I'm using Google Cloud Platform and researching what's needed for continuous development/integration.
We may use Google Secrets for passwords, API keys, etc. But I also see information in settings and config files that don't seem appropriate as a secret, but still probably needs secured. For example, the files might contain a list of white listed apps and URLs, or user names and IP addresses.
What is the best way to securely keep these files in a place where other developers can access them when needed? I'm not asking where they are kept when developing, but where to make them available for new developers to access them the first time. Would encrypting them and storing on Google Drive, and then limiting who has access, be appropriate?
The easiest way, IMO, is to use Secret Manager, in a dev project. All the developers can access the project and access to the secret.
The local code uses also the secret stored in Google Cloud (off line development is not possible).
Deployment on dev project is easy, because the same secrets are used.
A new developer? Add them in the developer group and they will have automatically access to the secrets