Where to store sensitive data in public rails app?

Question

My personal rails project uses a few API\'s for which I store the API keys/secrets in config/environments/production.yml and development.yml as global variables. I now want

Answer 1

How about this...

Create a new project and check it into GitHub with placeholder values in the production.yml and development.yml files.

Update .gitignore to include production.yml and development.yml.

Replace the placeholder values with your secrets.

Now you can check your code into GitHub without compromising your secrets.

And anyone can clone your repo without any extra steps to create missing files (they'll just replace the placeholder values as you did).

Does that meet your goals?