Merge pull request rails#48471 from mdh/improve-naming-of-local-secret-generation

guilleiguaran · web-flow · commit c20f8eb6b6d6 · 2023-06-21T00:04:32.000-07:00
Improve naming of local secret generation
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
@@ -27,7 +27,7 @@ module Session
     #   Rails.application.config.session_store :cookie_store, key: '_your_app_session'
     #
     # In the development and test environments your application's +secret_key_base+ is
-    # generated by Rails and stored in a temporary file in <tt>tmp/development_secret.txt</tt>.
+    # generated by Rails and stored in a temporary file in <tt>tmp/local_secret.txt</tt>.
     # In all other environments, it is stored encrypted in the
     # <tt>config/credentials.yml.enc</tt> file.
     #
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
@@ -458,7 +458,7 @@ def secrets
     # including the ones that sign and encrypt cookies.
     #
     # In development and test, this is randomly generated and stored in a
-    # temporary file in <tt>tmp/development_secret.txt</tt>.
+    # temporary file in <tt>tmp/local_secret.txt</tt>.
     #
     # You can also set <tt>ENV["SECRET_KEY_BASE_DUMMY"]</tt> to trigger the use of a randomly generated
     # secret_key_base that's stored in a temporary file. This is useful when precompiling assets for
@@ -471,7 +471,7 @@ def secrets
     # the correct place to store it is in the encrypted credentials file.
     def secret_key_base
       if Rails.env.local? || ENV["SECRET_KEY_BASE_DUMMY"]
-        config.secret_key_base ||= generate_development_secret
+        config.secret_key_base ||= generate_local_secret
       else
         validate_secret_key_base(
           ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
@@ -645,9 +645,9 @@ def ensure_generator_templates_added
     end
 
     private
-      def generate_development_secret
+      def generate_local_secret
         if config.secret_key_base.nil?
-          key_file = Rails.root.join("tmp/development_secret.txt")
+          key_file = Rails.root.join("tmp/local_secret.txt")
 
           if File.exist?(key_file)
             config.secret_key_base = File.binread(key_file)
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
@@ -733,7 +733,21 @@ def index
       app "development"
 
       assert_not_nil app.secret_key_base
-      assert File.exist?(app_path("tmp/development_secret.txt"))
+      assert File.exist?(app_path("tmp/local_secret.txt"))
+    end
+
+    test "application will generate secret_key_base in tmp file if blank in test" do
+      app_file "config/initializers/secret_token.rb", <<-RUBY
+        Rails.application.credentials.secret_key_base = nil
+      RUBY
+
+      # For test that works even if tmp dir does not exist.
+      Dir.chdir(app_path) { FileUtils.remove_dir("tmp") }
+
+      app "test"
+
+      assert_not_nil app.secret_key_base
+      assert File.exist?(app_path("tmp/local_secret.txt"))
     end
 
     test "application will not generate secret_key_base in tmp file if blank in production" do

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ module Session`
`27`	`27`	`# Rails.application.config.session_store :cookie_store, key: '_your_app_session'`
`28`	`28`	`#`
`29`	`29`	`# In the development and test environments your application's +secret_key_base+ is`
`30`		`- # generated by Rails and stored in a temporary file in <tt>tmp/development_secret.txt</tt>.`
	`30`	`+ # generated by Rails and stored in a temporary file in <tt>tmp/local_secret.txt</tt>.`
`31`	`31`	`# In all other environments, it is stored encrypted in the`
`32`	`32`	`# <tt>config/credentials.yml.enc</tt> file.`
`33`	`33`	`#`