Is It Acceptable to Store Configuration Files in Git, Subversion, CVS or Another Code Versioning Tool?

Problem scenario
You like the backup feature of a code versioning tool for potentially restoring files in a disaster recovery situation.  You want to store complete code bases including necessary configuration files in such a repository.  

This reputable link (https://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html) says to use code versioning tools to store configuration files.  However this different reputable link says to not use code versioning tools to store configuration files.  Can you store .ini and other configuration files in a version control system?

Solution
According to the 12 Factor App rules, "A litmus test for whether an app has all config correctly factored out of the code is whether the codebase could be made open source at any moment, without compromising any credentials."

Based on a recommendation by SANS.org, we recommend not using Git for configuration files if they have a username and password.  Non-code files that store parameters and other configuration information can be stored in a code versioning repository.  We do not recommend such files that include credentials or sensitive information.  In other words, there are many exceptions to the rule "do not store configuration files in code versioning systems."  For disaster recovery or rolling back changes, you will want to have all the files that you need to get your software to work again.  You may want to include a file in a repository such as a README.txt that will direct the user to where the sensitive parameters and credentials are to be found.

Leave a comment

Your email address will not be published. Required fields are marked *