Committing secrets to GitHub or other repositories is a common error and can be a huge security risk with potentially large real financial costs if in a public cloud context. This should be mentioned in the 05b-advanced-containers episode in the "Including personal scripts and data in a container" section.
Something like.
WARNING: Login credentials including passwords, tokens, secure access tokens or other secrets must never be stored in a container. If secrets are stored, deleting the files in git does not remove them from the repository and they will be found and exploited if they are currently, or in the distant future, make public.
Committing secrets to GitHub or other repositories is a common error and can be a huge security risk with potentially large real financial costs if in a public cloud context. This should be mentioned in the 05b-advanced-containers episode in the "Including personal scripts and data in a container" section.
Something like.
WARNING: Login credentials including passwords, tokens, secure access tokens or other secrets must never be stored in a container. If secrets are stored, deleting the files in git does not remove them from the repository and they will be found and exploited if they are currently, or in the distant future, make public.
I can make a PR if desired.