> but I wouldn't mind knowing what you mean/how you > do: > > "For git I configure my app not to include any sensitive information so it > will not appear anywhere." For example, I add the database.yaml file to .gitignore and instead store database.yaml.samle.
Of course if you get the code from Git for the first time you have to rename database.yaml.sample to database.yaml and set proper credentials. (But for heroku deployments it is not that critical as you don't store DB connection details in database.yaml anyway) > > The general way to set up config values is with heroku config:add > > NAME=VALUE I have no idea what level of security that affords you that git > > would not, but that's all I know of. (I'm far far from an expert here > > though). Thanks a lot. It should do the job. Related docs are here for others to save some Googling: http://docs.heroku.com/config-vars The heroku guys provide S3 credentials as an example (in the docs). So I guess they realise that those are sensitive details and take appropriate security measures. Cheers, Dima. http://ApproachE.com -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
