The pain of setting up different environments in development and production (Rails 4 app)

As a best practice, my development team does not save the application config file to the repo for security reasons (we use the file config/application.yml

to store the config). However, when we do design and deploy, it causes some problems:

  • The developer must add a new external url, which differs depending on the environment the application is running in. Since there is no config file in the repo, it cannot update one file that syncs when another developer pulls in the code. For this to happen, it updates its local file config/application.yml

    , and then every other developer updates its local file, and then we have to add a new ENV variable to the server config/application.yml

    . Should be the best solution.

  • If we saved the file config/application.yml

    to the repo and shared it between everyone and the servers, this solves the problem of sharing / updating global configurations, but it opens up the possibility that a developer could accidentally run their local application in production mode and touch live data or spam real users with test emails (this happened so this is a concern).

Are there standard best practices to address these issues? I seem to either sacrifice performance for security, but I also can't have both.

I was thinking about creating a file config/development.yml

in a repo that is shared by all developers, which stores all EXCEPT production environments. This way they can share / ENV config items for development and synchronization. But in production I would have a file config/production.yml

that ONLY lives on the servers.

If the application is started by anything other than the desktop, it downloads the file development.yml

. If it is run in production, it downloads the file production.yml

. But since the file production.yml

does NOT work in the repo (servers only), there is no chance that a developer could accidentally touch live data or spam real users, etc.

Have any professional developers asked for such a scheme? I did a lot of searching but didn't really find a satisfactory solution.


source to share

1 answer

Have a look at the RailsConfig gem. It allows you to do what you stated, but with the ease of a gem. It also allows you and your development team to have local yaml files that override settings.




Then you will have it config/settings/production.yml

inside .gitignore

so it doesn't get checked in the original control.



All Articles