Fix asset precompile boot and bump version to 0.16.0
Some checks failed
Some checks failed
The CLINCH_HOST initializer raised during `assets:precompile` in the Docker build, where no real host is set. Skip the check when SECRET_KEY_BASE_DUMMY is present (the build-time precompile step); deployed boots still require CLINCH_HOST. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Dan Milne
@@ -4,7 +4,10 @@
|
|||||||
# never inferred from request headers — X-Forwarded-Host is attacker-influenceable,
|
# never inferred from request headers — X-Forwarded-Host is attacker-influenceable,
|
||||||
# so inferring the origin from it would allow host-header phishing and open
|
# so inferring the origin from it would allow host-header phishing and open
|
||||||
# redirects. Fail fast at boot rather than start in an unsafe configuration.
|
# redirects. Fail fast at boot rather than start in an unsafe configuration.
|
||||||
unless Rails.env.local?
|
#
|
||||||
|
# Skipped during asset precompilation (e.g. the Docker build step, which sets
|
||||||
|
# SECRET_KEY_BASE_DUMMY): no real CLINCH_HOST exists yet and assets don't need it.
|
||||||
|
unless Rails.env.local? || ENV["SECRET_KEY_BASE_DUMMY"].present?
|
||||||
if ENV["CLINCH_HOST"].blank?
|
if ENV["CLINCH_HOST"].blank?
|
||||||
raise "CLINCH_HOST must be set (e.g. https://auth.example.com). It is the " \
|
raise "CLINCH_HOST must be set (e.g. https://auth.example.com). It is the " \
|
||||||
"canonical origin of this Clinch instance and must not be inferred " \
|
"canonical origin of this Clinch instance and must not be inferred " \
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
module Clinch
|
module Clinch
|
||||||
VERSION = "0.15.0"
|
VERSION = "0.16.0"
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user