Best Practices for storing API Keys, DB user / passwords, etc...
I would like to get everyone's take on what are is the best practice for storing DB usernames/passwords, API keys, Contstants, Etc... Should they be stored in config/environments/ then in test, development production accordingly? Some of these files do end up in verstion control. Thoughts?
Check out this episode on Rails credentials. This is what I strongly recommend as all your credentials are easily organized and encrypted. Then in production you only have to set RAILS_MASTER_KEY to decrypt the file. Much easier to manage this way.