I’m in the process of migrating a legacy Rails app from plaintext secrets.yml
-based configuration to using credentials.yml
for static secrets and environment variables for runtime configuration. It seems that the trivial path of basically writing the old secrets.yml
file into the new format using rails credentials:edit
and replacing references to Rails.application.secrets
with Rails.application.credentials
in my application is just a fundamentally unworkable strategy, for the simple reason that the credentials.yml
file does not support ERB and thus has no way to read from environment variables.
I could litter my initializers/ directory with pulls from ENV, but that seems very un-railsy as now I have a big block of static configuration in one location (credentials.yml
) and dynamic configuration defined in a dozen other locations. Is there a trivial way to enable ERB support in credentials.yml
?