如何在Rails中存储第三方服务的凭据 [英] How to store credentials for third party services in Rails
问题描述
我正在通过SendGrid为我的rails应用程序发送的邮件设置重定向。
但是我对告诉我存储凭据的方式并不十分满意。
I am setting up a redirection through SendGrid for the mails sent by my rails application. However I am not really satisfied with the way I'm told to store the credentials.
按照指定的方式有,他们建议覆盖config / environment.rb中的ActionMailers默认设置。文件。我发现我的前任创建了一个initializers / smtp.rb文件,他在其中定义了先前的设置,但是通过发现此文件,我发现了SMTP密码...
As it is specified there, they suggest to overwrite ActionMailers defaults in the config/environment.rb file. I've found out that my predecessor created a initializers/smtp.rb file where he defined the previous settings, but by discovering this file, I discovered the SMTP password...
如果我修改了这些文件中的任何一个,则有权访问git存储库的anuone将有权访问凭据(包括与我们合作的前端和后端自由职业者)。
If I modify any of these files, anuone having access to the git repository will have access to the credentials (including the front-end and back-end freelances we work with).
我正在考虑创建一个文件,该文件将保留在服务器的共享文件夹中(例如database.yml文件),并且由于capistrano而在每次部署时均与应用程序建立符号链接。
I was thinking of creating a file that would stay on the server's shared folder (like the database.yml file) and that would be symlinked to the app each time we deploy thanks to capistrano.
您怎么看?将这个initializers / smtp.rb移到服务器的共享文件夹并在部署时进行符号链接是否可以?
What do you think of it? Would it be okay to just move this initializers/smtp.rb to the server's shared folder and symlink it when deploying?
推荐答案
我的建议(我见过的建议):
My suggestion (what I've seen done):
将API密钥和敏感信息移动到 config /
下的 yml
文件中。
Move API keys and sensitive info into a yml
file under config/
.
将此yml文件加载到变量中,例如
Load this yml file into a variable, for instance
KEYS = YAML :: load(File.open(# {RAILS_ROOT} /config/config.yml))
Voila。
另外,例如,当将代码放在GitHub上时,此 config.yml
将是您添加到 .gitignore $ c $的内容c>。相反,制作一个
config-example.yml
并告诉您的开发人员获取自己的密钥和密码,并将其存储在本地的 config.yml中。
。
Also, when putting your code up on GitHub for example, this config.yml
would be something you add to the .gitignore
. Instead, make a config-example.yml
and tell your developers to get their own keys and passwords and such, storing them in their local config.yml
.
这篇关于如何在Rails中存储第三方服务的凭据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!