Step by Step explanation for using Rails secrets.yml without exposing keys to public repo when deploying to Heroku

Question

I am using Rails 4.1.1 and ruby 2.0.0

I\'ve currently ignored my secrets.yml file to my gitignore for github.

secrets.yml

develo         


        

Answer 1

Here's a (hopefully simple) step by step guide FOR HEROKU that should be performed prior to pushing files (secrets.yml) to GitHub, or another host.

*I am not an expert on this topic but this worked well for me and seems like a good solution. It combines info from answers to this question as well as answers to this question (How do you keep secrets.yml secret in rails?) to provide a simple guide :)

1) Copy secrets.yml to another file named secrets_backup.yml

you should now have two files with the same content as secrets.yml

2) Add secrets_backup.yml to your .gitignore

3) Change the text in secrets.yml to the following

development:
  secret_key_base: <%= ENV["SECRET_KEY_BASE_DEV"] %>
test:
  secret_key_base: <%= ENV["SECRET_KEY_BASE_TEST"] %>
production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

4) cd to your rails project folder on the command line

5) In the terminal type heroku config:set SECRET_KEY_BASE_TEST=, where should be copied and pasted from the test: secret_key_base: which is in secrets_backup.yml

6) In the terminal type heroku config:set SECRET_KEY_BASE_DEV=, where should be copied and pasted from the development: secret_key_base: which is in secrets_backup.yml

7) My secrets.yml file already had the SECRET_KEY_BASE instead of the actual key, so I suspect yours will too. But if not, set the SECRET_KEY_BASE variable as the other two were set above.

8) Push your repo to GitHub and Heroku

9) Smile because you're the G.O.A.T and show off your sweet website!