Right now we auto-deploy from this repo to heroku, which means we needed to included the config/db.js file to connect to our database. This file includes our database login credentials in plain text, which seems like a bit of a security risk.
We need to investigate a strategy for including that file in the heroku deployment while either not including it or hiding/obfuscating the credentials in this repo.
Heroku allows you to add mLab as an 'add-on' but it requires you to enter credit card info, which I'm not too keen on. I'd like to just continue using the mLab account I already have set up
Right now we auto-deploy from this repo to heroku, which means we needed to included the config/db.js file to connect to our database. This file includes our database login credentials in plain text, which seems like a bit of a security risk.
We need to investigate a strategy for including that file in the heroku deployment while either not including it or hiding/obfuscating the credentials in this repo.