I'm developing an open-source Rails app, and I'd like to make it simple to specify secret configuration values when deploying a copy, while making it difficult to accidentally check those values into a repo.
For example, the app has a Yahoo App ID for use with their APIs. My default way to specify this is to add an initializer: config/initializers/secret_yahoo_app_ids.rb ----------------- # The Yahoo! API keys for use with this application Ringsail::Application.config.yahoo_app_id = 'SDOIUGSKJHGIOUYITSABUNCHOFRANDOMCHARACTERSDOIUGSKJHGS' ----------------- To keep that out of the repo, I add it to .gitignore and hint at it with a *.template file that looks like this: config/initializers/secret_yahoo_app_ids.rb.template ----------------- # The Yahoo! API keys for use with this application Ringsail::Application.config.yahoo_app_id = 'ADD YOUR YAHOO ID HERE' ----------------- Having a bunch of those sprinkled around the app is kind of a nightmare for the deploying user to deal with. Is there a better place to put a bunch of these values and keep them secret? Is that more of a job for Chef? Thanks, ~chris -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby
