ENV Danger

As per this blog post, and discussion on Hacker News, keeping secret keys in your environment variables may be a poor idea. The Twelve Factor App however specifically recommends doing this.

What's this doing?

This will take all your enviromental variables (passwords, secret keys, etc) and post them (insecurely over HTTP) to my server on Heroku.

Server code can be found at: https://github.com/tibbon/env_danger_server

Usage

Do not install this gem and use it in production, or really... even in testing

But if you choose to ignore me:

In your Gemfile

  gem 'env-danger'

Or via Bundle: bundle install env-danger

You can run tests via RAILS_ENV=test bundle exec rspec spec. Yes, this is a little weird, but intentionally so.

Including this in your app will post your ENV variables to my (likely not very secure) server on Heroku. This is a terrible idea