From aab01fa0e5721d90db1cca4ffef9b8a0e8ed4c52 Mon Sep 17 00:00:00 2001
From: Keith Lawrence <keith.lawrence@digital.cabinet-office.gov.uk>
Date: Tue, 31 Oct 2023 11:39:27 +0000
Subject: [PATCH] Load secrets into credentials hash to maintain existing
 behaviour

---
 config/initializers/secrets_to_credentials.rb | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 config/initializers/secrets_to_credentials.rb

diff --git a/config/initializers/secrets_to_credentials.rb b/config/initializers/secrets_to_credentials.rb
new file mode 100644
index 000000000..8a92ab5b6
--- /dev/null
+++ b/config/initializers/secrets_to_credentials.rb
@@ -0,0 +1,8 @@
+# Rails 7 has begung to deprecate Rails.application.secrets in favour
+# of Rails.application.credentials, but that adds the burden of master key
+# adminstration without giving us any benefit (because our production
+# secrets are handled as env vars, not committed to our repo. Here we
+# loads the config/secrets.YML values into Rails.application.credentials,
+# retaining the existing behaviour while dropping deprecated references.
+
+Rails.application.credentials.merge!(Rails.application.config_for(:secrets))