diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3e4fd8f0b..18eb442a0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,6 +18,9 @@ jobs: RAILS_ENV: test MYSQL_ROOT_PASSWORD: password MYSQL_SOCKET: /tmp/mysql.sock + SECRET_KEY_BASE: secret_key_base + DEVISE_SECRET_KEY: devise_secret_key + DEVISE_PEPPER: '' steps: - name: Checkout code uses: actions/checkout@v3 diff --git a/.gitignore b/.gitignore index b6a4831c2..29ea7e305 100644 --- a/.gitignore +++ b/.gitignore @@ -33,7 +33,6 @@ mongo.log /public/assets/ -config/database.yml config/environments/development.rb db/schema.rb diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 3a4a6f0f1..bf1e79cef 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -8,7 +8,7 @@ # confirmation, reset password and unlock tokens in the database. # Devise will use the `secret_key_base` as its `secret_key` # by default. You can change it below and use your own secret key. - config.secret_key = 'cba9d1f2e2f6690b06c01a5a325d4508dde18fca6952cf0a401f1ca1309879b755707e70e16b4d51d56a4cc92f7cd504dfc84296986e2a892abd1b9805a1abdf' + config.secret_key = ENV['DEVISE_SECRET_KEY'] # ==> Controller configuration # Configure the parent class to the devise controllers. @@ -111,13 +111,12 @@ # a value less than 10 in other environments. Note that, for bcrypt (the default # algorithm), the cost increases exponentially with the number of stretches (e.g. # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). -# config.stretches = Rails.env.test? ? 1 : 11 + # config.stretches = Rails.env.test? ? 1 : 11 config.stretches = 1 # Set up a pepper to generate the hashed password. # config.pepper = 'b0564e7f7af0f749de25a955f9a8a9361c5da8b74aa0648b849835c87ca7406b96e3376dc049a27eaa5b0c0342b5ad2ff3c221d3918b219c4187dfb8b7a0ccd6' - config.pepper = "" # This needs to be externalized and fixed. - + config.pepper = ENV['DEVISE_PEPPER'] # Send a notification to the original email when the user's email is changed. # config.send_email_changed_notification = false diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index c4cbb7914..14e8ec943 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -9,4 +9,4 @@ # Make sure your secret_key_base is kept private # if you're sharing your code publicly. -Fromthepage::Application.config.secret_key_base = '37836f846a22dd28a11ccacc3e4f3c399d19dec8250db04dbec6aacdd727344fa5f056c18a3c50369fcbea58840e578435f108eb85f5bf264f88e503026993fa' +Fromthepage::Application.config.secret_key_base = ENV['SECRET_KEY_BASE']