Just because you can, and others do, doesn't necessarily make it a good idea.
By writing & encouraging developers to use the new `secrets` API, we expose them to a bad practise. Not only that, but other solutions exist (like using `Rails.application.config`). I'm not against configuration files per-say, I'm against secrets as persisted values in a codebase.
Presumably this would be treated just as `config/database.yml` is currently, i.e. `config/secrets.sample.yml` would be committed to the VC while `config/secrets.yml` would be ignored by the VC. When you deployed you would symlink from a shared (private) file to the secrets file.
By writing & encouraging developers to use the new `secrets` API, we expose them to a bad practise. Not only that, but other solutions exist (like using `Rails.application.config`). I'm not against configuration files per-say, I'm against secrets as persisted values in a codebase.
Doing this is bad: https://github.com/search?l=ruby&q=cookie_secret&ref=cmdform...