-1

So, I'm a little confused on how to securely store my email credentials using Figaro - am about to push my app up to production from development. Noted on the guide at https://github.com/laserlemon/figaro though I not know where to begin and end. I tried searching on stack overflow for a guide on this but found none. What steps should I take after installing Figaro to store said credentials in development, then push my app up to production? Thanks. p.s. I'm a beginner in Rails.

My Git is up at https://github.com/cheese1884/197451

Is Using Figaro and Secrets.yml to Manage Env Variables still relevant as of 2018?

songs
  • 13
  • 1
  • 9
  • The guide is very clear. It looks like you haven't even done the "Getting Started" step as you don't have `config/application.yml` in your repository. Also, you don't say where you're hosting your production app. If Heroku, there are specific instructions for how to do that. Otherwise, follow the "Other Hosts" instructions. – jvillian Sep 25 '18 at 21:44
  • yes it is. pardon for the confusion - this is me asking in advanced – songs Sep 25 '18 at 21:47
  • Sorry. My mistake. `config/application.yml` is purposefully not pushed to your repository as stated in the Figaro guide. My bad and my apologies. Have you set up `config/application.yml`? – jvillian Sep 25 '18 at 21:50
  • Figaro is rather old and I only used that with rails 3 apps. Setting environmental variables is really down to the way you deploy your apps. We host our own apps so use the secrets which are added during deployment. Without stating the obvious do not store your credentials in any file you include in your source code repository. There are arguments for not using environment variables because these can sometimes be written to log files. Depending on the version of rails you are using you may want to look at encrypted secrets (rails 5.2). – Mark Davies Sep 26 '18 at 10:37
  • @jvillian i have now set up the config/application.yml but am not sure of how to type out the commands for ENV to store both my email and email password credentials following the guide I quoted above – songs Sep 26 '18 at 10:50
  • Thanks @MarkDavies – songs Sep 26 '18 at 10:50
  • @jvillian my configuration.yml now looks like: # Add configuration values here, as shown below. # # pusher_app_id: "2954" # pusher_key: 7381a978f7dd7f9a1117 # pusher_secret: abdc3b896a0ffb85d373 # stripe_api_key: sk_test_2J0l093xOyW72XUYJHE4Dv2r # stripe_publishable_key: pk_test_ro9jV5SNwGb1yYlQfzG17LHK # # production: # stripe_api_key: sk_live_EeHnL644i6zo4Iyq4v1KdV9H # stripe_publishable_key: pk_live_9lcthxpSIHbGwmdO941O1XVU – songs Sep 26 '18 at 10:50

1 Answers1

0

Thought I would add this as an answer to make it easier to read and follow. From your response you have set up an application.yml and it will have the values you want to reference in your code somewhere.

Using a simple example I have set up a username and password in an application.yml.

application.yml

development:
  username: Mark
  password: secret123

production:
  username: admin
  password: supersecret123

If I then want to get the values somewhere in my code then I can use the following syntax:

Figaro.env.username

Which should return (in development):

Mark

When you push the code to live the same command will pick up the value from the production block and return:

admin

Similarly you can get the password with the 

Figaro.env.password

When pushing to live the application.yml is a file like any other. Like I said in your comment I don't know how you are deploying. We have a capistrano script that runs copying the repo to the server. The application.yml is then manually added because it is not included in the repository. We don't use Heroku and I have never used it myself so can't comment on it.

Hopefully this adds some clarity.

Mark Davies
  • 736
  • 1
  • 7
  • 26