Credentials are stored on GIT repository

[RaduCStefanescu]

An attacker or a malicious administrative user with access to the GIT platform or the GIT repository can obtain or create a public leak of a wide range of credentials and other API keys in order to create disturbances, escalate privileges or use the obtained information in other attacks.

Do not store credentials, API keys or configuration files in GIT. The most you can do is place a dummy configuration file that will be edited prior to any deployment on the system environment.