re: Only code goes into a repository, right? VIEW POST


That's a great question.

For API keys and all sensitive configuration files we use KeePass. And we have a script to put those files back in the project once we've checked it out of source control. That one I think we got right.

Other than that we have:

  • A project folder on a shared drive. Specs and design documents go there.
  • Files ending up attached to a ticket in a ticket system (Jira / Trello / ...)
  • Email attachments
  • Files on people's drives

There is definately room for improvement. If you want to find a certain document, ticket systems and private folders are not going to help.

For myself I try and copy as many files to my docs/{project}/{issue} folders. Indeed, I'm one of the files on people's drives guys. I'd better share that resource.

I wonder if any company has it figured out. So I would be happy to learn how others do it as well :)


Here's a discussion on how orgs typically keep their secrets:

And while it's an atypical approach, you could encrypt and check your secrets in:

As @courier10pt alluded to , git's a pretty generic tool where you could keep anything there. Deciding what should go there is kind of a matter of figuring it out over time between you and your collaborators.

code of conduct - report abuse