You want to keep secrets like API access tokens outside of your source code. This is considered a good engineering practice in general (least privilege) and you may want to have different environments like staging and production.
CocoaPods Keys adds a few commands, and uses the installation hooks:
bundle exec pod keys set ARKeyName value- lets you store a value in your computer's keychain
bundle exec pod keys get ARKeyName- prints out the value from your computer's keychain
Then inside your
Podfile, add the plugin section. Noting the name of the
target to attach the pod
to, and the keys that you want to use:
plugin 'cocoapods-keys', project: 'Artsy', target: 'Artsy', keys: [ 'ArtsyAPIClientSecret', # Auth for the Artsy API 'ArtsyAPIClientKey', # 'ArtsyFacebookAppID', # Supporting FB Login ]
When you run
bundle exec pod install, CocoaPods Keys will add a new Pod that has all of of your keys embedded inside it.
To find out more, check out