Provide some .env file for secrets

[choosen]

We should encourage people to store credentials outside the codebase.
Currently there are i.e. github credentials stored as plain text in config/github

[abhaynikam]

@choosen I am sorry the issue is not quite clear to me. Could you share some more details? Is this a new feature request or problem with an existing generators? 😊

[choosen]

@abhaynikam https://youtu.be/9vaK9nDMbU8?t=584 devise config should encourage to set up it through environment
variable

So this is more about existing generator (devise oauth), but that practice should be applied anywhere

[choosen]

example article:
https://blog.arkency.com/2017/07/how-to-safely-store-api-keys-in-rails-apps/

[coolprobn]

We have added generators for dotenv and Rails also already has Credentials now.

I have not looked into the implementation yet for Oauths but if we are using plain text then we definitely need to migrate them off to use ENV or Rails.credentials

Please feel free to take this on if you want. Examples for such cases are in new generators:

• boring_generators/lib/generators/boring/sentry/install/install_generator.rb

  Line 35 in faaf902

  def sentry_dsn_key

• boring_generators/lib/generators/boring/honeybadger/install/install_generator.rb

  Line 38 in faaf902

  def honeybadger_api_key