I have install figaro gem.
My application.yml file:
user: 'm#am.com'
pwd: = 'password123'
Also I have in secrets.yml this:
development:
secret_key_base: d2c6dc60d0c86d32c71aa2ec2ae1fff32f338187ceaa12f0d6a294f368760ead01bc1c57115d48b80ab4042b45ca5aceadea1e888f34b5a14ab548eb07e1ad9c
test:
secret_key_base: f4c0aad565527a57110ccba77def71e2dd1b65799b94d4d24f9b34a8bc42fd01dbc64349c5555dca46b4d5d2ba85f890c718c1de0d20237704c788e4db928c66
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_token: ENV["secret_token"]
secret_key_base: ENV["secret_key_base"]
user: ENV["user"]
pwd: ENV["pwd"]
key: ENV["key"]
And I get user login like this:
Rails.application.secrets[:user]
Which gives me exactly this value:
"ENV[\"user\"]"
So what do I do?
seems like I should use
ENV["key"]
instead of Rails.application.secrets[:user]
Related
How to configure the “dotenv gem” in the rails 7 application for the set environment variable.
Add the below line in the Gemfile
gem 'dotenv-rails', require: 'dotenv/rails-now', groups: [:development]
Run bundle install
Add the below code just below this line Bundler.require(*Rails.groups) in the application.rb
# Load dotenv only in development or test environment
if ['development', 'test'].include? ENV['RAILS_ENV']
Dotenv::Railtie.load
end
Create one file in the app folder with .env name
Add your credentials in this .env file like below
DB_USERNAME: username
DB_PASSWORD: password
Use this env variable in the appropriate place like below.
in the database.yml
default: &default
adapter: postgresql
encoding: unicode
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
host: localhost
username: <%= ENV['DB_USERNAME'] %>
password: <%= ENV['DB_PASSWORD'] %>
Now your ENV variable setup is done. you can check it from the rails console like below.
rails c
> ENV["DB_USERNAME"]
> username
>ENV["DB_PASSWORD"]
> password
I am using themoviedb-api ruby gem in rails 4 and I would like to keep my API key out of git so I though of passing it in as an environment variable. What is the correct syntax?
In my .env I have
TMDB_API_KEY=ee27f0e6fxxxxxxxxxxxxxxxx
In my initializers/tmdb.rb I have
Tmdb::Api.key("KEY_HERE")
I have tried a few different ideas but nothing has worked. Like ENV['TMDB_API_KEY'] for example.
Thanks in advance.
By default, you can't just stick things in .env and have them work. You'll need to use a gem like dotenv. https://github.com/bkeepers/dotenv
You can then access it using ENV['VAR_NAME']
in application.rb:
config.before_configuration do
env_file = Rails.root.join("config", "environment_variables.yml").to_s
if File.exists?(env_file)
YAML.load_file(env_file)[Rails.env].each do |key, value|
ENV[key.to_s] = value
end
end
end
in /config/environment_variables.yml:
default: &default
key: "development_key"
development:
<<: *default
test:
<<: *default
production:
<<: *default
key: "production_key"
anywhere in your code:
ENV["key"] should point to the right value for the current environment.
In short:
seems that rake does not have access to Rails.application.secrets in config/database.yml file
what is the purpose of config/secrets.yml then?
In long:
When I run
RAILS_ENV=production rake db:migrate
I get the error Mysql2::Error: Access denied for user 'root'#'localhost' (using password: NO), though I specified appropriate values in config/database.yml and the user connecting should not be 'root'. This is an excerpt from respective config files:
# config/database.yml
production:
<<: *default
adapter: mysql2
host: localhost
database: <%= Rails.application.secrets[:database][:name] %>
username: <%= Rails.application.secrets[:database][:username] %>
password: <%= Rails.application.secrets[:database][:password] %>
# config/secrets.yml
production:
secret_key_base: very-long-blah-blah-blah
database:
name: app_db_name
username: app_db_user
password: app_db_password
Seems that rake has no access to Rails.application.secrets. Running migration succeeds when I explicitly put necessary values in database.yml, for example, as follows:
production:
<<: *default
adapter: mysql2
host: localhost
database: <%= Rails.application.secrets[:database][:name] || 'app_db_name' %>
username: <%= Rails.application.secrets[:database][:username] || 'app_db_user' %>
password: <%= Rails.application.secrets[:database][:password] || 'app_db_password' %>
The above proves that Rails.application.secrets[:database][:name] resolves to nothing.
How to have access to Rails.application.secrets in rake? Would this be the correct solution?
I know that I can use ENV[VARNAME] to fill in secret sections of config/database.yml. But what the the purpose of config/secrets.yml file then?
Moreover, I am using Passenger, which means that variables in .bashrc will probably not be accessible to the web server (I had this issue with secret_key_base). Therefore I try to avoid using environment variable. Just do not want to have all my secrets spilled all over the server.
rails-4.2.2, Ubuntu LTS 14.04
I haven't seen such nested content for the secrets.yml like you have, also the release notes doesn't have such kind. You should be just fine with the below code
# config/secrets.yml
production:
secret_key_base: very-long-blah-blah-blah
name: app_db_name
username: app_db_user
password: app_db_password
And in the database.yml
# config/database.yml
production:
<<: *default
adapter: mysql2
host: localhost
database: <%= Rails.application.secrets.name %>
username: <%= Rails.application.secrets.username %>
password: <%= Rails.application.secrets.password %>
I am using rails with figaro for configuration, database user with the name test.
I have a DATABASE_URL in application.yml
DATABASE_URL: "postgresql://localhost/database_name?user=test"
When I run a
rake db:migrate
I get the following error
PG::ConnectionBad: fe_sendauth: no password supplied
Check config/database.yml to ensure your password is wired up for postgresql adapter.
it should look something like this:
default:
adapter: postgresql
database: foo
user: bar
password: <%= ENV['pg_password'] %>
pg_password should be defined in your figaro config, where it becomes accessible as an environment variable.
I just want to emphasize you call the Figaro ENV variables in your .yml using the ERB Syntax :
username: <%= ENV["PG_USERNAME"] %>
password: <%= ENV["PG_PASSWORD"] %>
Hope this helps...!
Like the question states, is there a way to make a secret known to all 3 environments without copy and pasting like this?
secrets.yml
development:
secret_key_base: ...
my_global_secret: foo
test:
secret_key_base: ...
my_global_secret: foo
production:
secret_key_base: ...
my_global_secret: foo
You can define and share a common key using &label and <<: *label
common: &common
secret_key_base: ...
my_global_secret: foo
development:
<<: *common
something_specific_to_development: ...
test:
<<: *common
something_specific_to_test: ...
production:
<<: *common
something_specific_to_production: ...
Update: For Rails 5.1+
Rails 5.1 adds the shared key which is automatically applied to all environments:
shared: # Everything nested under this key is automatically shared
secret_key_base: ...
my_global_secret: "foo"
development:
my_global_secret: "override value for dev"
test:
...
Using common: &common didn't work for me with Rails 5.1 - shared: did though.