Jakob Holderbaum article about managing shared secrets when working on a shared codebase. Handling such secrets in a working team and during deployments can be a challenging and sometimes even intimidating task.
Few approaches are considered and trade-offs are mentioned:
- simply having constants in your source code.
- storage of secrets in configuration files not checked into version control
- or use of environment variables
- GPG and password manager pass (*nix systems)
Password manager pass on the other hand is a neat little utility that basically comprises a convenient wrapper around GPG.
An example application code with detailed explanation how to set up secure keys for pass to work is included.
[Read More]