stackoom
  简体   繁体   中英

What tools do you use to avoid accidently pushing private information to a github repo on a rails project?

 原文  2011-02-19 00:04:55       ruby-on-rails/ security/ github/ privacy

Question

Are there any tools you use to scrub your project before pushing to a public github repo. How do you maintain your private settings, while pushing your source code to a public repo? What is the best practice?

3 answers

solution1
 4  2011-02-19 01:08:31

.gitignore文件是您的朋友。

solution2
 2 ACCPTED  2011-02-19 00:51:25

I don't keep database.yml in git. I write it in a cap setup task. For email addresses and other things, I read them at app initialize from a file in the file-system. Again, not under source code management and written to the shared directory during cap setup.

Here's a sample: 

namespace :deploy do
  task :start do ; end
  task :stop do ; end

  task :setup do
    run <<-CMD
      mkdir -p -m 775 #{release_path} #{shared_path}/system #{shared_path}/media &&
      mkdir -p -m 777 #{shared_path}/log &&
      mkdir -p -m 777 #{shared_path}/pids &&
      mkdir -p #{deploy_to}/#{shared_dir}/config
    CMD

  end

  require 'erb'

  after deploy:setup do
    db_config = ERB.new <<-EOF
production:
  adapter: mysql2
  database: my_fine_database
  host: 127.0.0.1
  username: database_user
  password: database_password
EOF

    email_config = ERB.new <<-EOF
--- 
:user_name: me@mydomain.com
:password: verysecret
:port: 25
:address: mydomain.com
:domain: mydomain.com
:authentication: :login
EOF

    put db_config.result, "#{shared_path}/config/database.yml"
    put email_config.result, "#{shared_path}/config/creds.yml"
  end

and in my environment.rb , I put: 

credentials = File.join(Rails.root, 'config/creds.yml')

ActionMailer::Base.smtp_settings = YAML.load(File.open(credentials)) if File.exists?(credentials)

What other sensitive information might you be storing?

solution3
 1  2012-11-03 19:12:08

Sometimes you don't want to gitignore an entire file - maybe you'd prefer to just scrub out a line or two of sensitive data. I've written lucido specifically for this purpose.

lucido (pronounced loo-CHEE-dough) is a simple script designed to ... strip and restore sensitive data with ease. Within a git repository, lucido prevents you from committing your sensitive data, and automatically restores it for you after any merges.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Track a Rails project on private repo on GitHub with Redmine and Integrity deployed on Heroku How to use private repo gem in Rails app? Trouble pushing new repo in GitHub pushing rails engine to github Use rails github_api to upload csv file to github repo Rewrite Rails 3 to Rails 4 what to do with Git repo What tools/methods could I use in Rails to get information from an Outside URL? Capistrano Many Private Repo Github How do I start a new repo on github with an existing project? Rails users: What exception notification software do you use?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM