What should be checked into pubic source control?

I am using Sage, Bedrock, and Trellis. Everything is working fantastically so far. I am ready to push this site to production, but I need to commit my code to github and I am confused on how much I should be checking in. Looking at the roots example project I see that ansible along with all of the credentials in the group_vars directory are checked in. I don’t see anything in the .gitignore files of relevance to passwords. How should this be handled on a site in production?

1 Like

We have some information about this in the Wiki: https://github.com/roots/trellis/wiki/Passwords

Our example project needs to be readable for demo purposes so obviously we can’t really encrypt the files. In a normal case, yes you should be looking into removing any plain text secure credentials from your repository as a general best practice.