How to prevent accidentally publishing passwords to a git open source repository

Question

I'm developing an open source project on my own and I'm hosting the code on GitHub.

I wish to have a full version up there but with a fake password or API key having the good one on my local copy without risk of accidentally publishing it.

If I use .gitignore on the config file it won't upload, right? I want it uploaded but without my real password or API key.

Later I might want to add more things to the same config file and upload a new version but again with fake passwords.

How can I do it safely? Thank you.

Answer 1

Using environment variables

One standard solution to this problem is loading secrets from environment variables. Depending on what language you use on what operating system, this looks something like

Config.DBPASSWORD = ENV('dbpassword')

Then in any of your environments (dev or prod) you set the necessary environment variables accordingly. On Linux this is somewhat easier but also possible on Windows.

Using configs per environment with templates

Another common approach is if you store a config for your dev environment with fake/useless secrets (ie. a useless password for the local database which only runs on localhost and doesn't have any sane data anyway), and you store a production config template (eg. config.production.php). Upon deployment, you write the actual production secrets into the template via your deploy script. Again, you can safely check in all files into version control. Make sure though that the password checked in as the dev one is really useless for anybody having access. For example if you have production data in the local dev database (a very bad practice anyway!), you should not have this password in the repository, even if the database is not accessible from outside of localhost.

You can also combine these methods if you want.