Rails: How to fix "Missing secret_key_base for 'production' environment"
Keep default the secrets.yml
file
# config/secrets.yml
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
aws_secret: abcde
some_password: abcdex
development:
secret_key_base: static_secret_key
aws_secret: abcde
test:
secret_key_base: static_test_secret_key
#not_indented: key for all env in once
secret_key_base: global_key_for_all_env
RAILS_ENV=production SECRET_KEY_BASE=production_test_key rails c
If using Rails 5.2.0, add to production env below, check this LINK
config.require_master_key = true #config/environments/production.rb
Rails 5.2.0 requires an extra stage for the production environment:
config.require_master_key = true # in config/environments/production.rb
Without it, Rails still falls back to the legacy secret.yml
mechanism (for now).
Engine Yard's Christopher Rigor has written a concise post on it. The relevant piece:
Reading the Credentials
If you want to use the credentials in the production environment, add the following to
config/environments/production.rb
config.require_master_key = true
A good read to also see up and down sides.
Note: As @TomDogg found out, Rails 5.2.1 seems again different, so this answer may only apply to 5.2.0.
config/credentials.yml.enc:
development:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
test:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
production:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
secret_key_base: ZZZZZZZZZ
# `secret_key_base:` must NOT be indented !
# It must be put at the very start of a new line.
# There is also no need for it in development or test environment,
# since there are no attacks to be expected.
Also make sure that you respect all YAML indention rules (i.e. 2 spaces only) as failing to do so my make loading of this file fail silently.