I am using Rails 4.1.1 and ruby 2.0.0
I've currently ignored my secrets.yml file to my gitignore for github.
secrets.yml
development:
secret_key_base: numb3r57ndl3tt3r5
test:
secret_key_base: differentnumbersandletters13531515
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE'] %>
If this production key is dynamic, where does it read it from? Where do we provide that info? How does that info get to heroku without getting to github?
I already have a secret key environment variable in my heroku app's settings.
I think it was created when I used the heroku_secrets gem https://github.com/alexpeattie/heroku_secrets to run the rake comment rake heroku:secrets RAILS_ENV=production
Can someone explain the conceptual steps, as well as the practical steps on how to utilize secrets.yml properly without exposing secret keys to the public?
If you can also go over with adding another secret key for a different API for instance, that would be much appreciated as well.
I'd like to understand what is happening in the steps in the explanation, rather than something like "do this, do this, do this". Also, if there is code, please specify which file it should be put in, instead of just giving the code, and assuming the reader will know where it goes just based on the code alone (stern look at heroku guide writers)
Thanks! =]
If you use this key <%= ENV["SECRET_KEY_BASE'] %>
On your local machine you can set environment vars in your shell, like (bash or zsh)
export SECRET_KEY_BASE="yourkeybasehere"
And simulate that you run on production (but at your local machine) like
RAILS_ENV=production rails s
However, deploying on Heroku, you can use what they call config vars, by running heroku config:set
command for your app.
heroku config:set SECRET_KEY_BASE=yourkeybasehere
Then the Rails app will populate this config var into secret.yml
production:
secret_key_base: yourkeybasehere
Hope this explains thing you need to understand.
Though, if you would like to play and test. One option is trying to edit your app/views/layouts/application.html.erb file and put the config var you want to display, for instance USERNAME config var
<!DOCTYPE html>
<html>
<head>
<title><%= ENV['USERNAME'] %></title>
</head>
<body>
<%= yield %>
</body>
</html>
Then deploy to heroku and run
heroku config:set USERNAME=gwho
You should see 'gwho' at the page title.
More details about Heroku config vars: https://devcenter.heroku.com/articles/config-vars
More details about Rails 4.1 secrets.yml: http://edgeguides.rubyonrails.org/4_1_release_notes.html#config/secrets.yml
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With