Guidance on secrets #230
Description
Is your content or feature request related to a problem? Please describe.
There is some information on managing secrets in the configuration section but it's limited to setting environment variables in the terminal. There are other methods available, for example govcookiecutter uses dotenv or the keyring package for R. Guidance on what should be considered a secret would also be useful, like I've never been sure if database names are sensitive.
Describe the solution you'd like
A bit more information how to manage secrets, different options and what should be considered secret.
Additional context
I'm happy to submit a PR with at least a rough draft but I'd love some feedback or input.