DEV Community

Discussion on: Only code goes into a repository, right?

Collapse
 
courier10pt profile image
Bob van Hoove • Edited

That's a great question.

For API keys and all sensitive configuration files we use KeePass. And we have a script to put those files back in the project once we've checked it out of source control. That one I think we got right.

Other than that we have:

  • A project folder on a shared drive. Specs and design documents go there.
  • Files ending up attached to a ticket in a ticket system (Jira / Trello / ...)
  • Email attachments
  • Files on people's drives

There is definately room for improvement. If you want to find a certain document, ticket systems and private folders are not going to help.

For myself I try and copy as many files to my docs/{project}/{issue} folders. Indeed, I'm one of the files on people's drives guys. I'd better share that resource.

I wonder if any company has it figured out. So I would be happy to learn how others do it as well :)

Collapse
 
r0f1 profile image
Florian Rohrer

Thank you for sharing! Very interesting :)

Collapse
 
ben profile image
Ben Halpern

Here's a discussion on how orgs typically keep their secrets:

dev.to/ben/how-does-your-organizat...

And while it's an atypical approach, you could encrypt and check your secrets in:

dev.to/davidk01/encrypt-and-check-...

As @courier10pt alluded to , git's a pretty generic tool where you could keep anything there. Deciding what should go there is kind of a matter of figuring it out over time between you and your collaborators.