kobaltzPRO

Joined 7/18/2015
kobaltz PRO said 9 months ago:

You're best bet would be to upgrade to Rails 5.1.X if possible and use the encrypted secrets. It will at least get the code base up to a point where swapping out the encrypted secrets for credentials an easier task.

sekmo PRO said 9 months ago:

Thanks! But what can I do if at the moment I have to keep the 5.0.x version?

kobaltz PRO said 9 months ago:

I'd say it would depend on how you're deploying to the production environment.

Basically, you can use your secrets.yml file to store all of the keys and values. Within each of the values, reference an environment variable. So, within the file, you may have something like this:

production:
  database_password: <%= ENV['DATABASE_PASSWORD'] %> 

At least, in this way, you're not storing sensitive information in the codebase. From here, you can set your Environment Variables how you see fit. On a production deployment, it could be through ansible/chef/capistrano that is setting the ENV Vars or something similar.

kobaltz PRO said 9 months ago:

I'd say it would depend on how you're deploying to the production environment.

Basically, you can use your secrets.yml file to store all of the keys and values. Within each of the values, reference an environment variable. So, within the file, you may have something like this:

production:
  database_password: <%= ENV['DATABASE_PASSWORD'] %> 

At least, in this way, you're not storing sensitive information in the codebase. From here, you can set your Environment Variables how you see fit. On a production deployment, it could be through ansible/chef/capistrano that is setting the ENV Vars or something similar.

kobaltz PRO said 9 months ago:

Have a look at this forum https://forums.mysql.com/read.php?73,170617,185695

kobaltz PRO said 9 months ago:

It is just a different way to parse the JSON. If you wanted to reference the object, you could do it with something like version.object['first_name'] but I think that something like version.changed_object.first_name appears nicer. It is really just a preference.

kobaltz PRO said 8 months ago:

You can check the docs for additional tags https://docs.gitlab.com/ce/ci/yaml/README.html#validate-the-gitlab-ciyml

Which also includes a validator at /ci/lint.

Alternatively, you can make a post request to the ApI

https://docs.gitlab.com/ee/api/lint.html

kobaltz PRO said 8 months ago:

You could try to change the controller endpoint so it's not going to devise, but rather a user controller. So you wouldn't use the edit_user_registration_path in the view, but rather something like edit_user. With Devise, you may need to add something like bypass_sign_in(current_user) as it will sometimes log a user out on changes. So the edit action of the UsersController may look like this.

  def update
    if current_user.update_attributes(user_params)
      bypass_sign_in(current_user)
      if params[:user][:avatar].present?
        render :crop
      else
        redirect_to edit_user_path(current_user), notice: "Successfully updated user."
      end
    else
      render :edit
    end
  end

kobaltz PRO said 8 months ago:

I've had a chance to look at this gem. Its documentation is pretty extensive which is always nice to see. I'll consider covering this gem in the future. One thing that I highly dislike about this gem is that it seems a lot more invasive in the models. It also has a lot of added complexity based on the documentation and I'm not convinced that it's necessary to accomplish what they're doing. Overall the gem does look pretty cool and for a large complex app, this may be a good fit.

kobaltz PRO said 8 months ago:

Yea, I could do a video or blog post on how I set up my editor. It's overall fairly simple, but I do have some things that I do normally that others may not.

[email protected] said 8 months ago:

Thanks for your replay, before that completely video for blog post, can you share your configuration for now ?

Thanks again

kobaltz PRO said 8 months ago:

I'm running VSCode with the following extensions and config

code-runner v0.9.3
code-settings-sync v2.9.2
erb v0.0.1
githistory v0.4.1
gitlens v8.3.3
gruvbox-themes v1.0.0
Ruby v0.18.0
ruby-rubocop v0.7.0
solargraph v0.17.4
sublime-keybindings v4.0.0
vscode-icons v7.23.0

{
"vsicons.dontShowNewVersionMessage": true,
"workbench.colorTheme": "Gruvbox Dark (Medium)",
"editor.tabSize": 2,
"workbench.iconTheme": "vscode-icons",
"window.zoomLevel": 0,
"sublimeTextKeymap.promptV3Features": true,
"editor.multiCursorModifier": "ctrlCmd",
"editor.snippetSuggestions": "top",
"editor.formatOnPaste": true,
"sync.gist": "GISTIDHERE",
"sync.lastUpload": "2018-05-03T02:12:41.998Z",
"sync.autoDownload": false,
"sync.autoUpload": false,
"sync.lastDownload": "2018-05-11T13:58:20.284Z",
"sync.forceDownload": false,
"sync.anonymousGist": false,
"sync.host": "",
"sync.pathPrefix": "",
"sync.quietSync": false,
"sync.askGistName": false,
"workbench.activityBar.visible": true,
"explorer.confirmDelete": false,
"explorer.confirmDragAndDrop": false,
"extensions.ignoreRecommendations": false,
"gitlens.advanced.messages": {
"suppressCommitHasNoPreviousCommitWarning": true,
"suppressCommitNotFoundWarning": true,
"suppressFileNotUnderSourceControlWarning": true,
"suppressGitVersionWarning": true,
"suppressLineUncommittedWarning": true,
"suppressNoRepositoryWarning": true,
"suppressResultsExplorerNotice": false,
"suppressShowKeyBindingsNotice": true,
"suppressUpdateNotice": false,
"suppressWelcomeNotice": true
},
"files.associations": {
"*.html.erb": "erb"
},
"sync.removeExtensions": true,
"sync.syncExtensions": true,
"gitlens.keymap": "chorded",
"gitlens.historyExplorer.enabled": true,
"workbench.startupEditor": "newUntitledFile"
}

[email protected] said 7 months ago:

I've already use that , thanks

kobaltz PRO said 8 months ago:

I'm running VSCode with the following extensions and config

code-runner v0.9.3
code-settings-sync v2.9.2
erb v0.0.1
githistory v0.4.1
gitlens v8.3.3
gruvbox-themes v1.0.0
Ruby v0.18.0
ruby-rubocop v0.7.0
solargraph v0.17.4
sublime-keybindings v4.0.0
vscode-icons v7.23.0

{
"vsicons.dontShowNewVersionMessage": true,
"workbench.colorTheme": "Gruvbox Dark (Medium)",
"editor.tabSize": 2,
"workbench.iconTheme": "vscode-icons",
"window.zoomLevel": 0,
"sublimeTextKeymap.promptV3Features": true,
"editor.multiCursorModifier": "ctrlCmd",
"editor.snippetSuggestions": "top",
"editor.formatOnPaste": true,
"sync.gist": "GISTIDHERE",
"sync.lastUpload": "2018-05-03T02:12:41.998Z",
"sync.autoDownload": false,
"sync.autoUpload": false,
"sync.lastDownload": "2018-05-11T13:58:20.284Z",
"sync.forceDownload": false,
"sync.anonymousGist": false,
"sync.host": "",
"sync.pathPrefix": "",
"sync.quietSync": false,
"sync.askGistName": false,
"workbench.activityBar.visible": true,
"explorer.confirmDelete": false,
"explorer.confirmDragAndDrop": false,
"extensions.ignoreRecommendations": false,
"gitlens.advanced.messages": {
"suppressCommitHasNoPreviousCommitWarning": true,
"suppressCommitNotFoundWarning": true,
"suppressFileNotUnderSourceControlWarning": true,
"suppressGitVersionWarning": true,
"suppressLineUncommittedWarning": true,
"suppressNoRepositoryWarning": true,
"suppressResultsExplorerNotice": false,
"suppressShowKeyBindingsNotice": true,
"suppressUpdateNotice": false,
"suppressWelcomeNotice": true
},
"files.associations": {
"*.html.erb": "erb"
},
"sync.removeExtensions": true,
"sync.syncExtensions": true,
"gitlens.keymap": "chorded",
"gitlens.historyExplorer.enabled": true,
"workbench.startupEditor": "newUntitledFile"
}

[email protected] said 7 months ago:

I've already use that , thanks

kobaltz PRO said 7 months ago:

In this situation, the developers must have access to the master key which would expose production secrets to more people than necessary. This of course depends on the layout of the R&D team. If it is a solo developer working on a personal project then the exposure is obviously limited. However, in a larger setting, often the developers will not have access nor the secrets to the production environment.

mcfoton said 7 months ago:

Got it, thanks!