Rails 5.2 credentials + asset precompile

Question

I have a continuous integration which takes rails app and package it as a docker image.

As one of the steps of this packaging process, I want to do asset precompilation.

I was doing this on Rails 5.1. I had to provide some dummy SECRET_KEY_BASE to let it go through.

SECRET_KEY_BASE=1 RAILS_ENV=production rails assets:precompile

I am moving to Rails 5.2 now and want to start using credentials. I am trying following command:

RAILS_ENV=production rails assets:precompile

If I don't RAILS_MASTER_KEY then it will show me an error:

Missing encryption key to decrypt file with. Ask your team for your master key and write it to /home/config/master.key or put it in the ENV['RAILS_MASTER_KEY'].

If I provide dummy (incorrect) RAILS_MASTER_KEY, it will complain that it can't decode credentials.

I don't want to give a real RAILS_MASTER_KEY to CI.

As result, the question is. How to compile asset without it or what are the workarounds?

Answer 1

I'm not seeing a solution either. Another way would be to continue to set config/environments/production.rb to have the line:

config.require_master_key = false

and continue to use your SECRET_KEY_BASE=1 rails assets:precompile

I haven't found a better way. At least this way seems better than maintaining a fake master key.