diff --git a/.github/workflows/specs.yml b/.github/workflows/specs.yml index d2db36e..508a24f 100644 --- a/.github/workflows/specs.yml +++ b/.github/workflows/specs.yml @@ -59,7 +59,6 @@ jobs: - name: Run specs env: BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile - CASTLE_API_SECRET: ${{ secrets.CASTLE_API_SECRET }} run: | bundle exec rake - name: Simplecov Report diff --git a/Gemfile.lock b/Gemfile.lock index ec45316..329703f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -117,7 +117,7 @@ GEM minitest (6.0.6) drb (~> 2.0) prism (~> 1.5) - net-imap (0.6.4) + net-imap (0.6.4.1) date net-protocol net-pop (0.1.2) diff --git a/spec/support/init_castle_device.rb b/spec/support/init_castle_device.rb index 39eabf9..cad91cc 100644 --- a/spec/support/init_castle_device.rb +++ b/spec/support/init_castle_device.rb @@ -1,7 +1,11 @@ # frozen_string_literal: true CastleDevise.configure do |config| - config.api_secret = ENV.fetch("CASTLE_API_SECRET", "fake-secret-123") - config.app_id = ENV.fetch("CASTLE_APP_ID", "123456789") + # Explicitly set a non-empty api_secret. The castle-rb SDK validates that + # api_secret is present before every request, and the VCR cassettes mean + # no real secret is needed, so a fixed dummy value keeps the specs valid + # everywhere (including Dependabot runs that don't get repo secrets). + config.api_secret = "fake-secret-123" + config.app_id = "123456789" config.logger = Logger.new($stdout) end