In the rails configuration:

config.secret_token = ENV['MYAPP_SECRET_TOKEN']

You could improve that by, for example, raising an exception if the environment variable is empty.

Then, to configure your Heroku app, run the heroku config command:

$ heroku config:set MYAPP_SECRET_TOKEN=some-random-secret

In a development environment, simply set the environment variable in your shell:

$ export MYAPP_SECRET_TOKEN=some-random-secret

If you have many variables, you might wish to save the export command(s) in a file that is gitignored and source it:

$ source secret_variables.sh

Since the secrets are never checked in anywhere, you eliminate the risk of accidentally merging them into the wrong branch.

* Use git as my version control
* Work in development branches and merge them into master
* Frequently push changes to a public, open source git repository (eg Github)
* Be able to deploy to Heroku

The problem:

By default, any secrets (eg "config/initializers/secret_token.rb") are present in my repository. Simply including them in .gitignore makes deploying to Heroku difficult, as Heroku needs to compile their slug from a branch of my git repository (and those secret files need to be present).

Looking at this link (http://groups.google.com/group/heroku/b … 9204c70574), the solution is to include secret files in the .gitignore of the Master branch, and then create a Deploy branch that does not ignore secret files. You work in Master, and then when you're ready to deploy, you do the following:

git checkout deploy
git merge master
git push heroku deploy:master

This seems like an ok solution, but breaks when you want to work on a local server. Because your Master or Development/Topic branches do not include and secret files, running:

rails server

Will produce the following error:

A secret is required to generate an integrity hash for cookie session data. Use config.secret_token = "some secret phrase of at least 30 characters"in config/application.rb

I can't just checkout the Deploy branch, because then I won't be able to edit code while the server is running.

So my solution for now is to have a Master branch that contains everything (plus other development branches) and then a Public branch created like so:

git checkout -b public
git rm some_secret_file
git filter-branch --index-filter 'git update-index --remove some_secret_file' public
echo "some_secret_file" >> .gitignore
git add .gitignore
git commit -m "remove secret files"
git remote add origin git@git.......
git push origin public

Then when hacking away:

git checkout master
do something nifty
git add something
git commit -m "add something nifty"
git checkout public
git merge master
git push origin publich

I think this basically solves the problem, but I'm concerned that if I ever modify .gitignore in master and then merge it into public that the secret files will some sneak on to Github.

This scenario seems common, but I have yet to find any information on it. Does this setup seem reasonable? Has anyone found a better way to do this?

Thanks much!