It's not really documented anywhere obvious (to me), but the RAILSMASTERKEY needs to be exactly 32 characters long. Using rails secret generates a 128 character password, which exceeds the allowable length. On a newly-generated rails app, the config/master.key is auto-generated, and rails credentials:edit will work as expected. Active Record Migrations. Rails will generate a name for every foreign key starting with fkrails followed by 10 characters which are deterministically generated from the fromtable and column. Because schema files are commonly used to create new databases, it is strongly recommended that you check your schema file into source control. The master key is the only environment key that is now seeded to Heroku. Though I still need this key locally to access the credentials. Then if my computer is stolen both development and production keys are corrupt and can generate a higher risk for my production app. On a new project create I get the credentials.yml.enc file but no master.key. I have deleted that file and edited again creating a new one and no master.key. I also edited the original one and saved and no master key gets generated. Mar 26, 2018 As announced in Rails 5.2.0 release candidate, Rails 5.2 will go out with a brand new credentials API that will eventually replace the current config/secrets.yml and config/secrets.yml.enc.
Best free random key generator. If your master.key has been compromised, you might want to regenerate it.
No key regeneration feature at the moment.We have to do it manually.
Rails Generate Model Reference
- Copy content of original credentials
rails credentials:show
somewhere temporarily. - Remove
config/master.key
andconfig/credentials.yml.enc
- Run
EDITOR=vim rails credentials:edit
in the terminal: This command will create a newmaster.key
andcredentials.yml.enc
if they do not exist. - Paste the original credentials you copied (step 1) in the new credentials file (and save + quit vim)
- Add and Commit the file
config/credentials.yml.enc
Rails Generate New Master Key
Important
- Make sure
config/master.key
is listed in.gitignore
and NOT tracked by git. - The command
EDITOR=vim rails credentials:edit
might not work if you require credential value in some file (initializers
ordatabase.yml
).I had the problem withdevise.rb
. I just uncommented the linesecret_key = ..
just the time to run the command to regenerate the credentials file, and then commented the line out again. - If you want to use Sublime to edit the credentials, you can replace the command
EDITOR=vim rails credentials:edit
byEDITOR='/Applications/Sublime Text.app/Contents/SharedSupport/bin/subl -w' rails credentials:edit
source: https://blog.eq8.eu/til/rails-52-credentials-tricks.html