add sam-tests/ to initially generated default .gitignore

[PatMyron]

Credentials committed in sam-tests/ in several resource-providers already:
gamelift
cloudwatch

Other language plugins as well:
Python
Go

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[ammokhov]

aws-cloudformation/aws-cloudformation-resource-providers-gamelift#9 (comment)

https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudwatch/pull/2/files/1afad8dd9d53ae5210c0624ee2a8ead7818993ae#r409312986

Investigating if this needs to be added to the other language plugins as well:
Python
Go

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

the only issue with that is that folder name can be anything

[PatMyron]

the only issue with that is that folder name can be anything

@ammokhov Is it sam-tests/ by default?

Everyone still needs to install and configure git-secrets regardless:

brew install git-secrets
git secrets --register-aws --global
git secrets --install # in each repository

this is just meant to be another layer of protection for anyone who hasn't

[miparnisari]

Everyone still needs to install and configure git-secrets

is this documented somewhere?

[rjlohan]

Everyone still needs to install and configure git-secrets

is this documented somewhere?

This is just a general best-practice for git workflows to prevent exactly this sort of problem. It's sourced from here

It actually has a couple of subtle bugs I hit during development of this repo so it became problematic to force in.

[PatMyron]

Everyone still needs to install and configure git-secrets

is this documented somewhere?

documented and called out git-secrets caveats:

https://github.com/awslabs/git-secrets/pull/172/files
https://github.com/awslabs/git-secrets/pull/173/files