Filtering shell environment variables

marcel's Avatar

marcel

11 Oct, 2010 10:50 PM

I'm using Heroku with Exceptional. The accepted practice with Heroku is to put sensitive things (AWS secret key, websolr password, mongohq password, etc) into the application's shell environment variables. This way they're not in source control, and its easy to have a staging vs production setup by just setting different values.

I noticed that exceptional grabs all of those values and displays them on the web panel. This is bad for pretty much anyone using Heroku in production.

I looked for a way to configure keys to filter, but I only found a hook for request parameters. So I wrote a small monkey patch to override Exceptional::ApplicationEnvironment.extract_environment. It looks for an array of keys to filter and replaces the values with "[FILTERED]".

  1. 1 Posted by Ciaran Lee on 12 Oct, 2010 10:42 AM

    Ciaran Lee's Avatar

    Hi Marcel,
    That's a good idea. We will implement this.
    Regards,
    Ciaran Lee

  2. 2 Posted by Ciaran Lee on 08 Dec, 2010 07:05 PM

    Ciaran Lee's Avatar

    Hi Marcel,
    Sorry for the delay. The latest version of the exceptional gem (2.0.30) supports filtering of environment variables. Docs here.
    Kind regards,
    Ciaran Lee

  3. Ciaran Lee closed this discussion on 08 Dec, 2010 07:05 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac