Where to store sensitive data in public rails app?

前端未结

关注

 5  1911

滥情空心 2020-12-01 00:49

My personal rails project uses a few API\'s for which I store the API keys/secrets in config/environments/production.yml and development.yml as global variables. I now want

5条回答

天涯浪人 (楼主)

2020-12-01 01:36
Rails 4.1 has now a convention for it. You store this stuff in secrets.yml. So you don't end up with some global ENV calls scattered across Your app.

This yaml file is like database.yml erb parsed, so you are still able to use ENV calls here. In that case you can put it under version control, it would then serve just as a documentation which ENV vars has to be used. But you also can exlcude it from version control and store the actual secrets there. In that case you would put some secrets.yml.default or the like into the public repo for documentation purposes.
```
development: 
   s3_secret: 'foo'
production: 
   s3_secret: <%= ENV['S3_SECRET']%>
```
Than you can access this stuff under
```
Rails.application.secrets.s3_secret
```
Its discussed in detail at the beginning of this Episode
0 讨论(0)

查看其它5个回答
发布评论:

提交评论
- 加载中...