Rails 5.2凭据:编辑不像secret_key_base

时间:2018-06-04 15:28:02

标签: ruby-on-rails ruby ruby-on-rails-5

我一直在尝试在我的登台服务器中调试我的凭证文件。每当我尝试编辑登台服务器上的凭据时,都会收到以下错误:

/var/www/bundle/ruby/2.5.0/gems/railties-5.2.0/lib/rails/application.rb:583:in `validate_secret_key_base': `secret_key_base` for staging environment must be a type of String`

我的database.yml文件如下所示:

---
default: &default
  adapter: postgresql
development:
  <<: *default
  database: dev_db
  host: <%= Rails.application.credentials.database.fetch(:development).fetch(:host) %>
  username: <%= Rails.application.credentials.database.fetch(:development).fetch(:username) %>
  password: <%= Rails.application.credentials.database.fetch(:development).fetch(:password) %>
  secret_key_base: <%= Rails.application.credentials.secret_key_base.fetch(:development) %>
test:
  <<: *default
  database: test_db
  host: <%= Rails.application.credentials.database.fetch(:development).fetch(:host) %>
  username: <%= Rails.application.credentials.database.fetch(:development).fetch(:username) %>
  password: <%= Rails.application.credentials.database.fetch(:development).fetch(:password) %>
  secret_key_base: <%= Rails.application.credentials.secret_key_base.fetch(:development) %>
staging:
  <<: *default
  database: <%= Rails.application.credentials.database.fetch(:staging).fetch(:name) %>
  host: <%= Rails.application.credentials.database.fetch(:staging).fetch(:host) %>
  username: <%= Rails.application.credentials.database.fetch(:staging).fetch(:username) %>
  password: <%= Rails.application.credentials.database.fetch(:staging).fetch(:password) %>
  secret_key_base: <%= Rails.application.credentials.secret_key_base.fetch(:staging) %>
production:
  <<: *default
  database: <%= Rails.application.credentials.database.fetch(:production).fetch(:name) %>
  host: <%= Rails.application.credentials.database.fetch(:production).fetch(:host) %>
  username: <%= Rails.application.credentials.database.fetch(:production).fetch(:username) %>
  password: <%= Rails.application.credentials.database.fetch(:production).fetch(:password) %>
  secret_key_base: <%= Rails.application.credentials.secret_key_base.fetch(:production) %>

我认为我的暂存secret_key_base属于String类型。我使用secret_key_base生成了rails secret。在本地,当我打开rails控制台时,我可以查看我的暂存环境的secret_key_base

[1] pry(main)> Rails.application.credentials.secret_key_base.fetch(:staging)
\=> "generated_using_rails_secret"

它返回一个字符串,但每当我尝试在登台环境中访问凭据时,我仍会收到上面的错误消息。

2 个答案:

答案 0 :(得分:1)

如果从命令行运行rails credentials:edit,它将解密config/credentials.yml.enc文件。

然后,您可以编辑此文件以添加基于环境的密钥,就像您之前添加到config/secrets.yml一样。

保存此文件时,将再次加密,并包含新信息。

没有理由拥有&#34; secret_key_base&#34;在您的database.yml文件中,因为这不会产生任何影响。

Nice Article on the new Rails credentials

此外,因为rails现在更长时间为您生成config/secrets.yml文件,从rails 5.2开始,添加一个文件仍然可以像以前的版本一样正常工作。

答案 1 :(得分:1)

我最终查看了堆栈跟踪并挖掘了 Exception in thread "main" org.apache.poi.EmptyFileException: The supplied file was empty (zero bytes long) at org.apache.poi.util.IOUtils.peekFirstNBytes(IOUtils.java:74) at org.apache.poi.util.IOUtils.peekFirst8Bytes(IOUtils.java:57) at org.apache.poi.poifs.filesystem.FileMagic.valueOf(FileMagic.java:135) at org.apache.poi.ss.usermodel.WorkbookFactory.create(WorkbookFactory.java:177) at org.apache.poi.ss.usermodel.WorkbookFactory.create(WorkbookFactory.java:149) at package1.ClassA1.main(ClassA1.java:25) gem。

缩写堆栈跟踪:

railties-5.2.0

我最后查看了ArgumentError: `secret_key_base` for staging environment must be a type of String` /var/www/bundle/ruby/2.5.0/gems/railties-5.2.0/lib/rails/application.rb:583:in `validate_secret_key_base' /var/www/bundle/ruby/2.5.0/gems/railties-5.2.0/lib/rails/application.rb:432:in `secret_key_base' /var/www/bundle/ruby/2.5.0/gems/railties-5.2.0/lib/rails/application.rb:176:in `key_generator' /var/www/bundle/ruby/2.5.0/gems/railties-5.2.0/lib/rails/application.rb:205:in `message_verifier' 并看到了以下代码:

railties-5.2.0/lib/rails/application.rb:432:

我错误地认为我可以为个别环境指定# The secret_key_base is used as the input secret to the application's key generator, which in turn # is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies. # # In test and development, this is simply derived as a MD5 hash of the application's name. # # In all other environments, we look for it first in ENV["SECRET_KEY_BASE"], # then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications, # the correct place to store it is in the encrypted credentials file. def secret_key_base if Rails.env.test? || Rails.env.development? Digest::MD5.hexdigest self.class.name else validate_secret_key_base( ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base ) end end 。相反,我只能指定一个密钥库。秘密密钥库显然与SECRET_KEY_BASE无关。我需要阅读它以及它实际上做了什么。

相关问题
最新问题