Can someone explain me the point, where the advantage is to encrypt secrets with a new secret in order to have encrypted secrets except the secret, that is used to encrypt the other secrets? And will there be a master_master.key in Rails 6 in order to have the ability to encrypt the master.key?
I am really stuck with those new credidentials. As I can see, the database credidentials do not go into the credentials.yml.enc and it is not ignored in .gitignore. credentials.yml.enc is not ignored too. But when it is checked out, it might replace the available credentials.yml.enc but cannot be used, because the master.key is missing.