Rails configuration policies
Rails config files tend to get a bit messy, but everywhere I worked they mostly follow a similar set of policies.
There are typically 2 kinds of settings in an app.
Business settings
These settings are “businessy” in nature. Examples: support email, number of days before a user should be logged out, etc. The same setting often spans all environments.
Technical settings
Some config settings are controlled completely by engineers who write the code. These are split into 2 categories:
- Secret settings — encryption keys, api credentials, etc. We probably want to keep these in control of developers in development and test/CI environments. In production, these would typically come from ENV vars. Let’s call them creds.
- Plain settings — feature flags, hostnames, behavior changes between environments. These don’t necessarily need configurability via ENV vars, but they optionally can be.
Note: Who’s in charge of each of these?
Code snippets in this post are covered by MIT License.