Skip to content

tum-esm/secrets-management-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
bad-example
bad-example
 
 
good-example-config-file
good-example-config-file
 
 
good-example-env-variables
good-example-env-variables
 
 
README.md
README.md
 
 

Repository files navigation

You should not include secrets in your code!

bad-example/ includes an example of how not to manage secrets. The secrets will be part of the code's version history and be visible to anyone with read-permissions on that repo - even after you remove/change them. Selective CI tools are allowed to read our repositories and it is hard to keep track of secrets like that. Secrets leaks can happen very easily. Open sourcing the repository is not easily possible.

good-example-config-file/ includes an example of how you can manage secrets. Keep them in a separate file and do not include that separate file in the version control system. Include a template of that required file in your repository.

good-example-env-variables/ shows how you can use a local .env file (if it exists) or environment variables for your secrets. This requires installing the python-dotenv library.

About

how to manage secrets in python

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages