I understand this question can be general but, specifically with regards to ASP.NET MVC, what's the best way to keep passwords locally but not in git/svn? My database connection string is currently in web.config -- is it best to somehow include a fil开发者_开发百科e in web.config that isn't in git? What do you folks do?
I use Windows Auth with my databases, so the connection string contains a server name but not a username/password.
For Machines where I can't use Windows Auth, I use web.config transforms and add the web.dev.config to my .gitignore.
Regarding Git, I would use a filter driver in order to build the right web.config out of:
- a
web.config.templatefile, - an external (encrypted) source where to look for the password.
On every checkout, the 'smudge' script would be the right web.config content, that way:
web.configremains private (only visible in your working tree)- common parts of the
web.configwhich don't change often and are public information remain versioned inweb.config.template. - the password, even encrypted, don't get replicated from repository to repository.
put the web.config in your .gitignore file. The web.config will not change very often.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论