DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’» is a community of 966,155 amazing developers

We're a place where coders share, stay up-to-date and grow their careers.

Create account Log in
aiodell
aiodell

Posted on • Updated on

Setting Up An Environmental Variable

When I was searching for action mailer setups, everyone talked about environmental variables, but I never saw them showing people how they are set up. They usually mentioned something along the lines of β€œIf you can figure out environmental variables, you are a step ahead of the game”.

Personally, I think they should have been mentioned because these environmental variables are important in keeping your secrets safe from the public, especially when it comes to the username and password for the email you will be using for the mailer.


To set up the environmental variable

In the initializers folder, create a ruby file named something that you will be able to identify as the place for your variables. In my case, I used app_env_vars.rb or application environmental variables for short. In that folder, created the variables to look like this:

Environmental variables for a Gmail account

These will replace the actual username and password of your account.

Now, if you were to create these variables and push these to a public repository, you would be exposing your secrets to everyone who checks out your code. Git Hub will surely send you and email and scold you in GitHub fashion to inform you that you have been exposing your secrets for (x) amount of minutes and the time will continue to increase until you make these changes. When in doubt, you can always utilize Git Guardian to your advantage. It will inform you of all exposed secrets.

To make sure this does not happen, go into the .gitignore file and paste the relative location of the environment file you have created. This means no one will be able to see your information. The only thing they will see are the names of the variables you created. Mine looks like this:

example of a file being pasted into .gitignore


The environmental variables do not have to apply only to the creation of action mailer as I have shown. For example, if you were to use the devise gem it contains a key within the comments that should become an environmental variable instead. Bottom line, if you are working on something that involves using a key or password or any kind of information that could create a security risk, create that environmental variable.

Top comments (0)

🌚 Friends don't let friends browse without dark mode.

Sorry, it's true.