Using Figaro and Secrets.yml to Manage Env Variables

Question

I have a rails 4.1 app and I'm trying to organize my env variables. As of right now I have a secrets.yml file in my config/ folder. I also installed the figaro gem. My goal was to have all my env variables in the application.yml (not checked into git) file and then use the secrets.yml (checked into git) file to map the variables from appliation.yml to the application. When I print the files using Rails.application.secrets It just shows hashes that look like this:

:salesforce_username=>"ENV['SALESFORCE_USERNAME']"

None of my external services are working with this env variables setup. When I view the traces, the actually ENV['ACCOUNT_ID'] are being passed through in the requests like this:

v2/accounts/ENV['ACCOUNT_ID']/envelopes

In addition, I cannot access my env variables using Rails.application.secrets.account_id in my app.

secrets.yml

development:
  account_id: <%= ENV['ACCOUNT_ID'] %>

aplication.yml

development:
  ACCOUNT_ID: "123456"

application.rb

# preload tokens in application.yml to local ENV
config = YAML.load(File.read(File.expand_path('../application.yml', __FILE__)))
config.merge! config.fetch(Rails.env, {})
config.each do |key, value|
  ENV[key] = value.to_s unless value.kind_of? Hash
end

score 11 · Accepted Answer · answered Apr 29 '15 at 15:44

The gem provides a generator:

$ rails generate figaro:install

The generator creates a config/application.yml file and modifies the .gitignore file to prevent the file from being checked into a git repository.

You can add environment variables as key/value pairs to config/application.yml:

GMAIL_USERNAME: Your_Username

The environment variables will be available anywhere in your application as ENV variables:

ENV["GMAIL_USERNAME"]

This gives you the convenience of using the same variables in code whether they are set by the Unix shell or the figaro gem’s config/application.yml. Variables in the config/application.yml file will override environment variables set in the Unix shell.

In tests or other situations where ENV variables might not be appropriate, you can access the configuration values as Figaro method calls:

Figaro.env.gmail_username

Use this syntax for setting different credentials in development, test, or production environments:

HELLO: world
development:
  HELLO: developers
production:
  HELLO: users

In this case, ENV["HELLO"] will produce “developers” in development, “users” in production and “world” otherwise.

rails generate figaro:install is not found in my installation. I put gem figaro, '1.1.1' into my gemfile, ran bundle install and the generator is not there. — Ekkstein, Aug 29 '17 at 12:38

score 1 · Answer 2 · answered Apr 29 '15 at 17:23

You say the ENV variables are being "passed through in the requests", but when I look at your code snippets I think the variables aren't ever being detected as such in the first place.

If you want to inject a variable into a string, double-check that you are using the following format, especially the # and {}:

important_string = "v2/accounts/#{ENV['ACCOUNT_ID']}/envelopes"

On a more general note, if you're unsure what environment variables are being set in a given environment, the easiest way to double-check is to open up the Rails console and query ENV like so:

$ rails console
> puts ENV.keys # find out what ENV vars are set
=> (returns a long list of var names)
> puts ENV['DEVISE_PEPPER']
=> "067d793e8781fa02aebd36e239c7878bdc1403d6bcb7c380beac53189ff6366be"

Sorry this answer wasn't helpful! Any feedback on what I could do to make more useful answers in the future? — Topher Hunt, Jan 20 '17 at 22:33
I found it useful for accessing my environment keys. Thanks. — Jessica Fav, Dec 18 '19 at 12:42

Using Figaro and Secrets.yml to Manage Env Variables

2 Answers2

Linked