There is likely to be a need for a file with a single name that can be ignored by .gitignore that can contain passwords or API keys or whatever else that the site owner/developer feels should never be committed to version control.
The open question is, should secrets be loaded before environment overrides or should secrets override the environment config?
There is likely to be a need for a file with a single name that can be ignored by
.gitignorethat can contain passwords or API keys or whatever else that the site owner/developer feels should never be committed to version control.The open question is, should secrets be loaded before environment overrides or should secrets override the environment config?