onunu / leml Goto Github PK
View Code? Open in Web Editor NEWEncrypt secrets, only leaf
License: MIT License
Encrypt secrets, only leaf
License: MIT License
hi, onunu.
I tried it and get an error like this.
$ bundle exec rake leml:init
rake aborted!
Leml::NoLemlKeyError: Leml key is not found. config. Please create `config/leml.key` and set the secret.
It seems like I need to create leml.key.
any workaround?
steps to reproduce
thanks.
Currently secret key can be specified only by config/leml.key
but I believe it will be more useful if leml also can read the key from env var, won't it?
Merging secrets defined by leml, is late initializing configuration.
It occurs to missing secrets if redefine in configurations.
example,
development:
api_key: sample_api_key
module Sample
class Application < Rails::Application
config.api_key = Rails.application.secrets.api_key
end
end
$ bundle exec rails c
[1] [1] pry(main)> Rails.configuration.api_key
=> nil
私たちの環境で以下のような事象が発生しました。
01 RBENV_ROOT=/usr/local/rbenv RBENV_VERSION=2.4.1 /usr/local/rbenv/bin/rbenv exec bundle exec rake assets:precompile
01 rake aborted!
01
01 NoMethodError: Cannot load `Rails.application.database_configuration`:
01
01 undefined method `[]' for nil:NilClass
01
01 (erb):5:in `<main>'
01
01 /opt/jupiter/shared/bundle/ruby/2.4.0/gems/railties-5.1.1/lib/rails/application/configuration.rb:133:in `database_configuration'
01
01 /opt/jupiter/shared/bundle/ruby/2.4.0/gems/activerecord-5.1.1/lib/active_record/railtie.rb:121:in `block (2 levels) in <class:Railtie>'
該当箇所は以下。application/configuration.rb
124 # Loads and returns the entire raw configuration of database from
125 # values stored in `config/database.yml`.
126 def database_configuration
127 path = paths["config/database"].existent.first
128 yaml = Pathname.new(path) if path
129
130 config = if yaml && yaml.exist?
131 require "yaml"
132 require "erb"
133 YAML.load(ERB.new(yaml.read).result) || {}
134 elsif ENV["DATABASE_URL"]
135 # Value from ENV['DATABASE_URL'] is set to default database connection
136 # by Active Record.
137 {}
138 else
139 raise "Could not load database configuration. No such file - #{paths["config/database"].instance_variable_get(:@paths)}"
140 end
141
142 config
143 rescue Psych::SyntaxError => e
144 raise "YAML syntax error occurred while parsing #{paths["config/database"].first}. " \
145 "Please note that YAML must be consistently indented using spaces. Tabs are not allowed. " \
146 "Error: #{e.message}"
147 rescue => e
148 raise e, "Cannot load `Rails.application.database_configuration`:\n#{e.message}", e.backtrace
149 end
133行目で database.yml を ERB で parse しているが、5行目で参照する Rails.application.secrets がnil であり、nill 参照で落ちていた。database.yml
1 default: &default
2 adapter: mysql2
3 encoding: utf8mb4
4 pool: 5
5 username: <%= ENV['DB_USERNAME'] || Rails.application.secrets.database[:username] %>
Railtie#initializer において、active_record.initialize_database
が実行される際、leml による secrets の初期化が完了していないことが直接の原因の模様。
initializer は、active_record.initialize_database 実行した後、leml.merge_secrets を実行している。
active_record.initialize_database を実行した際、database.yml を pase を試みて、secrets が存在しないため、nil 参照が発生。
leml導入当初、このような事象は発生していませんでした。
その後、gem: delayed_job を導入した際、上述の事象が発生するようになりました。
leml が secrets を初期化するタイミングについて、他の secrets を参照する initializer が動作するより、先に実行することは可能でしょうか。
When there is no config/leml.key
, we see an error message like this:
Puma caught this error: Missing `secret_key_base` for 'development' environment, set this value in `config/secrets.yml` (RuntimeError)
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/railties-5.1.2/lib/rails/application.rb:510:in `validate_secret_key_config!'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/railties-5.1.2/lib/rails/application.rb:247:in `env_config'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/railties-5.1.2/lib/rails/engine.rb:692:in `build_request'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/railties-5.1.2/lib/rails/application.rb:518:in `build_request'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/railties-5.1.2/lib/rails/engine.rb:521:in `call'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/puma-3.8.2/lib/puma/configuration.rb:224:in `call'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/puma-3.8.2/lib/puma/server.rb:600:in `handle_request'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/puma-3.8.2/lib/puma/server.rb:435:in `process_client'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/puma-3.8.2/lib/puma/server.rb:299:in `block in run'
/Users/kenta.shirai/Repositories/dmp-ng/vendor/bundle/ruby/2.4.0/gems/puma-3.8.2/lib/puma/thread_pool.rb:120:in `block in spawn_thread'
It is difficult to find out what leads to the error if he/she does not know leml. I think the error message should be improved like:
config/leml.key is not found. please create `config/leml.key` and set the secret.
For further information, see: https://github.com/onunu/leml
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.