When I do bin/rails credentials:edit my editor opens a file like credentials.yml.enc.1234 with default content. After I'm done editing, I hit save, and the console reads New credentials encrypted and saved.

After I run bin/rails credentials:edit again, another temp file gets opened (credentials.yml.enc.4321) and the contents are back to default.

How can I make the credentials persist?

There is an issue related to this: https://github.com/rails/rails/issues/31286

It's been fixed already in 5.2.0.rc1

If you aren't using vim, you need to add a wait flag to the editor.

e.g for atom:

EDITOR="atom --wait" credentials:edit

I ran into the same thing and found the answer here.

I had this problem in rails 5.2.0 using textmate as the editor. It turns out the credentials file must be closed after save in order for the changes to persist.

I also had this problem with using atom as editor. I have tried:

EDITOR="atom --wait" rails credentials:edit

and

EDITOR="atom -w" rails credentials:edit

but no results. Finally, I used nano (ubuntu):

EDITOR="nano" rails credentials:edit

For me, this works fine. Maybe, it will be helpful for someone, as an alternative.