Dennis Hackethal’s Blog

My blog about philosophy, coding, and anything else that interests me.

Success! You can now read the full article below. Be sure to save it to PDF before leaving or refreshing the page!

Need help? Email me and be sure to include this reference number:

Using Rails Production Credentials with Heroku

Published · 1-minute read · Pro article

Ruby on Rails offers a credentials feature to store secret information in your repository. The keys Rails creates are added to the .gitignore file, but any secret information itself is encrypted and can be checked into git. There's more info on credentials here.

I found myself confronted with the specific problem of how to use these credentials in Heroku. If you're using only a master key and store your credentials in config/credentials.ymc.enc, that's easy: you just set an environment variable in Heroku called RAILS_MASTER_KEY to the contents of your config/master.key file.

But wait, there’s more!

You’re reading a preview of this Pro article. Pro articles are written with exceptional care and provide additional value. Purchase the full article for only USD 0.99.

Clicking this button will load the payment form. Stripe, the payment processor, may use cookies or cookie-like technology.

Learn more
Is this secure?

Yes. Your credit-card details are handled securely and in a PCI-compliant manner using the trusted payment processor Stripe.

What about privacy?

Your privacy matters to me. For this reason, I’ve decided to provide one of Stripe’s payment forms that’s more complicated to implement but increases your privacy. When you purchase an article, I do not see your name or contact information. However, Stripe does show me your card type, expiration date, issuing financial institution, country, last four digits of your credit-card number, your postal code (if you’re in the US), IP address, internet service provider, operating system, browser, device brand, device model, your card’s average transaction amount, the standard deviation for your card, and ancillary information, including but not limited to whether your card is a debit and/or prepaid card. I will not sell that information. I can’t even associate it with you unless you send me an email that divulges your name. If that is a concern, email me from an anonymous email account. If divulging your IP address is a concern, use a VPN before purchasing an article. Stripe may show me more information about payments in the future, and I’ll have no control over that. They may also have more visibility into your data. I recommend checking their privacy policy.

What if something goes wrong?

If, say, due to technical issues, or for whatever other reason, you cannot see the full article after purchasing it, simply email me and I’ll send you a copy. Please include your reference number starting with ‘pi_…’, if you have it. That reference number is shown to you right after you make the purchase.

Can I get a refund?

Yes. If you purchased an article and didn’t like it, email me and you’ll get a full refund, no questions asked. I will need the reference number starting with ‘pi_…’ to process the refund. That reference number is shown to you right after you make the purchase. Write it down carefully – I am unable to issue refunds without this reference number.

Can I share the full article with others?

The full article is copyrighted and only for your own, personal use. As such, you may not share it with others beyond what’s previewed before purchasing it. However, you are more than welcome to share a link to this page so others can purchase the article, too.


What people are saying

What are your thoughts?

You are responding to comment #. Clear
Your real name is preferred.
Markdown supported. cmd + enter to comment. You are responsible for what you write. Terms, privacy policy
This small puzzle helps protect the blog against automated spam.

Preview