In Rails 5.2 the way credentials are stored and used in an application changed. Previously, credentials or environment variables were not versioned, thus for every environment used to run the application would have to be given the variables separately. This was to prevent instances of environment variables leaking if the repo was public.
Starting in 5.2 and moving forward, credentials can now be stored in the application and versioned. Viget has a nice write up of how the new mechanism works and how to go about accessing, updating and using the credentials.
Specifically helpful was the section on how to go about setting up your credentials on Heroku. Which moving forward is super nice! All you have to do is provide the Heroku application with the master key and Heroku will read the credentials straight from the
credentials.yml.enc file. I find this a lot more streamlined because you don’t have to spend time adding in and making sure Heroku has the latest credentials. You change it once in the application and it’s usable on the server.