Member-only story
In Selenium Projects, Keep Sensitive Information in Environment Variables
Each test automation project uses sensitive information.
It may need a username and password to login to a site.
Or a connection string and domain account to connect to a SQL database.
Or Azure Cloud credentials.
Where should this info be kept?
There are a few options.
Keep the sensitive info in the code
This is obviously the worst option.
The sensitive information is safe when you are the only one that can access the code. But as soon as you commit the code to source control, anyone can see it.
So don’t keep sensitive info in the code.
Keep the sensitive info in a property file
This is similar to keeping it in the code.
As soon as the property file is in source control, it is outside of your control who can see its contents and who cannot.
You may exclude the property file from source control in which case the sensitive information is secure.
But in this situation, the management of the property file becomes very complex.
