How to use a credential file without pushing it to repoitory

I am building a Django web app that is deployed on GCP (google cloud platform). I need to use the google cloud storage bucket to store files generated from the app, So I added the code to settings.py :

from google.oauth2 import service_account
GS_CREDENTIALS = service_account.Credentials.from_service_account_file(os.path.join(BASE_DIR, 'credential.json'))

In the code, credential.json is referred to. Currently, I put the credential file in the project directory on my computer and it works fine. But now I need to push the project to a public repository for project handoff and I can’t push the credential file because it contains the private key to the cloud storage bucket. What should I do to make the program run normally without pushing the credential file to the repository or the file being accessible by other people?

Your action.yml must be public so that you have access to the free version of GitHub CI (open source public repos), thus I don’t see a way you can do that, without publishing any sort of key or credential.

But maybe I am wrong.

What I do in my public open source repos with credentials is:

I explicitly say users must get their own credentials for production and I explain how;

I create credentials only for testing purposes (with limited access to the service) whose publishing thus won’t harm anything.