Last active
December 6, 2022 12:23
-
-
Save kaspth/bc37989c2f39a5642112f28b1d93f343 to your computer and use it in GitHub Desktop.
A script to update encrypted secrets to use improved encryption.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Download this to your Rails app directory and run with: | |
# bin/rails runner upgrade_encrypted_secrets.rb | |
# Everything below here is private API and not something your app should use. | |
Rails::Secrets.singleton_class.prepend Module.new { | |
def decrypt(data) | |
cipher = OpenSSL::Cipher.new("aes-256-cbc").decrypt | |
cipher.key = key | |
cipher.update(data) << cipher.final | |
end | |
} | |
puts "Generating a new higher entropy encryption key in config/secrets.yml.key." | |
puts "Rotate the encryption key now." | |
decrypted_secrets = Rails::Secrets.read | |
File.binwrite("config/secrets.yml.key", Rails::Secrets.generate_key) | |
Rails::Secrets.write(decrypted_secrets) |
Hi, I am getting this error regarding RAILS_MASTER_KEY. This is the same issue that I am having when I deploy on heroku.
Generating a new higher entropy encryption key in config/secrets.yml.key.
Rotate the encryption key now.
C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:77:in `handle_missing_key': Missing encryption key to decrypt secrets with. Ask your team for your master key and put it in ENV["RAILS_MASTER_KEY"]
(Rails::Secrets::MissingKeyError)
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:38:in `key'
from upgrade_encrypted_secrets.rb:8:in `decrypt'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/secrets.rb:59:in `read'
from upgrade_encrypted_secrets.rb:16:in `<top (required)>'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands/runner/runner_command.rb:34:in `load'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands/runner/runner_command.rb:34:in `perform'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/command.rb:27:in `run'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/invocation.rb:126:in `invoke_command'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor.rb:387:in `dispatch'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/command/base.rb:63:in `perform'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/command.rb:44:in `invoke'
from C:/Ruby24-x64/lib/ruby/gems/2.4.0/gems/railties-5.1.6/lib/rails/commands.rb:16:in `<top (required)>'
from bin/rails:9:in `require'
from bin/rails:9:in `<main>'
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, I got this: