"Best Practices for Securing Secrets in Source Code Repositories?" #139973

iterm-cmd · 2024-09-27T18:07:21Z

iterm-cmd
Sep 27, 2024

Select Topic Area

Question

Body

Hi everyone,

In situations where environment variables aren’t an option, what are the best practices for securely managing secrets in a public repository?

Looking forward to your thoughts!

TiepBK9056 · 2024-09-27T18:10:29Z

TiepBK9056
Sep 27, 2024

To manage secrets in a public GitHub repository without environment variables:

Encryption: Store secrets in the repo but encrypt them. Use a secure service or key management system to decrypt at runtime.
Secret Management Services: Use external services like AWS Secrets Manager or HashiCorp Vault to store and retrieve secrets securely during runtime.
GitHub Actions Secrets: For GitHub workflows, store secrets in GitHub Actions Secrets, which are encrypted and secure.
These methods help avoid exposing secrets directly in the codebase.

1 reply

iterm-cmd Sep 27, 2024
Author

Thanks a lot

ebndev · 2024-09-30T14:11:07Z

ebndev
Sep 30, 2024

Please see this comment for reference to why this discussion was closed and locked. Thanks!

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

"Best Practices for Securing Secrets in Source Code Repositories?" #139973

{{title}}

Replies: 2 comments 1 reply

{{title}}

{{title}}

{{title}}

Select a reply

GitHub Community

"Best Practices for Securing Secrets in Source Code Repositories?" #139973

iterm-cmd Sep 27, 2024

Select Topic Area

Body

Replies: 2 comments · 1 reply

TiepBK9056 Sep 27, 2024

iterm-cmd Sep 27, 2024 Author

ebndev Sep 30, 2024

iterm-cmd
Sep 27, 2024

Replies: 2 comments 1 reply

TiepBK9056
Sep 27, 2024

iterm-cmd Sep 27, 2024
Author

ebndev
Sep 30, 2024