Last active
December 6, 2022 12:23
-
-
Save kaspth/bc37989c2f39a5642112f28b1d93f343 to your computer and use it in GitHub Desktop.
A script to update encrypted secrets to use improved encryption.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Download this to your Rails app directory and run with: | |
# bin/rails runner upgrade_encrypted_secrets.rb | |
# Everything below here is private API and not something your app should use. | |
Rails::Secrets.singleton_class.prepend Module.new { | |
def decrypt(data) | |
cipher = OpenSSL::Cipher.new("aes-256-cbc").decrypt | |
cipher.key = key | |
cipher.update(data) << cipher.final | |
end | |
} | |
puts "Generating a new higher entropy encryption key in config/secrets.yml.key." | |
puts "Rotate the encryption key now." | |
decrypted_secrets = Rails::Secrets.read | |
File.binwrite("config/secrets.yml.key", Rails::Secrets.generate_key) | |
Rails::Secrets.write(decrypted_secrets) |
Hi All,
Very good morning,
I am Karan Roy, I am very much new to this filed but i have more curiosity to learn to ruby and rails please help me, How to get into at beginning. I want to make my career into this field.
Thank you,
Regards
Karan Roy
@freshcandidate Hi there!
This file is aimed for advanced users for Rails. If you want to have a shot at Ruby with Rails. I suggest you take this following courses here and here. Good luck!
@mdesantis the script assumes that you've setup encrypted secrets, otherwise there's nothing to upgrade and you don't need to run the script :)
Hi, I got this:
root@2ce6de1399c1:/app# rails runner upgrade_encrypted_secrets.rb
Running via Spring preloader in process 326
Generating a new higher entropy encryption key in config/secrets.yml.key.
Rotate the encryption key now.
upgrade_encrypted_secrets.rb:9:in `final': wrong final block length (OpenSSL::Cipher::CipherError)
from upgrade_encrypted_secrets.rb:9:in `decrypt'
from /bundle/gems/railties-5.1.4/lib/rails/secrets.rb:59:in `read'
from upgrade_encrypted_secrets.rb:16:in `<top (required)>'
from /bundle/gems/railties-5.1.4/lib/rails/commands/runner/runner_command.rb:34:in `load'
from /bundle/gems/railties-5.1.4/lib/rails/commands/runner/runner_command.rb:34:in `perform'
from /bundle/gems/thor-0.20.0/lib/thor/command.rb:27:in `run'
from /bundle/gems/thor-0.20.0/lib/thor/invocation.rb:126:in `invoke_command'
from /bundle/gems/thor-0.20.0/lib/thor.rb:387:in `dispatch'
from /bundle/gems/railties-5.1.4/lib/rails/command/base.rb:63:in `perform'
from /bundle/gems/railties-5.1.4/lib/rails/command.rb:44:in `invoke'
from /bundle/gems/railties-5.1.4/lib/rails/commands.rb:16:in `<top (required)>'
from /bundle/gems/activesupport-5.1.4/lib/active_support/dependencies.rb:292:in `require'
from /bundle/gems/activesupport-5.1.4/lib/active_support/dependencies.rb:292:in `block in require'
from /bundle/gems/activesupport-5.1.4/lib/active_support/dependencies.rb:258:in `load_dependency'
from /bundle/gems/activesupport-5.1.4/lib/active_support/dependencies.rb:292:in `require'
from /app/bin
Hi, I am getting this error regarding RAILS_MASTER_KEY. This is the same issue that I am having when I deploy on heroku.
Generating a new higher entropy encryption key in config/secrets.yml.key.
Rotate the encryption key now.
C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:77:in `handle_missing_key': Missing encryption key to decrypt secrets with. Ask your team for your master key and put it in ENV["RAILS_MASTER_KEY"]
(Rails::Secrets::MissingKeyError)
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:38:in `key'
from upgrade_encrypted_secrets.rb:8:in `decrypt'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:59:in `read'
from upgrade_encrypted_secrets.rb:16:in `<top (required)>'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands/runner/runner_command.rb:34:in `load'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands/runner/runner_command.rb:34:in `perform'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/command.rb:27:in `run'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/invocation.rb:126:in `invoke_command'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor.rb:387:in `dispatch'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/command/base.rb:63:in `perform'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/command.rb:44:in `invoke'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands.rb:16:in `<top (required)>'
from bin/rails:9:in `require'
from bin/rails:9:in `<main>'
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I get this error: