[Documentation] Use "...puts rand()..." instead of "rake secret" in apiserver/workbench install instructions
apps/workbench/config/application.yml.example should put "foobar" into secret_token, instead of "~" "rake secret" should work without a secret_token configured -- the instructions say to run "$ rake secret" to generate secret_token, but "$ rake secret" does not work unless you have something in the field already.
$ rake secret rake aborted! Refusing to start in development mode with missing configuration. The following configuration settings must be specified in config/application.yml: * secret_token
(a bigger story is to write up doc: how to start workbench instance from scratch to connect to existing api servers)
Updated by Brett Smith about 7 years ago
- Subject changed from application.yml.example for workench -- secret_token field causes "rake secret" to fail to [Workbench] Can't run "rake secret" without a secret_token already set
- Category set to Workbench
- Story points set to 0.5
It's worth checking whether the API server has the same problem, and addressing it there if so.
Updated by Tom Clegg about 7 years ago
Putting "foobar" in the default config is not acceptable because it allows the application to start up with secret set to a well known string. The current setup where secret_token is nil in the default config, and the default config is invalid, is all correct -- the bug is only that "rake secret" refuses to run when the configuration is incomplete/invalid. Unlike app startup and other rake tasks, "rake secret" actually should run when configuration is incomplete.
Other possible solutions:
"rake secret" just prints a string of random characters. There are lots of other ways to do that. We could change the instructions to say
"tr -dc a-z </dev/urandom | head -c64; echo" or
"ruby -e 'puts rand(2**400).to_s(36)'" instead of
We could bypass the check for that particular config variable (or any configs, for that matter) in the special case of "rake secret".
Perhaps it would also work to never check whether secret_token is nil in our generic nil-config-preventing code. This would be acceptable if Rails itself already refuses to start up without it.
Updated by Radhika Chippada about 7 years ago
- Updated API and Workbench documentation to use "puts rand" instead of "rake secret"
- Also updated SSO guide to use "puts rand" in place of "rake secret"
- While at it, I also updated the index.html. Minor update to make the left hand side of the table to use the same display style as the right hand side with titles. I think the page looks more balanced with this.