Provide some .env file for secrets
Opened this issue · 4 comments
We should encourage people to store credentials outside the codebase.
Currently there are i.e. github credentials stored as plain text in config/github
@choosen I am sorry the issue is not quite clear to me. Could you share some more details? Is this a new feature request or problem with an existing generators? 😊
@abhaynikam https://youtu.be/9vaK9nDMbU8?t=584 devise config should encourage to set up it through environment
variable
So this is more about existing generator (devise oauth), but that practice should be applied anywhere
We have added generators for dotenv and Rails also already has Credentials now.
I have not looked into the implementation yet for Oauths but if we are using plain text then we definitely need to migrate them off to use ENV or Rails.credentials
Please feel free to take this on if you want. Examples for such cases are in new generators: