Our applications will often need access to various credentials in the form of API tokens, usernames, and passwords for integrations with third-party services. We can store this information in our Git repository, but then, anyone with access to our code will also have a copy of our production credentials. We should instead use environment variables to store any configuration information for our application. Configuration information should be separate from our application's code and instead be tied to the specific deployment of the application.
Changing our application to use environment variables is simple. Let's look at an example in Ruby; let's assume that we currently have secret_api_token
defined in our application's code:
secret_api_token = '123abc'
We can remove the token and replace it with an environment variable:
secret_api_token = ENV['SECRET_TOKEN']
In addition to protecting our credentials, using environment variables makes our application more configurable...