:56 -07:00
package.json Upgrade to Yarn 4.0.2 2024-01-14 23:05:53 -08:00
Procfile.dev Fix bin/dev to use the right settings in development 2023-11-02 16:54:39 -07:00
Rakefile Uninstall resque 2023-10-23 19:05:04 -07:00
README.md Oops, needs to be a README.md file! 2023-10-25 16:31:41 -07:00
yarn.lock Upgrade to Yarn 4.0.2 2024-01-14 23:05:53 -08:00

Dress to Impress beach logo

Dress to Impress

Oh! We've been revitalizing the Rails app! Fun!

There'll be more to say about it here soon :3