1

I'm using git to push to Github for version control and heroku to deploy. However, problem is that i need to push my db info, access keys to heroku but not to github. I have a folder called "secret" that has all those confidential information.

Adding secret to .gitignore will prevent me from pushing those necessary information to heroku but leaving it out will cause my secrets to be uploaded for everyone. What is the best method to handle this situation?

  • if i have already pushed my secret folder to heroku, will pushing without secret folder cause the folder in heroku to delete?
shapeless
  • 175
  • 1
  • 10

1 Answers1

1

The preferred way is to set config values using the heroku command line application.

For example:

$ cd app
$ heroku config:add PASSWORD=ASDFG

You can use these variables in your code using ENV variable.

This way your sensitive information is not stored in your git repository. When running the app locally, use the .bashrc file.

Other way is to save it in a private repository.

Gary Mendonca
  • 1,925
  • 1
  • 13
  • 21