Reputation: 2437
What tools do you use to avoid accidently pushing private information to a github repo on a rails project?
Are there any tools you use to scrub your project before pushing to a public github repo. How do you maintain your private settings, while pushing your source code to a public repo? What is the best practice?
Upvotes: 2
Views: 275
Answers (3)
Reputation: 76
Sometimes you don't want to gitignore an entire file - maybe you'd prefer to just scrub out a line or two of sensitive data. I've written lucido specifically for this purpose.
lucido (pronounced loo-CHEE-dough) is a simple script designed to ... strip and restore sensitive data with ease. Within a git repository, lucido prevents you from committing your sensitive data, and automatically restores it for you after any merges.
Upvotes: 1
Reputation: 4144
I don't keep database.yml in git. I write it in a cap setup task. For email addresses and other things, I read them at app initialize from a file in the file-system. Again, not under source code management and written to the shared directory during cap setup.
Here's a sample:
namespace :deploy do
task :start do ; end
task :stop do ; end
task :setup do
run <<-CMD
mkdir -p -m 775 #{release_path} #{shared_path}/system #{shared_path}/media &&
mkdir -p -m 777 #{shared_path}/log &&
mkdir -p -m 777 #{shared_path}/pids &&
mkdir -p #{deploy_to}/#{shared_dir}/config
CMD
end
require 'erb'
after deploy:setup do
db_config = ERB.new <<-EOF
production:
adapter: mysql2
database: my_fine_database
host: 127.0.0.1
username: database_user
password: database_password
EOF
email_config = ERB.new <<-EOF
---
:user_name: [email protected]
:password: verysecret
:port: 25
:address: mydomain.com
:domain: mydomain.com
:authentication: :login
EOF
put db_config.result, "#{shared_path}/config/database.yml"
put email_config.result, "#{shared_path}/config/creds.yml"
end
and in my environment.rb, I put:
credentials = File.join(Rails.root, 'config/creds.yml')
ActionMailer::Base.smtp_settings = YAML.load(File.open(credentials)) if File.exists?(credentials)
What other sensitive information might you be storing?
Upvotes: 2
Related Questions
- Hiding my sensitive information (e.g. password) from github
- Dealing with secrets and source control
- Rails + Github - How to keep 'personal' development hotfixes/tweaks uncommited/tracked?
- Checking in configuration files with sensitive information into code repos
- can I have a password in config/application.rb if I upload to a public github repository?
- Rails app on github – how secure is that?
- how to keep sensitive data out of a sinatra app on github?
- Protecting sensitive information in Git
- How to prevent personal info to be shown in public repo on github?
- Put a Rails app in public git, keep private details private