开发者

Using github to host public git repositories whilst ensuring that sensitive data files remain untracked

开发者 https://www.devze.com 2022-12-20 10:54 出处:网络
My app is hosted on Heroku and I have a public github repo too. My app has a config file containing my amazon S3 credentials.It\'s important to ensure that the file gets pushed to heroku but not gith

My app is hosted on Heroku and I have a public github repo too.

My app has a config file containing my amazon S3 credentials. It's important to ensure that the file gets pushed to heroku but not github.

So I was thinking that I could push my master branch to heroku and create a seperate github branch and ensure that it's .gitignore file references my s3.yml file. I could then 开发者_运维问答just do "git push origin github:master" to push the github branch to github.com

This works fine for the first commit.

But then I switch to my master branch, write some awesome code and then push it all to heroku. I then switch back to my github branch and do "git merge master" so that the new code gets added to it. But this causes the s3.yml and gitignore files from the master branch to get copied into the github branch. Cue head-to-desk banging session.

Is there any advice on ways to keep branches synched up whilst ensuring that untracked files remain untracked. Can I tell git not to merge in the unwanted S3.yml file and the different .gitignore file?

Am I flogging a dead horse here? I can't justify paying for a private github account yet but I imagine the answer will involve doing just that.... or switching to projectlocker

I'm hoping that this problem is just down to my crap git skills and that there is a way.... thanks in advance

EDIT::: The accepted answer is a great solution, but I've just found a new one that I like much more. Read about it here: http://docs.heroku.com/config-vars - those clever people at Heroku have an answer for everything... seriously awesome


But this causes the s3.yml and gitignore files from the master branch to get copied into the github branch

You can avoid that with a custom merge driver which will make sure to the .gitignore file of the github branch will always retain its content over the one merged from master.

See How do I tell git to always select my local version for conflicted merges on a specific file?


in SVN this is called 'ignoring files' so I assume it will be something similar in GIT - I don't use GIT so don't quote me on this, but I've found this reference on the GITHub website:

http://github.com/guides/ignore-for-git

Hope that helps


You could maybe move the "dangerous" files away from git entirely - eg have them in ~/.yourapp or something like that. (that doesn't really answer the question directly but its what lots of software does - .fetchmail, .ssh, ...) and would permit other users to do the same.


If you use a branch named heroku as your "alternative master" branch (with sensitive data) and your old master branch without the sensitive data, then you could always do

git merge master

So you can push heroku branch to heroku not the master branch.

0

精彩评论

暂无评论...
验证码 换一张
取 消