Why should you keep secrets checked out of your repository?

Question

It seems like common knowledge that it's a good practice to keep secrets files (anything containing passwords, API keys, etc.) checked out of your git repository (Indications here, here, here, here and there are many more)

Why?

Answer 1

This enhances security by making the values of these "secrets" (and other password/security/token related values) only known within the production environment, as opposed to anyplace the repository is checked out. Each environment (for example, local development, development server, staging/demo server, production environment, etc) should have its own separate configuration of authentication or security parameters, if possible, and these should be configured within the local environment, and not stored in the application's code itself.

Even if your repository is private, it is still not safe. Developers come and go. Operations people come and go. Project management comes and goes. You might have some third party contractors with repo access. A big enough project tends to have lots of actors working on it over time, and it isnt necessary for any of them to know the production configuration values (except perhaps the ops folk). Even with a private repository, there is still a security risk for exposing secret keys/values to anyone with repo access.