use idiomatic secrets config names and add font-awesome pro scaffoldi…

…ng (DLC-1128)

.github/workflows/ci.yml

@@ -14,6 +14,7 @@ jobs:
     env:
       RAILS_ENV: test
       NOKOGIRI_USE_SYSTEM_LIBRARIES: true
+      FONT_AWESOME_TOKEN: ${{ secrets.FONT_AWESOME_TOKEN }}
 
     steps:
       - uses: actions/checkout@v2

Gemfile

@@ -1,11 +1,26 @@
+require 'yaml'
+
 source 'https://rubygems.org'
 
+def font_awesome_token
+  return ENV['FONT_AWESOME_TOKEN'] if ENV['FONT_AWESOME_TOKEN'] && ENV['FONT_AWESOME_TOKEN'] != ''
+  YAML.load(File.read("./config/secrets.yml")).dig('shared', 'font_awesome_token') if File.exist?("./config/secrets.yml")
+end
+
 gem 'bigdecimal', '~>3.0'
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 6.1.0'
 gem 'shakapacker', '~> 7.0.0'
 gem 'sassc'
-gem 'font-awesome-sass'
+gem "font-awesome-sass", "~> 6.4.0"
+fa_token = font_awesome_token
+if fa_token
+  source "https://token:#{fa_token}@dl.fontawesome.com/basic/fontawesome-pro/ruby/" do
+    gem "font-awesome-pro-sass", "~> 6.4.0"
+  end
+else
+  raise 'ERROR: You are missing font_awesome_token in secrets.yml.  It is required for `bundle install` to work.'
+end
 gem 'bootsnap', '~> 1.9.3'
 gem 'actionpack-action_caching'
 # Hydra stack

Gemfile.lock

@@ -345,8 +345,6 @@ GEM
       rdf (~> 1.1, >= 1.1.10)
     rdf-xsd (1.99.0)
       rdf (~> 1.99)
-    rdoc (6.5.0)
-      psych (>= 4.0.0)
     react_on_rails (13.4.0)
       addressable
       connection_pool
@@ -488,6 +486,12 @@ GEM
       nokogiri (~> 1.8)
     zeitwerk (2.6.11)
 
+GEM
+  remote: https://token:[email protected]/basic/fontawesome-pro/ruby/
+  specs:
+    font-awesome-pro-sass (6.4.2)
+      sassc (~> 2.0)
+
 PLATFORMS
   ruby
 
@@ -514,7 +518,8 @@ DEPENDENCIES
   devise
   devise-guests (~> 0.3)
   factory_bot_rails
-  font-awesome-sass
+  font-awesome-pro-sass (~> 6.4.0)!
+  font-awesome-sass (~> 6.4.0)
   jbuilder
   listen
   loofah (>= 2.2.1)

config/deploy.rb

@@ -46,9 +46,9 @@
   "config/dcv.yml",
   "config/default_user_accounts.yml",
   "config/fedora.yml",
-  "config/initializer_secrets.yml",
   "config/resque.yml",
   "config/blacklight.yml",
+  "config/secrets.yml",
   "config/solr.yml",
   "config/subsites.yml",
   "config/wind.yml",

config/initializers/devise.rb

@@ -4,7 +4,7 @@
   # The secret key used by Devise. Devise uses this key to generate
   # random tokens. Changing this key will render invalid all existing
   # confirmation, reset password and unlock tokens in the database.
-  config.secret_key = YAML.load_file("#{Rails.root}/config/initializer_secrets.yml")['devise_secret_key']
+  config.secret_key = Rails.application.config_for(:secrets)[:devise_secret_key]
 
   # ==> Mailer Configuration
   # Configure the e-mail address which will be shown in Devise::Mailer,

config/initializers/secret_token.rb

@@ -9,7 +9,7 @@
 
 # Make sure your secret_key_base is kept private
 # if you're sharing your code publicly.
-Rails.application.config.secret_key_base = YAML.load_file("#{Rails.root}/config/initializer_secrets.yml", aliases: true)['secret_key_base']
+Rails.application.config.secret_key_base = Rails.application.config_for(:secrets)[:secret_key_base]
 if Blacklight.respond_to? :secret_key
   Blacklight.secret_key = Rails.application.config.secret_key_base
 end

config/initializers/session_store.rb

@@ -2,6 +2,6 @@
 
 cookie_opts = ["development", "test"].include?(Rails.env.to_s) ? {} : { same_site: :none, secure: true }
 Rails.application.config.session_store(:cookie_store,
-  key: YAML.load_file("#{Rails.root}/config/initializer_secrets.yml", aliases: true)['session_store_key'],
+  key: Rails.application.config.secret_key_base = Rails.application.config_for(:secrets)[:session_store_key],
   **cookie_opts
 )

config/templates/secrets.template.yml.erb

@@ -1,6 +1,10 @@
+shared:
+  font_awesome_token: <%= ENV['FONT_AWESOME_TOKEN'] %>
 development:
+  devise_secret_key: <%= SecureRandom.hex(64) %>
   secret_key_base: <%= SecureRandom.hex(64) %>
   session_store_key: _dcv_development_session_key
 test:
+  devise_secret_key: <%= SecureRandom.hex(64) %>
   secret_key_base: <%= SecureRandom.hex(64) %>
   session_store_key: _dcv_test_session_key