DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Understanding Why Secrets Like API Keys Inside Git Are Such a Problem

4 years ago dzone.com
Understanding Why Secrets Like API Keys Inside Git Are Such a Problem

Summary: This is a summary of an article originally published by the source. Read the full original article here →

But the fact is, secrets inside git repositories is the current state of the world. Previously we have discussed why it is common to choose the path of least resistance when it comes to accessing and distributing secrets.

In addition to intentionally storing secrets in git, when secrets are not managed properly, it is very easy to lose track of them.

A few things to consider when storing secrets in private repositories: Another important consideration is that Code removed from a git repository is never actually gone.

While this scenario is very basic, add in hundreds of commits and files between master and a development branch and you can see how easy it is to miss secrets in code reviews.

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com