Fix deprecation warnings from tests

[mbichoffe]

I have completed some work on Case Manager that's ready for review!
This pull request makes the following changes:

1) Set action_dispatch.show_exceptions to :none

The deprecation warning:
Setting action_dispatch.show_exceptions to false is deprecated. Set to :none instead. (called from block (4 levels) in class:LinesControllerTest at /home/runner/work/dcaf_case_management/dcaf_case_management/test/controllers/lines_controller_test.rb:34)
is due to a change in how Rails handles the action_dispatch.show_exceptions configuration setting.
Setting it to :none will have the same effect as setting it to false in the previous version.

2) Conditional Secret Key Assignment for Test Environment

The secret key for Devise is now explicitly set to Rails.application.secret_key_base in test environments .
This is a temporary workaround for the tests deprecation warning: Rails.application.secrets is deprecated in favor of Rails.application.credentials and will be removed in Rails 7.2. See related issue.

Next Steps

As part of Rails' evolution, accessing secrets via Rails.application.secrets is being deprecated in favor of Rails.application.credentials. This change aims to enhance security and streamline secret management by utilizing encrypted credentials.
I would consider migrating all sensitive credentials from the unencrypted secrets.yml file to Rails' encrypted credentials system (credentials.yml.enc). I can do this on this PR and share the necessary master key securely via SendSafely with a team member who has the requisite Heroku access. This will allow us to set up the environment variables on Heroku securely and complete the migration process.

It relates to the following issue #s:

• Fixes Rails deprecation warnings #3128

For reviewer:

• Adjust the title to explain what it does for the notification email to the listserv.
• Tag this PR:
  • feature if it contains a feature, fix, or similar. This is anything that contains a user-facing fix in some way, such as frontend changes, alterations to backend behavior, or bug fixes.
  • dependencies if it contains library upgrades or similar. This is anything that upgrades any dependency, such as a Gemfile update or npm package upgrade.
• If it contains neither, no need to tag this PR.

[lomky]

Wow this one turned out to be a doozy!

I would consider migrating all sensitive credentials from the unencrypted secrets.yml file to Rails' encrypted credentials system (credentials.yml.enc). I can do this on this PR and share the necessary master key securely via SendSafely with a team member who has the requisite Heroku access. This will allow us to set up the environment variables on Heroku securely and complete the migration process.

We only store dev & test in config/secrets - the production key is stored in the heroku env. Can we just move the dev/test secrets over to credentials and do the same env lookup from it?

Wanna get colin's take on next step before we merge!

[colinxfleming]

I'm good on these changes in this PR! Thank you so much for running this all down.

It's mad annoying that they're deprecating secrets but what can you do. Our secrets file is basically 'two random pieces of garbage plus a ref to an environment variable'; I'd be interested in whether the shift to credentials.yml is as simple as moving it over, and if we can stil have the erb ENV['SECRET_KEY_BASE'] in there. Do you have any sense of that @mbichoffe ?

Either way, I'm good with the diffs in here, so @lomky please punch merge when you're ready!