Ruby on Rails : Forman : Passing Environment variables and secrets

With foreman you can use .env files to declare the environment variables for your app (and it’s dependencies) and maintain them isolated from the rest of your environment. So, if you’re using theaws-sdk gem, your .env file would look like:

AWS_ACCESS_KEY_ID=your_api_key
AWS_SECRET_ACCESS_KEY=your_secret_key
AWS_REGION=us-west-2

And foreman automatically loads the .env file that is at the same directory as your Procfile.

This way you can make all environment specific configuration for your app to live at this .env file and let every developer set their own specific configurations here. All variables declared here will be available for all processes started by foreman as environment variables.

So you dont need to manually set like

workers: bundle exec sidekiq -c 10
AWS_ACCESS_KEY_ID=ARGV[0]

For different envisonments you can have different .env files like dev.env, prod.env and load like

$ foreman start -e dev.env

I want foreman to prompt me to enter them at runtime. How can I enter the variables at run time?

create a ruby file called secrets.rb and

# in Procfile
web: ruby 'secrets.rb'

# in secrets.rb
require 'io/console'
$stdout.sync = true # this will make ruby disable buffering the input; throws input direct to stdout
puts 'hello; please type password'
password = STDIN.noecho(&:gets).chomp

ENV['password'] = password
puts "Password has been set as #{'*' * password.length}; check ENV "

This will ask/prompt you to enter password and your secrets wont echo and will be kept secrect. thanks to STDIN.noecho

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s