One of the best ways to use sensitive information in open source repositories without hard-coding the information within publicly available repositories is setting environment variables. Set the environment variables on the server, retrieve them by key within your application.
Full article