How To Setup Environmental Variables In A Rails Application

Security is and will always be a very big deal, this is largely true in all spheres of life but more-so in software development. One costly mistake can leave you vulnerable to stolen API Keys and Secrets, we wouldn't want that now, would we?

Figaro is a rubygem that uses a single YAML file located in the config directory, to hide environmental variables.

To set it up, simply add the following to your Gemfile located in the root directory of your rails app

gem "figaro"

Then run

bundle update

in your terminal to update all gems which will now include the figaro gem.

Now for the fun part, run

bundle exec figaro install

This creates a

config/application.yml

file in the root directory of your project and also adds the application.yml file to the .gitignore preventing the file from being uploaded to the various version control repository management services.

Let's say we were working with the cloudinary API for image uploads, cloudinary usually provides us with a couple of environmental variables. To use them in an application after installing and setting up figaro, simply add the following to the

config/application.yml

file

CLOUDINARY_NAME: "2954"
CLOUDINARY_API_KEY: "7381a978f7dd7f9a1117"
CLOUDINARY_API_SECRET: "abdc3b896a0ffb85d373"

To use any of them in any part of your application, simply call them as follows;

Use

ENV["CLOUDINARY_NAME"]

where you would have otherwise called

"2954"

.