7 days of WordPress plugins, themes & templates - for free!* Unlimited asset downloads! Start 7-Day Free Trial

Next lesson playing in 5 seconds

  • Overview
  • Transcript

3.2 Environment Variables

Sensitive information shouldn’t be checked in to source code control—especially not in a searchable public repository like the one GitHub provides. Environment variables allow us to inject data from the shell that runs the app. In this lesson, I’ll show you some examples of how to work with environment variables.

Related Links

3.2 Environment Variables

If you recall from the Get Started With Ruby on Rails course, you will know that I like to use environment variables to hide sensitive information. I use environment variables like this one to mask the server, user and password combinations for sending email. I mean, I have my own user account and I really don't need to show that around to you. The way that you achieve this in Heroku is actually pretty cool. I actually like the solution a lot. I just wanted to show you this. Let me just close the editor really quick. You know for a fact that we have at least three environment variables. But how do we do that in Heroku? Well, there's this command called, heroku config. heroku config gives you a list of environment variables defined in your application environment. As you can see, we have for example, RACK_ENV and RAILS_ENV set to production. SERVE_STATIC_FILES to enabled. And for example, a token for the SECRET_KEY for setting forms. And also the DATABASE_URL. These are all the environment variables in the application that are being used, but I need some more. I need those SMTP server, user, and password combos. How do I do that? Well, you use the following command. Let's type in heroku, and then, config:set. This will set a variable. Let's type in SMTP_USER, for example, which will be equal to my Tuts+ address. So, tutsplus.josemota.net. You can see that it is going to set that specific variable. And it will restart the application in everything, which is pretty cool. It will start again, with this specific environment in mind. So it will just kill the application server and start it all over. Now, if I type in heroku config, like so, you will see the list of all the variables including SMTP_USER. So that's pretty neat. If you want to retrieve a particular variable you use config:get. Let's see if I want to type in RACK_ENV, if I will get production. Most likely. There you go. Now if I retrieve the SMTP_USER, which is the one that we defined, it will retrieve my own address. So, config variables are really important if you want to mask out specific information. This will become very important of course. This procedure around setting environment variables is really important. You should really not include any information in your source code. So, definitely make sure you mask out all of that sensitive information, hide it from the public, and just inject them manually as you can do so with Heroku. Check the link in the description below to learn more around config variables.

Back to the top