ruby on rails: heroku: Missing `secret_key_base` for 'production' environment

Asked 3/7, 2016 at 7:49 Answered 9/9, 2024 at 20:23

ruby-on-rails ruby ruby-on-rails-4 heroku environment-variables

I added the key into heroku config var, but I'm still getting the error.

Is this the correct way? I ignored secrets.yml as I read from other sources that its not a good idea to push this to the public.

in the heroku config var:

[key] SECRET_KEY_BASE
[value] 3280570382948240938

in secrets.yml

production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

What am I still doing wrong?

Furthermore, if I put my secret keys into heroku's config variable, don't other developers get to see this too? So, isn't that still kind of public? I've always wondered this concept.

Cassino answered 3/7, 2016 at 7:49 Comment(1)

Other developers cannot see your environment variables, since each Heroku app runs on a separate virtual service instance. – July 3/7, 2016 at 9:9

you can set environment variable with heroku config

first generate secret key with run below command on terminal

rake secret

Now use that key on below command

heroku config:set SECRET_KEY_BASE='put here new generated key'

you can refer this link for more refference

https://devcenter.heroku.com/articles/config-vars

Muscovado answered 3/7, 2016 at 8:29 Comment(0)

I had the same issue today, but for me the solution was a bit different. I realized that in my local environment, I had been using:

Rails.application.secrets.secret_key_base

but for Heroku, instead use:

Rails.application.secret_key_base

^This worked in my local environment as well. Not sure what the extra .secrets is for.

Hibernaculum answered 5/1, 2021 at 14:46 Comment(1)

I also had the same issue which this fixed. Rails 6 + following a Scotch Rails API tutorial. – Willable 13/1, 2021 at 2:59

here is a fool-proof way to set the secret key base with heroku:

heroku config:set SECRET_KEY_BASE=$(rake secret)

you can see it with heroku config:get SECRET_KEY_BASE

and check that rails picks it up with Rails.application.secret_key_base (in heroku run rails console for instance)

Resemble answered 26/4, 2019 at 13:22 Comment(0)

With heroku it will setup a master.key file for you when the initial deployment is complete, you just need to grab the values from that file. No need to mess with creating extra files in rails 7+ and Heroku sets up the SECRET_KEY_BASE env var for you automatically, just do the following below:

go to config/environments/production.rb

find this line that is commented out (aprox line 20ish) and remove the comment config.require_master_key = true

next go to your console and run this command to get the .gitignored master.key value to populate into the heroku env vars

heroku config:set RAILS_MASTER_KEY=`cat config/master.key`

# yes thats a tilda, make sure it remains a tilda so that the shell command executes

Was not super clear, had to dig through several docs and issue tickets to figure it out, hope it helps

Decrease answered 9/9, 2024 at 20:23 Comment(0)

Recommended topics

Hot tags