Above answers did not work for me exactly. I use rails 8. Instead of EDITOR I used VISUAL keyword.
VISUAL="/opt/homebrew/bin/vim" bin/rails credentials:edit
You can see it is written on help:
bin/rails credentials:help
Editing Credentials:
bin/rails credentials:editwill open a temporary file in$VISUALor$EDITORwith the decrypted contents to edit the encrypted credentials.When the temporary file is next saved the contents are encrypted and written to `config/credentials.yml.enc` while the file itself is destroyed to prevent credentials from leaking.