[LRUG] How do you manage secrets in Rails apps?

Phil Nash philnash at gmail.com
Tue Sep 23 15:34:27 PDT 2014 

Thanks for the answers so far everyone.

I'm interested in the methods you use to manage either secrets.yml,
figaro's application.yml or dotenv's .env.production on production servers
too. Do you do so using chef, as Seung-Hyo suggested (great link to that
write up there, thanks) or some other way?

Thanks again, this is really interesting!

Phil

On Tue, Sep 23, 2014 at 7:18 PM, Siddharth Sharma <svs at svs.io> wrote:

> Rails 4.1 has secrets.yml
> http://edgeguides.rubyonrails.org/4_1_release_notes.html
>
> For lower versions of Rails, I've been using figaro for years with no
> problems. I like to never have my production environment variables anywhere
> near my development environment, so I actually prefer not having an easy
> way to set heroku configs, etc.
>
> On Tue, Sep 23, 2014 at 11:43 PM, James McCarthy <james at lety.co> wrote:
>
>> Dotenv.
>>
>>
>> James McCarthy
>>
>> Software Engineer
>>
>> LetyCo - Analyse, Build, Deliver
>> Ruby/Rails software for London and the SouthEast.
>>
>> Mob:  07577006897
>>
>> Email:  james at lety.co
>>
>> lety.co
>>
>>
>>
>> -------- Original message --------
>> From: Phil Nash
>> Date:23/09/2014 19:06 (GMT+00:00)
>> To: London Ruby Users Group
>> Subject: [LRUG] How do you manage secrets in Rails apps?
>>
>> Hi LRUG,
>>
>> I've been thinking a lot recently about application secrets like API or
>> database credentials and how they are stored in different environments for
>> Rails apps. I was hoping that you lovely LRUG member could share how you
>> deal with this yourself.
>>
>> Currently I only tend to deploy apps to Heroku, so I use environment
>> variables throughout the app, loaded in development/test environments with
>> the envyable <https://github.com/philnash/envyable> gem, though figaro
>> <https://github.com/laserlemon/figaro> would do the same job.
>>
>> So, what I'm asking is, if you use environment variables for config in
>> your applications how do you load them in both development and production
>> environments?
>>
>> Thanks,
>>
>> Phil
>>
>> --
>> Phil Nash
>> @philnash
>>
>> _______________________________________________
>> Chat mailing list
>> Chat at lists.lrug.org
>> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
>> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
>> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20140923/7b0c4780/attachment.html>

More information about the Chat mailing list