CODEWITHSUNDEEP
pythongithub
Dervin Thunk
Dervin Thunk

Reputation: 20140

Using github with secret keys

I have a Python script with secret keys for the Tweeter API. I would like to version control my script using Github. How do I keep my keys secret while still uploading to Github? That is, the values of these

KEY = ""
KEY_SECRET = ""
TOKEN = ""
TOKEN_SECRET = ""

should be kept secret. Maybe I can put them in another file and load them, but .gitignor'ing said file? What is the correct pattern?

Upvotes: 2

Views: 4616

Answers (2)

Lix
Lix

Reputation: 48006

As hinted to by @chishaku, a good idea would be to save all your confidential information in a separate file that is not version controlled ie: is not known by git. You do this by adding it to the .gitignore file.

With this in place, you can safely commit your code to GitHub where everyone can see your project - however your confidential information and passwords are no where to be seen!

Within your project, you can now read that file (or import it) and use the information held within.

Keep in mind that when you (or someone else) accesses this project, you will have to ensure that your "secret" file exists since your project depends on it.

In my projects, creating this "secret" file is part of the deploy script. Something like:

echo '{"password": "123"}' > config.json && git checkout master

This line of code writes the (simple) settings file to config.json and only afterwards retrieves the latest code version from the master branch.

Upvotes: 2

chishaku
chishaku

Reputation: 4643

# project/.gitignore

passwords.py

# project/passwords.py

GITHUB_KEY = '123'
GITHUB_KEY_SECRET = 'ABC'
GITHUB_TOKEN = '456'
GITHUB_TOKEN_SECRET = 'XYZ'

# project/my_script.py

from passwords import GITHUB_KEY, GITHUB_KEY_SECRET, GITHUB_TOKEN, GITHUB_TOKEN_SECRET

KEY = GITHUB_KEY
KEY_SECRET = GITHUB_KEY_SECRET
TOKEN = GITHUB_TOKEN
TOKEN_SECRET = GITHUB_TOKEN_SECRET

Upvotes: 8

Related Questions