Managing Secrets

Managing the secrets must be considered at different levels:

  • Source Code Level for example hard coded in source code.
  • Repository Level for example Git/ Git Hub.
  • Infrastructure Level for example for developing the infrastructure as code.

Source Code Level

To prevent to have secrects at code level, it’s enough not to write the users, passwords, tokens, secrets in source code but in:

  • Config file.
  • Environment variable. Two Examplpe for Python and C#

In both cases must be careful not to commit the .config and .env file to the repository.

Config file

In the case of using the Config file, must pay attention not to commit the config file into the repository.

Environment Variable

C#

Python

The environment variable in Python projects are saved in .env files.

_STORAGE_ACCOUNT_NAME=environ.get('STORAGE_ACCOUNT_NAME', 'storage account')
_STORAGE_ACCOUNT_KEY=environ.get('STORAGE_ACCOUNT_KEY', 'storage key')

Repository Levle

By preventing to write the secrets in source code and save the secrets in aconfig file, we must be careful not to push & commit the code to the repository.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: