Deploying to Heroku with sensitive setting information

I'm using GitHub for code and Heroku for the deployment platform for my rails app.

I don't want to have sensitive data under Git. Such data include database file settings (database.yml) and some other files that have secret API keys.

When I deploy t开发者_JS百科o heroku, how can I deal with files that are not under revision control.

When I use Capistrano, I can write some hook methods, but I don't know what to do with Heroku.

For Heroku, you'll need to have database.yml under Git because Heroku will automatically read it and create a PostgreSQL configuration from it.

For other sensitive information such as API keys, Heroku provide config vars which are effectively environment variables. You can add them using:

heroku config:add KEY=value

—and access them from within your application using:

ENV['KEY']

Note that config vars can be listed, added and removed using the heroku command-line program and that once set they are persistent.

• Heroku Config Vars documentation

I would create a local branch, let's call it SECRET, and make the 'secret' modifications there. Commit them and DO NOT push them to github.

Now just checkout and keep working on the master branch till ready to release.

To prepare the release checkout the SECRET branch, merge the master branch into it, and push it to heroku as usual.

(BTW : I always forget to switch back to the work branch, git stash is your friend in this case)