CODEWITHSUNDEEP
ruby-on-railsrubyruby-on-rails-4
hellomello
hellomello

Reputation: 8597

Ruby on Rails, retrieving API key from secrets.yml

Can someone help me understand how to retrieve an API key if I'm storing it into secrets.yml?

If I have some kind of google API key 'yt_key':

secrets.yml

development:
  secret_key_base: 390257802398523094820 #some key
  yt_key: A423092389042430 #some key

test:
  secret_key_base: 43208947502938530298525#some key
  yt_key: A423092389042430 #some key

production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
  yt_key: <%= ENV["YT_KEY"] %>

I'm just following the examples, this is how I would set it up right?

So if I publish this to production, I would save the A423092389042430 in heroku and under YT_KEY, correct?

But in development, would I do it this way to retrieve the data:

in /config/application.rb

Yt.configure do |config|
  config.api_key = '<%= ENV["YT_KEY"] %>'
end

or should this be in the the class:

module Sample
  class Application < Rails::Application

    Yt.configure do |config|
      config.api_key = '<%= ENV["YT_KEY"] %>'
    end

    config.active_record.raise_in_transactional_callbacks = true
  end
end

Or did I set up the configure wrong?

Upvotes: 4

Views: 4096

Answers (3)

Sylar
Sylar

Reputation: 12092

You can also use Figaro gem.

Once installed, you'll have a config/application.yml file. Inside it you can store your api keys etc.:

SENDGRID_USERNAME: a-name
SENDGRID_PASSWORD: password

Now, anywhere in your .rb files, you can reference it using vars:

# Noticed how I keep my vars uppercase throughout.

ENV["SENDGRID_USERNAME"]
ENV["SENDGRID_PASSWORD"]

# Production vars go below the `production` line

production:
  ENV["MY_PRODUCTION_VAR"]

If using those env keys inside your html.erb then you'll need to wrap it with <%= ... %>

Upvotes: 0

Eric Arnold
Eric Arnold

Reputation: 101

ENV["YT_KEY"] references the 'YT_KEY' environment variable which you'll have to set with a Heroku config variable.

In your app, you can access your secrets like this:

Rails.application.secrets.key_name

Since you're storing the 'YT_KEY' as an environment variable in production only, you should configure Yt like so:

(You can do this in a initializer file located at app/initializers/yt.rb)

Yt.configure do |config|
  config.api_key = Rails.application.secrets.yt_key
end

That way, the correct key will be set in each environment.

It's good practice to use different keys for each environment, so should get another key for your production environment. Also, you should avoid storing secret production environment keys in the code. That's why it's common to use ENV variables for production keys.

Let me know if you need any clarification!

Upvotes: 5

Subhash Chandra
Subhash Chandra

Reputation: 3265

Do it this way, we are doing this way since a long time and working very well for us and this is a good convention as well.

secrets.yml

development:
  secret_key_base: 390257802398523094820 #some key
  yt_key: A423092389042430 #some key

test:
  secret_key_base: 43208947502938530298525#some key
  yt_key: A423092389042430 #some key

production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
  yt_key: <%= ENV["YT_KEY"] %>

Add these line to your application.rb file

 config_files = ['secrets.yml']

    config_files.each do |file_name|
      file_path = File.join(Rails.root, 'config', file_name)
      config_keys = HashWithIndifferentAccess.new(YAML::load(IO.read(file_path)))[Rails.env]
      config_keys.each do |k,v|
        ENV[k.upcase] ||= v
      end
    end

and now you can access yt_key this way ENV["YT_KEY"] or any other key you add like some_key to ENV["SOME_KEY"].

It's often recommended to not put your custom keys in secret.yml instead make another file like app_keys.yml and put all keys there.

Upvotes: 1

Related Questions