Starting in Rails 5.2+, the framework now comes with a built in way to encrypt configuration credentials and environment variables. In previous versions an application would need to use a tool such as dotenv or figaro, and you could NEVER include the variable values in version control for security reasons. However, now all of the credentials are encrypted, and a single master key can decrypt them. This means that your team can add the credentials to version control and share them with much more ease.
This video walks through how to: view, edit, and query the credentials, along with how to call them from the console and the application. And finally I show how to configure Heroku to work with the credentials.
Here is a link to a cheat sheet that shows the common commands needed to work with Rails encrypted credentials: