Revise flow to what was described in 03e44f9
This commit is contained in:
parent
03e44f9300
commit
f1f5024b91
@ -35,14 +35,15 @@ You could prepend that to your server's start command like this:
|
|||||||
Rails provides `rails credentials:diff --enable` to instruct Git to call `rails credentials:diff`
|
Rails provides `rails credentials:diff --enable` to instruct Git to call `rails credentials:diff`
|
||||||
when `git diff` is run on a credentials file.
|
when `git diff` is run on a credentials file.
|
||||||
|
|
||||||
Any credentials files are set to use the "rails_credentials" diff driver in .gitattributes.
|
Running the command enrolls the project such that all credentials files use the
|
||||||
Since Git requires the diff driver to be set up in a config file, the command uses
|
"rails_credentials" diff driver in .gitattributes.
|
||||||
the project local .git/config. Since that config isn't stored in Git each team member
|
|
||||||
must enable separately.
|
|
||||||
|
|
||||||
Or set up the "rails_credentials" diff driver globally with:
|
Additionally since Git requires the driver itself to be set up in a config file
|
||||||
|
that isn't tracked Rails automatically ensures it's configured when running
|
||||||
|
`credentials:edit`.
|
||||||
|
|
||||||
git config --global diff.rails_credentials.textconv "bin/rails credentials:diff"
|
Otherwise each co-worker would have to run enable manually, including on each new
|
||||||
|
repo clone.
|
||||||
|
|
||||||
=== Editing Credentials
|
=== Editing Credentials
|
||||||
|
|
||||||
|
@ -32,6 +32,7 @@ def edit
|
|||||||
|
|
||||||
ensure_encryption_key_has_been_added if credentials.key.nil?
|
ensure_encryption_key_has_been_added if credentials.key.nil?
|
||||||
ensure_credentials_have_been_added
|
ensure_credentials_have_been_added
|
||||||
|
ensure_rails_credentials_driver_is_set
|
||||||
|
|
||||||
catch_editing_exceptions do
|
catch_editing_exceptions do
|
||||||
change_credentials_in_system_editor
|
change_credentials_in_system_editor
|
||||||
@ -49,8 +50,8 @@ def show
|
|||||||
say credentials.read.presence || missing_credentials_message
|
say credentials.read.presence || missing_credentials_message
|
||||||
end
|
end
|
||||||
|
|
||||||
option :enable, type: :boolean, default: false,
|
option :enroll, type: :boolean, default: false,
|
||||||
desc: "Pass `--enable` to make credential files diffable with `git diff`"
|
desc: "Enrolls project in credential file diffing with `git diff`"
|
||||||
|
|
||||||
def diff(content_path = nil)
|
def diff(content_path = nil)
|
||||||
if @content_path = content_path
|
if @content_path = content_path
|
||||||
@ -60,7 +61,7 @@ def diff(content_path = nil)
|
|||||||
say credentials.read.presence || credentials.content_path.read
|
say credentials.read.presence || credentials.content_path.read
|
||||||
else
|
else
|
||||||
require_application!
|
require_application!
|
||||||
enable_diffing if options[:enable]
|
enroll_project_in_credentials_diffing if options[:enroll]
|
||||||
end
|
end
|
||||||
rescue ActiveSupport::MessageEncryptor::InvalidMessage
|
rescue ActiveSupport::MessageEncryptor::InvalidMessage
|
||||||
say credentials.content_path.read
|
say credentials.content_path.read
|
||||||
|
@ -1,30 +1,41 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
module Rails::Command::CredentialsCommand::Diffing # :nodoc:
|
module Rails::Command::CredentialsCommand::Diffing # :nodoc:
|
||||||
class Error < StandardError; end
|
def enroll_project_in_credentials_diffing
|
||||||
|
if enrolled?
|
||||||
def enable_diffing
|
true
|
||||||
if enabled?
|
|
||||||
say "Already enabled!"
|
|
||||||
else
|
else
|
||||||
enable
|
gitattributes.write(<<~end_of_template, mode: "a")
|
||||||
say "Diffing enabled! Editing a credentials file will display a diff of what actually changed."
|
|
||||||
end
|
|
||||||
rescue Error
|
|
||||||
say "Couldn't setup Git to enable credentials diffing."
|
|
||||||
end
|
|
||||||
|
|
||||||
private
|
|
||||||
def enabled?
|
|
||||||
system "git config --get diff.rails_credentials.textconv", out: File::NULL
|
|
||||||
end
|
|
||||||
|
|
||||||
def enable
|
|
||||||
raise Error unless system("git config diff.rails_credentials.textconv 'bin/rails credentials:diff'")
|
|
||||||
|
|
||||||
Rails.root.join(".gitattributes").write(<<~end_of_template, mode: "a")
|
|
||||||
config/credentials/*.yml.enc diff=rails_credentials
|
config/credentials/*.yml.enc diff=rails_credentials
|
||||||
config/credentials.yml.enc diff=rails_credentials
|
config/credentials.yml.enc diff=rails_credentials
|
||||||
end_of_template
|
end_of_template
|
||||||
|
|
||||||
|
say "Project successfully enrolled!"
|
||||||
|
say "Rails ensures the rails_credentials diff driver is set when running `credentials:edit`. See `credentials:help` for more."
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def ensure_rails_credentials_driver_is_set
|
||||||
|
set_driver if enrolled? && !driver_configured?
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
def enrolled?
|
||||||
|
gitattributes.read.match?(/config\/credentials(\/\*)?\.yml\.enc diff=rails_credentials/)
|
||||||
|
rescue Errno::ENOENT
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def driver_configured?
|
||||||
|
system "git config --get diff.rails_credentials.textconv", out: File::NULL
|
||||||
|
end
|
||||||
|
|
||||||
|
def set_driver
|
||||||
|
puts "running"
|
||||||
|
system "git config diff.rails_credentials.textconv 'bin/rails credentials:diff'"
|
||||||
|
end
|
||||||
|
|
||||||
|
def gitattributes
|
||||||
|
Rails.root.join(".gitattributes")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -123,28 +123,24 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
|
|||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
test "diff enable diffing" do
|
test "diff enroll diffing" do
|
||||||
run_diff_command(enable: true)
|
assert_match("successfully enrolled", run_diff_command(enroll: true))
|
||||||
|
|
||||||
assert_equal <<~EOM, File.read(app_path(".gitattributes"))
|
assert_equal <<~EOM, File.read(app_path(".gitattributes"))
|
||||||
config/credentials/*.yml.enc diff=rails_credentials
|
config/credentials/*.yml.enc diff=rails_credentials
|
||||||
config/credentials.yml.enc diff=rails_credentials
|
config/credentials.yml.enc diff=rails_credentials
|
||||||
EOM
|
EOM
|
||||||
|
end
|
||||||
|
|
||||||
|
test "running edit after enrolling in diffing sets diff driver" do
|
||||||
|
run_diff_command(enroll: true)
|
||||||
|
run_edit_command
|
||||||
|
|
||||||
Dir.chdir(app_path) do
|
Dir.chdir(app_path) do
|
||||||
assert_equal "bin/rails credentials:diff", `git config --get 'diff.rails_credentials.textconv'`.strip
|
assert_equal "bin/rails credentials:diff", `git config --get 'diff.rails_credentials.textconv'`.strip
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
test "diff won't enable again if already enabled" do
|
|
||||||
app_file(".git/config", <<~EOM)
|
|
||||||
[diff "rails_credentials"]
|
|
||||||
textconv = bin/rails credentials:diff
|
|
||||||
EOM
|
|
||||||
|
|
||||||
assert_no_match(/Diffing enabled/, run_diff_command(enable: true))
|
|
||||||
end
|
|
||||||
|
|
||||||
test "diff from git diff left file" do
|
test "diff from git diff left file" do
|
||||||
run_edit_command(environment: "development")
|
run_edit_command(environment: "development")
|
||||||
|
|
||||||
@ -196,8 +192,8 @@ def run_show_command(environment: nil, **options)
|
|||||||
rails "credentials:show", args, **options
|
rails "credentials:show", args, **options
|
||||||
end
|
end
|
||||||
|
|
||||||
def run_diff_command(path = nil, enable: nil, **options)
|
def run_diff_command(path = nil, enroll: nil, **options)
|
||||||
args = enable ? ["--enable"] : [path]
|
args = enroll ? ["--enroll"] : [path]
|
||||||
rails "credentials:diff", args, **options
|
rails "credentials:diff", args, **options
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user