Reputation: 4067
Where to store sensitive files for heroku platform?
I have a private key file for a Firebase access which I don't want to store in GitHub repo obviously.
I am well aware duplicate question, but it's quite old and I don't see much of useful information there. Something might have changed since then hopefully?
So far I have a heroku branch with a commit that contains this private key and whenever I want to release new app version I am rebasing this branch onto master so the commit sits on top. However it's quite a hassle.
It would be probably enough to have some secure offsite storage that can be accessed through some regular credentials that can be stored in env variables. I want to avoid S3 as they require credit card just for a registration.
Any other options?
Upvotes: 1
Views: 235
Answers (1)
Reputation: 5690
What's wrong with setting up multi-line environment variables in Heroku (as suggested by the other question that you have linked to)?
If you're on Rails 5.1, there is now another option though - encrypted secrets. This allows you to commit an encrypted version of your private key file to version control, and just have the master key in Heroku. This appears to be based on the sekrets gem, which could be an option for older Rails versions - but you'll want to read the docs and do some research there, if that's your preferred route.
Upvotes: 1
Related Questions
- Git pushing confidential information
- how to secure app and source code in heroku
- How do I push sensitive files to Heroku but not on Github?
- How do I securely store a .pem file when working with git-tracked heroku project?
- Where should I store sensitive files on Heroku?
- Hiding Confidential Data From Git But pushing to Heroku
- Keeping production configuration files hidden from developers
- GIT/Heroku sensitive info
- How to manage .git on heroku app
- managing production credentials in heroku