Never Commit Sensitive Information — even if the repository is private.
Keep private things out of the github code directory
-
Keep out of code, and the github code directory:
- passwords
- API keys
- server paths
- database-structure info (where reasonably possible)
- private settings
- shell-scripts that set environmental variables
- log-files (which can sometimes contain sensitive info)
-
Implementation: One common pattern is to have a "project_outer_directory" that contains these things (as well as the "project_code_directory"), and only commit the "project_code_directory" to github.
-
Utilize environment variables: Store sensitive information in environment variables, set outside of the git-directory and thus not able to be accidentally committed. All languages support common ways of doing this.
-
Do not depend on the .gitignore file for security: Rather, get in the habit of thinking of the .gitignore file as keeping messy-unnecessary-cruft out of github (like virtual-environments or auto-compiled *.pyc files), not as basic security. Instead, keep the sensitive info out of the github directory in the first place.
- Include a README, preferably with an explanation of the repo's Purpose, Usage, and Installation
- Make it clear which team at BUL "owns" the repo
- Add a "Description"
- Include "dependencies" in such a way that github can auto-scan them and notify you of vulnerabilities
- If you have a
dotenvwith private info — as noted above it should not be in the repo — but it's useful to have asample_dotenv.txtfile for users to get a sense of what kind of info is required. - the
mainbranch is special: it should always work. - There should be a "release" for every version of the code actually deployed. (That makes it easier to know which commit to revert back to if there's a problem.)
See also:
This document is a draft & will be undergoing revisions.
