This is a safe way to store sensitive data. Every project has its own dedicated set of secrets that can be used in the configuration file.
All secrets have the same prefix (
SECRET_) and can be referenced in the commands section of the scripts and as a password for a server.
Secrets will never be exposed in logs or in the execution output of deploys.
Any collaborator can toggle secret visibility in the UI.