Define and configure secrets storage
Any secrets
, eg API keys, access tokens, passwords and etc are not to be committed to git.
- designate a system for secrets storage (eg gitlab Variables)
- production secrets are not to be used within testing/staging environment
- develop a process to set secrets at deployment time
- document secrets management and local development process
- add pre-commit hook to detect any secrets, eg GitGuardian
Ref:
Edited by Janna