Rubocop: Rails/EnvironmentVariableAccess -> config files

veganstraightedge · veganstraightedge · commit 34775f1dd3f5 · 2026-01-28T18:35:23.000-08:00
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -27,11 +27,6 @@ Naming/VariableNumber:
   AllowedIdentifiers:
     - es_419
 
-# TODO: https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsenvironmentvariableaccess
-#       Consider using `Rails.application.config.foo` instead of `ENV['FOO']`
-Rails/EnvironmentVariableAccess:
-  Enabled: false
-
 RSpec/DescribeClass:
   Exclude:
     - spec/system/*
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -25,7 +25,7 @@ class ApplicationController < ActionController::Base
   helper :meta
 
   def staging?
-    ENV.fetch('ON_STAGING') { 'FALSE' } == 'TRUE'
+    Rails.application.config.x.app.on_staging
   end
   helper_method :staging?
 
diff --git a/app/lib/code_archiver.rb b/app/lib/code_archiver.rb
@@ -34,7 +34,7 @@ def run
     end
 
     puts '*' * 80
-    if ENV.fetch('STATIC_EXPORT_IMAGES', nil).present?
+    if Rails.application.config.x.app.static_export_images
       puts 'downloading local copies of article images. this will take a while...'
       download_article_images
     else
diff --git a/app/lib/feature_flag.rb b/app/lib/feature_flag.rb
diff --git a/app/models/concerns/single_page_tool.rb b/app/models/concerns/single_page_tool.rb
@@ -52,7 +52,7 @@ def image side: :front, color: :color
     # Rails environment is production in our staging environment for
     # heroku reasons. We have environment variables set to distinguish
     # between the two.
-    throw e if Rails.env.production? && ENV.fetch('ON_PRODUCTION') { 'FALSE' } == 'TRUE'
+    throw e if Rails.env.production? && Rails.application.config.x.app.on_production
     ''
   end
 
diff --git a/config/application.rb b/config/application.rb
@@ -111,5 +111,22 @@ class Application < Rails::Application
     # is deprecated and will be removed in Rails 8.2
     # To opt in to the new behavior, set `config.active_support.to_time_preserves_timezone = :zone`.
     config.active_support.to_time_preserves_timezone = :zone
+
+    # Load each service specific config file into the application's config,
+    # using Rails' custom config namespace: x
+    # Example: Rails.application.config.x.stripe.secret_key
+    #
+    # Enumerate through all YAML files in config/services
+    Rails.root.glob('config/services/*.yml').each do |yaml_filepath|
+      # Read the service name from the YAML file's name
+      service_name = File.basename(yaml_filepath, '.yml')
+
+      # Read the YAML config file for this service
+      service_config = config_for("services/#{service_name}")
+
+      # Load the service's configuration into the custom config namespace
+      # Example: when `yaml_filepath` is "stripe.yml", this will call `config.x.stripe =`
+      config.x.public_send(:"#{service_name}=", service_config)
+    end
   end
 end
diff --git a/config/initializers/bugsnag.rb b/config/initializers/bugsnag.rb
@@ -1,11 +1,11 @@
 Bugsnag.configure do |config|
-  config.api_key = ENV.fetch('BUGSNAG_API_KEY', nil)
+  config.api_key = Rails.application.config.x.bugsnag.api_key
   config.notify_release_stages = %w[staging production]
 
   # we consider both staging and production as 'production' for heroku
   # reasons, so set based on ENV variables
   if Rails.env.production?
-    staging = ENV.fetch('ON_STAGING') { 'FALSE' } == 'TRUE'
+    staging = Rails.application.config.x.app.on_staging
     config.release_stage = staging ? 'staging' : 'production'
   else
     # otherwise it is 'test' or 'development'
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
@@ -4,8 +4,8 @@ class Attack
       throttle('limit requests per IP', limit: 60, period: 1.minute) do |req|
         # Allow trusted requests through unthrottled
         trusted_request =
-          ENV.fetch('RACK_ATTACK_ALLOWED_USER_AGENT', nil).present? &&
-          req.user_agent&.starts_with?(ENV.fetch('RACK_ATTACK_ALLOWED_USER_AGENT'))
+          Rails.application.config.x.rack_attack.allowed_user_agent.present? &&
+          req.user_agent&.starts_with?(Rails.application.config.x.rack_attack.allowed_user_agent)
 
         # Allow Asset Pipeline and ActiveStorage requests through unthrottled
         asset_pipeline = req.path.start_with? '/assets'
diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb
@@ -1,6 +1,6 @@
 SIDEKIQ_REDIS_CONFIGURATION = {
   # use REDIS_PROVIDER for Redis environment variable name, defaulting to REDIS_URL
-  url:        ENV.fetch(ENV.fetch('REDIS_PROVIDER', 'REDIS_URL'), nil),
+  url:        Rails.application.config.x.redis.url,
   ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
 }.freeze
 
diff --git a/config/initializers/stripe.rb b/config/initializers/stripe.rb
@@ -1,8 +1,8 @@
 Rails.configuration.stripe = {
-  publishable_key: ENV.fetch('STRIPE_PUBLISHABLE_KEY', nil),
-  secret_key:      ENV.fetch('STRIPE_SECRET_KEY', nil)
+  publishable_key: Rails.application.config.x.stripe.publishable_key,
+  secret_key:      Rails.application.config.x.stripe.secret_key
 }
 
 Stripe.api_key = Rails.configuration.stripe[:secret_key]
 
-STRIPE_MONTHLY_PRICE_ID = ENV.fetch('STRIPE_MONTHLY_PRICE_ID') { 'monthly' }
+STRIPE_MONTHLY_PRICE_ID = Rails.application.config.x.stripe.monthly_price_id
diff --git a/config/services/app.yml b/config/services/app.yml
@@ -0,0 +1,15 @@
+---
+development:
+  on_staging: false
+  on_production: false
+  static_export_images: <%= ENV.fetch("STATIC_EXPORT_IMAGES", nil).present? %>
+
+test:
+  on_staging: false
+  on_production: false
+  static_export_images: <%= ENV.fetch("STATIC_EXPORT_IMAGES", nil).present? %>
+
+production:
+  on_staging: <%= ENV.fetch("ON_STAGING", "FALSE") == "TRUE" %>
+  on_production: <%= ENV.fetch("ON_PRODUCTION", "FALSE") == "TRUE" %>
+  static_export_images: <%= ENV.fetch("STATIC_EXPORT_IMAGES", nil).present? %>
diff --git a/config/services/bugsnag.yml b/config/services/bugsnag.yml
@@ -0,0 +1,9 @@
+---
+development:
+  api_key: <%= ENV.fetch("BUGSNAG_API_KEY", nil) %>
+
+test:
+  api_key: <%= ENV.fetch("BUGSNAG_API_KEY", nil) %>
+
+production:
+  api_key: <%= ENV.fetch("BUGSNAG_API_KEY", nil) %>
diff --git a/config/services/rack_attack.yml b/config/services/rack_attack.yml
@@ -0,0 +1,9 @@
+---
+development:
+  allowed_user_agent: <%= ENV.fetch("RACK_ATTACK_ALLOWED_USER_AGENT", nil) %>
+
+test:
+  allowed_user_agent: <%= ENV.fetch("RACK_ATTACK_ALLOWED_USER_AGENT", nil) %>
+
+production:
+  allowed_user_agent: <%= ENV.fetch("RACK_ATTACK_ALLOWED_USER_AGENT", nil) %>
diff --git a/config/services/redis.yml b/config/services/redis.yml
@@ -0,0 +1,12 @@
+---
+development:
+  provider: <%= ENV.fetch("REDIS_PROVIDER", "REDIS_URL") %>
+  url: <%= ENV.fetch(ENV.fetch("REDIS_PROVIDER", "REDIS_URL"), nil) %>
+
+test:
+  provider: <%= ENV.fetch("REDIS_PROVIDER", "REDIS_URL") %>
+  url: <%= ENV.fetch(ENV.fetch("REDIS_PROVIDER", "REDIS_URL"), nil) %>
+
+production:
+  provider: <%= ENV.fetch("REDIS_PROVIDER", "REDIS_URL") %>
+  url: <%= ENV.fetch(ENV.fetch("REDIS_PROVIDER", "REDIS_URL"), nil) %>
diff --git a/config/services/stripe.yml b/config/services/stripe.yml
@@ -0,0 +1,15 @@
+---
+development:
+  publishable_key: <%= ENV.fetch("STRIPE_PUBLISHABLE_KEY", nil) %>
+  secret_key: <%= ENV.fetch("STRIPE_SECRET_KEY", nil) %>
+  monthly_price_id: <%= ENV.fetch("STRIPE_MONTHLY_PRICE_ID", "monthly") %>
+
+test:
+  publishable_key: <%= ENV.fetch("STRIPE_PUBLISHABLE_KEY", nil) %>
+  secret_key: <%= ENV.fetch("STRIPE_SECRET_KEY", nil) %>
+  monthly_price_id: <%= ENV.fetch("STRIPE_MONTHLY_PRICE_ID", "monthly") %>
+
+production:
+  publishable_key: <%= ENV.fetch("STRIPE_PUBLISHABLE_KEY", nil) %>
+  secret_key: <%= ENV.fetch("STRIPE_SECRET_KEY", nil) %>
+  monthly_price_id: <%= ENV.fetch("STRIPE_MONTHLY_PRICE_ID", "monthly") %>
