I have a Sinatra app which runs ActiveRecord by using the activerecord and sinatra-activerecord gems. I would like to use ActiveRecord encryption, but the ActiveRecord Encryption guide assumes that I have a Rails app and specifies how to add the required encryption keys to the Rails credentials file. As this is not a Rails app, how do I specify an alternate keystore for ActiveRecord to use?
Specifically the error I am seeing is:
ActiveRecord::Encryption::Errors::Configuration:
key_derivation_salt is not configured. Please configure it via credential active_record_encryption.key_derivation_salt or by setting config.active_record.encryption.key_derivation_salt
So I think that it is running correctly, I just don't know how to configure it without the Rails credentials file.
Try this:
ActiveRecord::Encryption.configure(
primary_key: xxx,
deterministic_key: yyy,
key_derivation_salt: zzz
)
Looks undocumented, but found in the source code.