10

I'm using GitHub for code and Heroku for the deployment platform for my rails app.

I don't want to have sensitive data under Git. Such data include database file settings (database.yml) and some other files that have secret API keys.

When I deploy to heroku, how can I deal with files that are not under revision control.

When I use Capistrano, I can write some hook methods, but I don't know what to do with Heroku.

Improve this question

2 Answers 2

Reset to default
19

For Heroku, you'll need to have database.yml under Git because Heroku will automatically read it and create a PostgreSQL configuration from it.

For other sensitive information such as API keys, Heroku provide config vars which are effectively environment variables. You can add them using:

heroku config:add KEY=value

—and access them from within your application using:

ENV['KEY']

Note that config vars can be listed, added and removed using the heroku command-line program and that once set they are persistent.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

how would you deal e.g. with .pem certificate files? I need up to 4 RSA keys for paypal etc. that I want to commit to heroku but not to github.
5

I would create a local branch, let's call it SECRET, and make the 'secret' modifications there. Commit them and DO NOT push them to github.

Now just checkout and keep working on the master branch till ready to release.

To prepare the release checkout the SECRET branch, merge the master branch into it, and push it to heroku as usual.

(BTW : I always forget to switch back to the work branch, git stash is your friend in this case)

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.