I will summarize the credentials that appeared from Rails 5 series as a memorandum.
It is a file to store the private key etc.
The contents of this file are encrypted by master.key, so anyone who does not know the correct master.key cannot see the contents.
The contents of credentials can be called as variables in other files if there is information on master.key, so it may be convenient to put the API key etc. in this file.
The master.key and credentials files are created automatically when you do
rails new, and master.key is in
.gitignore by default, so you don't have to worry about leaking it from github.
This time it is assumed that VScode will be used.
First, open the palette with
command + shift + P in VScode.
shell in the search box to install the shell.
You can now edit your credentials file in VScode from your terminal.
Open the credentials file in VScode with the following command.
$ EDITOR='code --wait' rails credentials:edit
By default, the example is commented out on the first three lines, so you can copy it.
aws: access_key_id: 123 secret_access_key: 345q
The first line describes what kind of group it is, and the second and third lines describe the id and access key. The contents of the group need to be indented.
You can set multiple settings instead of just one, so try setting them.
aws: access_key_id: 123 secret_access_key: 345q gmail: email: '[email protected]' password: 'sample1234'
You need to close the VScode tab to save the credentials file.
If it is closed and saved correctly, the following message will be displayed in the terminal.
New credentials encrypted and saved.
To call the contents, you can write the following in the ruby file.
In this example, it can be used as follows.
You can check it from the terminal on the console, so it's a good idea to check it when you edit the credentials file. Open the console with
rails c and check it.
You can call it properly.
By sharing master.key, such as when developing a team, other people can see and edit the contents of credentials. I think it's a good idea to share master.key with a messaging app.
However, even if you are a trusted companion, you should not share your personal aws id and access key with credentials. (Think of it as sharing your credit card number and verification code.)
Carefully decide what information you should share and what you shouldn't. Don't regret being betrayed and developing like Kaiji! Lol