Skip to Content Skip to Search

Encrypted Configuration

Provides convenience methods on top of EncryptedFile to access values stored as encrypted YAML.

Values can be accessed via Hash methods, such as fetch and dig, or via dynamic accessor methods, similar to OrderedOptions.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config[:some_secret]
# => 123
my_config.some_secret
# => 123
my_config.dig(:some_namespace, :another_secret)
# => 456
my_config.some_namespace.another_secret
# => 456
my_config.fetch(:foo)
# => KeyError
my_config.foo!
# => KeyError
Namespace
Methods
C
K
N
O
R

Class Public methods

new(config_path:, key_path:, env_key:, raise_if_missing_key:)

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 54
def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
  super content_path: config_path, key_path: key_path,
    env_key: env_key, raise_if_missing_key: raise_if_missing_key
  @config = nil
  @options = nil
end

Instance Public methods

config()

Returns the decrypted content as a Hash with symbolized keys.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.config
# => { some_secret: 123, some_namespace: { another_secret: 789 } }

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 139
def config
  @config ||= deep_symbolize_keys(deserialize(read))
end

keys()

Returns an array of symbolized keys from the decrypted configuration.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.keys
# => [:some_secret, :some_namespace]

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 151
def keys
  config.keys
end

option(*key, default: nil)

Find singular or nested keys. Returns nil if the key isn’t found. If a default value is defined, it (or its callable value) will be returned on a missing key or nil value.

Given configuration:

db_port: null
database:
  host: "db.example.com"

Examples:

option(:database, :host)               # => "db.example.com"
option(:missing)                       # => nil
option(:missing, default: "localhost")        # => "localhost"
option(:missing, default: -> { "localhost" }) # => "localhost"
option(:db_port, default: 5432)               # => 5432 (nil values use default)

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 98
def option(*key, default: nil)
  value = dig(*key)

  if !value.nil?
    value
  elsif default.respond_to?(:call)
    default.call
  else
    default
  end
end

read()

Reads the file and returns the decrypted content. See EncryptedFile#read.

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 116
def read
  super
rescue ActiveSupport::EncryptedFile::MissingContentError
  # Allow a config to be started without a file present
  ""
end

reload()

Reload the cached values in case any of them changed or new ones were added during runtime.

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 111
def reload
  @config = @options = nil
end

require(*key)

Find singular or nested keys. Raises KeyError if not found or nil.

Given configuration:

db_port: null
database:
  host: "db.example.com"

Examples:

require(:database, :host) # => "db.example.com"
require(:missing)         # => KeyError
require(:db_port)         # => KeyError (nil values are treated as missing)

Source: show | on GitHub 

# File activesupport/lib/active_support/encrypted_configuration.rb, line 73
def require(*key)
  value = dig(*key)

  if !value.nil?
    value
  else
    raise KeyError, "Missing key: #{key.inspect}"
  end
end