Since Heroku is deployed via Git, and config/secrets.json is in .gitignore it's impossible to deploy if you need it.
I'd also like to mention.. running: heroku run geddy secret doesn't work either after pushing your app to heroku.
heroku run geddy secret
Alright so here's what i've discovered thus far and this will require some code edits of some sort im sure.
If you create a secrets.json file, remove it from .gitignore and the secrets.json file is like so:
you commit, and push it to heroku you will have a starter template secrets.json file.. You can then run a bash prompt on heroku... heroku run bash and then you can run geddy secret at the root of your app folder, and it will create the appropriate key in config/secrets.json. However, when you issue heroku restart back on your local machine it will recompile the slug and ignore what was in the config/secrets.json most likely because your last commit had an empty secrets.json file...
heroku run bash
I could tell this by running heroku logs -t when i issue restart and i get back a dump of all of the config's for the app. In those configs, its showing as "secret": "".
heroku logs -t
This is probably because when you start the app im guessing it writes into memory the secret: hash..
One step closer, as you can actually get heroku to create the secrets.json hash string just can't get geddy to recognize it.
Ruby on Rails allows developers to use ERB syntax within config yaml files.
This enables the access to environment variables, accessing the secrets specified with heroku config:add command.
IMHO maybe Geddy can provide something similar to Ruby on Rails?
Passing secret.json to an EJS evaluator before invoking the JSON parser should do the trick.
NM, implemented in bfa7650, pushed to master.
Just commit your secrets.json file to Git (i.e., remove from the .gitignore), and use EJS with environment variables so your secrets don't end up in revision control.
Wow that was fast! :D
Sweet! I've been looking forward to this too. +1