Installing New Relic without adding license key to repo

Question

I want to install New Relic on one of my open source rails applications (v 3.2.12). I don't want to have the license key in the repo. I'd like to load it with something like ENV.

By default that's loaded in the newrelic.yml file.

Where is that YAML file loaded? I guess I could manually merge it with a hash that loads the license from the ENV hash.

Any hints on how to do that?

score 14 · Accepted Answer · edited May 23 '17 at 12:17

14

I use the Figaro gem to handle secret keys with ENV environment variables, similar to you. For New Relic, I have:

config/application.yml (.gitignored and not pushed to source control)

# ...
NEW_RELIC_LICENSE_KEY: {{MY_KEY}}

which is then referenced in config/newrelic.yml:

# ...
license_key: <%= ENV['NEW_RELIC_LICENSE_KEY'] %>

A file called config/application.example.yml gets pushed up to the source code repo with instructions to put your own license key in:

config/application.example.yml

# ...
NEW_RELIC_LICENSE_KEY: # put your license key here

Also see this StackOverflow Q&A for more details:
What should be removed from public source control in Ruby on Rails?

edited May 23 '17 at 12:17

Community

1
1

answered Feb 14 '13 at 01:17

Paul Fioravanti

16,423
7
71
122

Is it important to keep this license key secret? What can people do if they get this key, fill New Relic with false information? – joscarsson Jun 08 '14 at 11:52
2

Since the license key ["is used to locate the correct account to store data into when the agent connects to servers"](https://docs.newrelic.com/docs/ruby/ruby-agent-configuration), I would say that yes, someone with your license key could use it to fill New Relic with false information, degrading the quality of your service. New Relic doesn't publish license keys but keeps them secret [on your account settings page](https://docs.newrelic.com/docs/subscriptions/license-key) (protected by your account password), so I think it's best keep it private and off public repositories. – Paul Fioravanti Jun 09 '14 at 01:11

score 7 · Answer 2 · answered Feb 13 '13 at 22:55

7

I got a useful answer on IRC. newrelic.yml is erb interpolated. Meaning I can just add <%= ENV["NEWRELIC"] %> to the yml file.

answered Feb 13 '13 at 22:55

Cyrus

3,687
5
35
67

score 3 · Answer 3 · answered Dec 03 '16 at 11:55

Yes to the above answers. also, If you're on Heroku. After installing the NewRelic Addon, you can download newrelic.yml file and change license_key: to:

license_key: <%= ENV['NEW_RELIC_LICENSE_KEY']%>

This will use the NEW_RELIC_LICENSE_KEY env variable set by the NewRelic addon

score 0 · Answer 4 · answered Feb 13 '13 at 22:57

This doesn't necessarily answer the exact question you are asking, but this may solve your end goal.

Typically for this type of situation I add the newrelic.yml file to .gitignore and then create a newrelic.yml.example with all the non sensitive fields filled out and a place holder for the key.

This way I can add it into my newrelic.yml file for development and also have the template checked in for others use.

Installing New Relic without adding license key to repo

4 Answers4