I read somewhere, but can't find where to add secret keys to Heroku without putting them in the git repository source code?
I think this helps protect it when I click on github.
How do I do this and what makes sense?
http://docs.heroku.com/config-vars
Then add development keys to the initializer:
#config/initializers/keys.rb development: SOME_KEY = 'abc123' #not your production key testing: SOME_KEY = 'abc123' #not your production key #production: #blank
Optionally add an initializer to .gitignore. Not required as your production key is not saved.