Managing Secrets

Managing the secrets must be considered at different levels:

  • Source Code Level for example hard coded in source code.
  • Repository Level for example Git/ Git Hub.
  • Infrastructure Level for example for developing the infrastructure as code.

Source Code Level

To prevent to have secrects at code level, it’s enough not to write the users, passwords, tokens, secrets in source code but in:

  • Config file.
  • Environment variable. Two Examplpe for Python and C#

In both cases must be careful not to commit the .config and .env file to the repository.

Config file

In the case of using the Config file, must pay attention not to commit the config file into the repository.

Environment Variable



The environment variable in Python projects are saved in .env files.

_STORAGE_ACCOUNT_NAME=environ.get('STORAGE_ACCOUNT_NAME', 'storage account')
_STORAGE_ACCOUNT_KEY=environ.get('STORAGE_ACCOUNT_KEY', 'storage key')

Repository Levle

By preventing to write the secrets in source code and save the secrets in aconfig file, we must be careful not to push & commit the code to the repository.

Published by parisamoosavinezhad

- Software Engineer - Software Architect - Software and database specialist - Cloud solution architect

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: