I am considering ideas for a project in which I would have to deal with a big amount of stripe’s credentials for entities I’m dealing with. Traditionally, I would have used environmental variables, but I was wondering If maybe having too many of them would be a problem.
Let’s say we are talking about 1000+
Would you need all the stripe credentials all the time (in memory)? Would you need to update them with deployments or would you need something more real-time?
Not sure if having many environment variables could pose an issue, I can imagine processes becoming heavy due to this (eg.: on fork) but I don’t have hands-on experience on a similar setup.
Furthermore, I think nowadays is not a good practice to store secrets in environment variables, some discussions in the topic:
There are many alternatives, AWS also offers some services, there is also Vault from Hashicorp, or keywhiz from square which might be better suited for this use case.
How about using encrypted Rails credentials/secrets?
I’m also interested to know what is the difference between them and whether there is a guide about them somewhere.
Secrets which was introduced in Rails 5.1 is deprecated in favor of credentials since Rails 5.2.
Sources:
Handling all these manually using ENV or even rails credentials doesn’t seem practical. You probably need a 3rd party service or your own solution.