calyxofheld
Reputation: 2128
development and test secret_key_base in Rails 4.2.2
Is it necessary to store the keys for development and testing environments in an ENV variable before pushing code to GitHub? I understand why keys should be hidden in production, but not why they should be hidden in development or testing.
development:
secret_key_base: reallylongkey
test:
secret_key_base: anotherreallylongkey
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
If I push that to GitHub, and leave the development and testing keys public, would my app be in danger?
Upvotes: 0
Views: 748
Answers (1)
dre-hh
Reputation: 8044
No it won't, as long as you are not deploying a rails app somewhere in development or test mode.
See What is the use of secret_key_base in rails 4
Upvotes: 1
Related Questions
- Rails Production - How to set Secret Key Base?
- Missing production secret_key_base in rails
- What's the correct way of defining secret_key_base on Rails 6?
- rails secret_key_base not being recognized in production
- Missing secret_key_base in Rails.application.secrets on test environment
- Rails: Unable to use new `config/secrets.yml`
- Rails 4.2.3 secret_key_base not being set from secrets.yml for development/test environments with all other variables being set correctly
- How to correctly add ENV["SECRET_KEY"BASE"] in rails
- Missing secret_key_base in rails production
- Secret_key_base isn't working?