Missing secret_key_base for production environment - placing rails 4.1.4 app on heroku
I have created a rails 4.1.4 application which I am trying to host on heroic, but I am getting the following error:
None secret_key_base
for production
environment, set this value toconfig/secrets.yml
My secrets.yml file looks like secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
under production
I ran a secret cache and saved the result in the SECRET_KEY_BASE environment variable. When I log into my heroku app, I can see this value stored in the Config Variables when I click on settings.
Other solutions suggested that I add config / secrets.yml to git and redeploy to heroku, but I don't want to add secrets.yml or any yml file to source control.
Any ideas?
Thank!
source to share
When deploying to Heroku, you deploy via Git. Any files not included in the git repository will not be redirected to your server. As a result, it doesn't currently matter what you have in yours secrets.yml
- it doesn't deploy.
There is nothing wrong with making config files or YAML files - the problem is creating secrets. If you share your API keys and passwords, you must trust everyone with access to the source code. This is not possible if your code is on Github (because you don't trust everyone on earth with a computer), but still a bad idea in a small company. It will be much less for you if someone leaves, loses their laptop or gets infected with malware if they don't have credentials on their machines.
You are already doing the right thing to avoid it. Using environment variables to customize your application keeps these secrets from your repository even if these configuration files are committed.
source to share