Skip to Content Skip to Search

Encrypted Configuration

Provides convenience methods on top of EncryptedFile to access values stored as encrypted YAML.

Values can be accessed via Hash methods, such as fetch and dig, or via dynamic accessor methods, similar to OrderedOptions.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config[:some_secret]
# => 123
my_config.some_secret
# => 123
my_config.dig(:some_namespace, :another_secret)
# => 456
my_config.some_namespace.another_secret
# => 456
my_config.fetch(:foo)
# => KeyError
my_config.foo!
# => KeyError
Namespace
Methods
C
K
N
O
R

Class Public methods

new(config_path:, key_path:, env_key:, raise_if_missing_key:)

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 54
def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
  super content_path: config_path, key_path: key_path,
    env_key: env_key, raise_if_missing_key: raise_if_missing_key
  @config = nil
  @options = nil
end

Instance Public methods

config()

Returns the decrypted content as a Hash with symbolized keys.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.config
# => { some_secret: 123, some_namespace: { another_secret: 789 } }

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 129
def config
  @config ||= deep_symbolize_keys(deserialize(read))
end

keys()

Returns an array of symbolized keys from the decrypted configuration.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.keys
# => [:some_secret, :some_namespace]

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 141
def keys
  config.keys
end

option(*key, default: nil)

Find a upcased and double-underscored-joined string-version of the key in ENV. Returns nil if the key isn’t found or the value of default when passed If default is a block, it’s called first.

Examples:

config.option(:db_host)                                    # => ENV["DB_HOST"]
config.option(:database, :host)                            # => ENV["DATABASE__HOST"]
config.option(:database, :host, default: "missing")        # => ENV.fetch("DATABASE__HOST", "missing")
config.option(:database, :host, default: -> { "missing" }) # => ENV.fetch("DATABASE__HOST", default.call)

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 88
def option(*key, default: nil)
  value = dig(*key)

  if !value.nil?
    value
  elsif default.respond_to?(:call)
    default.call
  else
    default
  end
end

read()

Reads the file and returns the decrypted content. See EncryptedFile#read.

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 106
def read
  super
rescue ActiveSupport::EncryptedFile::MissingContentError
  # Allow a config to be started without a file present
  ""
end

reload()

Reload the cached values in case any of them changed or new ones were added during runtime.

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 101
def reload
  @config = @options = nil
end

require(*key)

Find the referenced key Raises KeyError if not found.

Examples:

require(:db_host)         # => ENV.fetch("DB_HOST")
require(:database, :host) # => ENV.fetch("DATABASE__HOST")

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 68
def require(*key)
  value = dig(*key)

  if !value.nil?
    value
  else
    raise KeyError, "Missing key: #{key.inspect}"
  end
end