Reputation: 28153
Deploying to Heroku with sensitive setting information
I'm using GitHub for code and Heroku for the deployment platform for my rails app.
I don't want to have sensitive data under Git. Such data include database file settings (database.yml) and some other files that have secret API keys.
When I deploy to heroku, how can I deal with files that are not under revision control.
When I use Capistrano, I can write some hook methods, but I don't know what to do with Heroku.
Upvotes: 10
Views: 1853
Answers (2)
Reputation: 35331
I would create a local branch, let's call it SECRET, and make the 'secret' modifications there. Commit them and DO NOT push them to github.
Now just checkout and keep working on the master branch till ready to release.
To prepare the release checkout the SECRET branch, merge the master branch into it, and push it to heroku as usual.
(BTW : I always forget to switch back to the work branch, git stash is your friend in this case)
Upvotes: 5
Reputation: 115292
For Heroku, you'll need to have database.yml under Git because Heroku will automatically read it and create a PostgreSQL configuration from it.
For other sensitive information such as API keys, Heroku provide config vars which are effectively environment variables. You can add them using:
heroku config:add KEY=value
—and access them from within your application using:
ENV['KEY']
Note that config vars can be listed, added and removed using the heroku command-line program and that once set they are persistent.
Upvotes: 19
Related Questions
- Can't deploy rails app to Heroku due to a security issue
- Adding sensitive data to heroku application (ruby on rails)
- Deploying to Heroku with existing data
- Rails app deploy on Heroku
- deploy rails app on heroku
- Heroku Deployment using Rails 4
- Best Practice for Config Variables on Heroku
- heroku/rails deployment
- Rails Heroku Deployment
- Deploying rails app on heroku