Don't use config/credentials.yml.env
Storing your production credentials in your repository is a bad idea. A very bad idea. Even if it's encrypted.
Putting aside the obvious security issues with this, the scope for accidentally using production credentials in a development environment scares me to death. I never want my local development copy of an application to know anything about production. I rest easy knowing if I was to run
rake db:reset in development, there's no chance of anything bad happening to our production environment.
There's nothing wrong with encrypting your config files but storing them in your repository... ??. I'm sad that Rails encourages this behaviour.