如何在 git 中隐藏单个远程存储库中的文件?
我有一个项目想要开始在 github 上共享,我将其设置为另一个远程存储库。但我有一些敏感的配置信息(亚马逊 s3 帐户详细信息),我显然不想在 github 上共享。
有没有办法让远程 github 存储库忽略设置文件,但让本地和其他远程存储库使用它?
编辑 - 重新打开这个问题,看看是否有其他分布式源代码控制系统(mercurial?bazaar?等)可以做到这一点?
I've got a project I'd like to start sharing on github which I'd set up as another remote repo. But I've got some sensitive configuration information (amazon s3 account details) that I don't want to obviously share on github.
Is there a way I can get the remote github repos to ignore the settings file, but have the local and other remote repos work with it?
EDIT -
reopening this question to see if there are any other distributed source control systems (mercurial? bazaar? etc) that can do this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
Mercurial 的工作方式与 Git 相同,您已经获得了这方面的良好建议。但是,您可以设置一个编码过滤器,该过滤器将从存储库中的文件中删除密码。
这个想法是,您对文件进行版本控制
,但在本地有一个填充了值的文件。当您运行
hg status和hg diff时,Mercurial 将忽略这些值,因为它显示编码后的结果 - 编码过滤器会去除敏感信息。类似的东西
应该有效。 (我现在无法测试它,我在电车上。)
简单地不对文件进行版本控制仍然是处理此问题的简单、正常且推荐的方法。
Mercurial works the same as Git and you've already gotten good recommendations for that. However, you can setup an encode filter that will remove the password from the file in the repository.
The idea is that you version a file with
but have a file with filled in values locally. Mercurial will ignore the values when you run
hg statusandhg diffsince it shows the results after encoding — the encode filter strips the sensitive information.Something like
should work. (I cannot test it right now, I'm in a tram.)
Simply not versioning the file is still the simple, normal, and recommended way to deal with this problem.
您可以
忽略您的设置文件,但它永远不会受到版本控制。我所做的就是有两个配置文件。一份用于生产,一份用于开发,其中包含所有设置。敏感凭据位于主配置“来源”的另一个文件中,并且这些不受版本控制。通常,它们只有两行(用户名、密码)。
然而,一般来说,没有办法跟踪文件而不推送它。
You can
ignoreyour settings file but then it will never be version controlled.What I do is to have 2 config files. One for production and one for dev which contain all the settings. Sensitive credentials are in another file "sourced" by the main config and these are not version controlled. Often, they're just two lines (username, password).
However, in general, there's no way to track a file but not push it.
通常,您可以通过2个配置文件来完成此操作(如果您想要示例配置,则+1):
config
config.local
config .local.sample (可选,但推荐)
.gitignore
在
.gitignore中,您需要放置config.local文件(您想要保护的那个)并检查config(以及config.local.sample,如果您决定使用的话)。当有人克隆您的项目时,他们将看到以下文件:
重要!!!从您的程序加载配置文件时,您应该检查是否有config.local文件。如果没有,请加载默认配置:config。
结论
您避免发布包含敏感信息的
config.local。默认配置(从远程克隆)适用于用户名 root 和密码 r00t 有效的合理且罕见的情况。 config.local.sample 将提供本地自定义说明(如果有人需要)。如果他们确实创建了
config.local文件,它将自动忽略(因为.gitignore 中的),但您的程序也会自动使用它,而不是默认的config.local行)config文件。Normally you can do this by having 2 config files (+1 if you want a sample config):
config
config.local
config.local.sample (optional, but recommended)
.gitignore
In
.gitignoreyou need to put theconfig.localfile (the one you want to protect) and check in theconfig(andconfig.local.sample, if you decide to use one).When someone will clone your project they will see the following files:
Important!!! From your program when you load the config file you should check if you have a config.local file. If not, load the default one: config.
Conclusion
You avoid publishing
config.local, that contains your sensitive information. The default configuration (cloned from a remote) will work for a reasonable and rare case where username root and a password r00t are valid. The config.local.sample will provide local customization instructions (if someone needs them).If they do create a
config.localfile, it will get automatically ignored (because of theconfig.localline from.gitignore), but it will also get automatically used by your program instead of the defaultconfigfile.