Once upon a time when I didn’t know what I was doing.
I was trying to setup a rails app for my wife and have her family upload images and a birthday message. After some research, I decided to use Amazon Web Services to host my images. I got it configured in my rails app with Paperclip and that is when I made a fatal, fatal, fatal error.

I put in my bucketname and password directly into my code.

The following morning, I received a call from Amazon. Confirming whether I had setup 5 instances across the world racking up $250 overnight.
I freaked out a little.
After getting that resolved, I searched for how I can avoid making that stupid mistake again. My research turned up a gem called Figaro.
Figaro is used to hide confidential information. Usernames, passwords, you name it and it will store the variables in a file that will be automatically ignored from git and can easily be configured for Heroku.

Getting Started

As always, you want to start by adding Figaro to your Gemfile.

1

gem 'figaro'

Note: Always run bundle after changing your gemfile

Next we will bundle our gems for use.

1

bundle

Note: bundle is shorthand for bundle install.

Generating and Using Figaro Logic

The Figaro gem comes with a generator that will have rails install the ‘./config/application.yml’ file, and add it to the git ignore list.

1

figaro install

UPDATE: with the new version of Figaro, the old ‘rails g figaro:install’ command no longer works. Use the new ‘figaro install’ to get application.yml and ignored.
Note: g is short for generate.

Now it’s time for the magic.
Open up ‘./config/application.yml’. I’ll be assuming that you are trying to setup a mailer and need your Gmail username and password.

1
2

GMAIL_USERNAME: testdummy@gmail.com
GMAIL_PASSWORD: password123456

These files are now able to be accessed via Environment Variables. Environment variables can be called in any of your rails files. Normally, you can access Environment Variables one way.

1

ENV["GMAIL_USERNAME"]

Note: All Caps are critical.

This will render testdummy@gmail.com wherever the environment variable is envoked. A way of calling environment variables through Figaro is to use their syntax.

1

Figaro.env.gmail_username

Now instead of caps, brackets, and quotations; it is a simple method call.

Multiple Environments

Figaro allows the use of different variables in different environments. For example, in the Gmail example; let’s say you want to have a test email address for development, but a special email account for production emails. For figaro it’s a simple setup.

1
2
3
4
5
6

development:
  GMAIL_USERNAME: testdummy@gmail.com
  GMAIL_PASSWORD: password123456
production:
  GMAIL_USERNAME: superawesome@gmail.com
  GMAIL_PASSWORD: W$aIk91@45*lkM

Note: The indentation is critical.

That is all.
Figaro and Rails will know which environment you’re in and use that particular username and password.

Setting up for Heroku

Let’s say that you are wanting to deploy your app through Heroku, but don’t know how the environment variables can be setup on the remote server.
No fear!
A simple command and figaro will take care of it for you.

1

rake figaro:heroku

BOOM.
Your environment variables have been setup on Heroku. If you wanted to confirm that they’re setup all nice and tidy. After deploying to heroku, type in the command.

1

heroku config

Go Play!

Now figaro has been installed on your Rails app, you can deploy easily to heroku, and your information has not been compromised. I’d call that a pretty good day.