sekmo said over 6 years ago on Encrypted Credentials in Rails 5.2 :
How can we use the Credentials feature in a 5.0.2 rails project? Is there any gem that has a similar approach?

David Kimura PRO said over 6 years ago on Encrypted Credentials in Rails 5.2 :
You're best bet would be to upgrade to Rails 5.1.X if possible and use the encrypted secrets. It will at least get the code base up to a point where swapping out the encrypted secrets for credentials an easier task.

sekmo said over 6 years ago on Encrypted Credentials in Rails 5.2 :
Thanks! But what can I do if at the moment I have to keep the 5.0.x version?

David Kimura PRO said over 6 years ago on Encrypted Credentials in Rails 5.2 :
I'd say it would depend on how you're deploying to the production environment. Basically, you can use your `secrets.yml` file to store all of the keys and values. Within each of the values, reference an environment variable. So, within the file, you may have something like this: ``` production: database_password: ``` At least, in this way, you're not storing sensitive information in the codebase. From here, you can set your Environment Variables how you see fit. On a production deployment, it could be through ansible/chef/capistrano that is setting the ENV Vars or something similar.

mcfoton said over 6 years ago on Encrypted Credentials in Rails 5.2 :
Thanks for the episode! Though what are the pros compared to [this](https://github.com/rails/rails/pull/30067#issuecomment-389712484) solution?

David Kimura PRO said over 6 years ago on Encrypted Credentials in Rails 5.2 :
In this situation, the developers must have access to the master key which would expose production secrets to more people than necessary. This of course depends on the layout of the R&D team. If it is a solo developer working on a personal project then the exposure is obviously limited. However, in a larger setting, often the developers will not have access nor the secrets to the production environment.

mcfoton said over 6 years ago on Encrypted Credentials in Rails 5.2 :
Got it, thanks!

Login to Comment