Starting in Rails 5.2+, the framework now comes with a built in way to encrypt configuration credentials and environment variables. In previous versions an application would need to use a tool such as dotenv or figaro, and you could NEVER include the variable values in version control for security reasons. However, now all of the credentials are encrypted, and a single master key can decrypt them. This means that your team can add the credentials to version control and share them with much more ease.
Below is a cheat sheet that shows the common commands needed to work with Rails encrypted credentials.
Editing Credentials
rails credentials:edit
This will use your default text editor to edit the file.
Generate a New Application Secret
rails secret
Flat Syntax
Nested Syntax
Querying Flat Keys
Rails.application.credentials.some_special_variable
=> "secretstuff"
Querying Nested Keys
Rails.application.credentials.production[:aws][:access_key_id]
=> "123"