Last active
June 28, 2021 19:38
-
-
Save francescob/83a8a0fc537cfea1c89b88031d925938 to your computer and use it in GitHub Desktop.
access rails 5.2 encrypted credentials from a script outside the rails app
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #First of all, require all of rails (maybe it doesn't need to be all, but for now it is) | |
| require 'rails/all' | |
| #then i need to slightly overwrite a rails method: | |
| def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY") | |
| ActiveSupport::EncryptedConfiguration.new( | |
| config_path: path, | |
| key_path: key_path, | |
| env_key: env_key, | |
| raise_if_missing_key: nil | |
| ) | |
| end | |
| # Then, load the credentials into a YAML object: | |
| credentials = YAML.load(encrypted(File.expand_path("config/credentials.yml.enc"), key_path: File.expand_path("config/master.key")).read) | |
| #Finally, read my credentials: | |
| mail.password = credentials['smtp_password'] |
Even better, this doesn't require loading the Rails environment at all:
require 'active_support/encrypted_configuration'
# Needed for some extra hash magic from Rails
require 'active_support/core_ext/hash/keys'
credentials = ActiveSupport::EncryptedConfiguration.new(
config_path: "config/credentials.yml.enc",
key_path: "config/master.key",
env_key: "RAILS_MASTER_KEY",
raise_if_missing_key: true
)This assumes the file you're running is in the root of the Rails project (in my case a Rack application).
You can then access the credentials using object notation: credentials.special_secret_key
very nice, thanks!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I found I was able to access the credentials just by requiring the environment: