Handling secrets in code - project-sunbird/sunbird-devops GitHub Wiki

Dos

• Please store secrets using Ansible vault or using any other alternate encryption mechanism

Don'ts

• Don't add secrets as plain text inside code
• Don't expose or share the key used for encryption with people outside the trusted group

Examples of secret variables

• Password
• API token
• Webhook url containing secrets (eg: Slack webhoook url)