I made a website with NextJS that I'd like to make open source, but I have a .env file with read-only credentials to my DB.
I don't think it would be a huge issue to make those credentials public as I wouldn't mind people querying my DB, but it still seems risky and I'd rather not.
Keep in mind that I use Vercel to deploy the website, which gets the code from the git repo.
I've thought about cloning the private repo, deleting the .env file and making this new repo public, but that's not an ideal solution since I'd end up with two repos.
I assume your .env file has already been committed to the repo?
Add it to .gitignore, and use BFG (usage instructions at that link) to delete the file from your repo. A normal delete will not work, as the file will still be in the git history. Using BFG, it'll be erased from the repo entirely.
Related
I created a new skill in the web-based interface. Then I used the skills extension in vscode to download the new skill. After downloading I have the interactionModel as an untracked file in the dev branch. I committed that and some other files and tried to push it to get things synced up and it failed, saying to do a pull first. I do the pull succesfully and then try the push again and get the same error. What can I do to sync things?
EDIT: I tried pushing from a shell and got "get: .ask\scripts\git-credential-helper: not found". So I couldn't log in to the amazon repo. Could this be causing the problem above? How do I get my credentials for the remote repo? I assumed that would be set up automatically from the alexa-skill extension in vscode when I downloaded the skill.
I found the answer to my problem here
The commands I used were ...
git checkout dev
git pull --rebase
git merge master
# fix any merge conflict if you have any
git push --no-verify
I have seen some medium blogs and StackOverflow answers that I shouldn't add .env file to the versioning.
I quite understand why that is needed.
But how about when dealing with a Reactjs project?
Reactjs is for the frontend and all the environment variables are public even it is bundled for production and anyone can read it using a web browser.
I have 2 env files, .env.production for production and .env.staging for staging. The environment variable values are put to the bundled version while building. These files are the same across all other team members.
Actually there is no secret at all in these files.
The question is:
Should I add these 2 files to versioning or do I have to distribute these files manually to other team members? Then why?
No.
Preferred way is to have a file called .env.sample This will contain all the keys with random or no values in it. Any developer who clones the repo, will get to know the env_vars that are needed to run/build the project.
Within the teams, have a secrets sharing mechanism. There are lots of tools available to solve this.
First time after cloning the repo, the developers needs to run cp .env.sample .env and copy the values from the secret manager.
Make sure to add .env to .gitignore so no-one accidently pushes the .env containing secrets to the repo.
No you don't. .env file should be put on server in a separated way. Otherwise whoever can access to your source code repository can read or even modify .env file.
For the main git repository, devanshdalal.github.io, I am unable to choose the src branch to use for deploying, github.com always picks up the master branch. It becomes difficult now, because I now have to push my build/ forlder to master. Is there a way to automate this?
Currently github doesn't support choosing custom folder for repo named like {GITUSER}.github.io -
From community help post
From https://help.github.com/articles/configuring-a-publishing-source-for-github-pages/, the only three options that GitHub Pages recognizes are:
master branch
docs/ folder on the master branch
gh-pages branch
But for repo like {GITUSER}.github.io, having docs/ folder also doesn't work(I couldn't make it work). I faced this similar issue a while back. I was using jekyll to build the static pages for my site. I know It's really frustrating, but as of now what you want, is not possible.
However, I made a workaround to version-control my jekyll project as well the generated static github.io pages.
I maintain a separate repo for the jekyll version of the project(which in your case I guess would be the react project). So locally I have two separate repo -
{my_username}.github.io - > which will contain the static pages, and remote for this local repo would be the {my_username}.gihub.io repo(the static site repo).
I also have a separate repo for the jekyll project. Which has a different remote repo setup. I configured settings for this project in such way that after build, the static pages will be saved in the local repo of {my_username}.github.io folder. then I can just commit and push separately in the two repos.
This way I can keep track of the static pages as well as the jekyll project that builds the static pages.
You only need to make sure that before you configure a publishing source, the branch or folder you want to use as your publishing source already exists in your repository.
This link GithubPages will solve your problem.
I am preparing private package repository using satis. We are using git for versioning our source code. When I use credentials in repository address everything works well, packages.json is where it should be with proper content. But when I remove these credentials and try to build packages.json via
php bin/satis build config.json web/
I get
fatal: Authentication failed
which is understandable. I want to ask is there any other to authenticate to git repo from satis without keeping plain credentails in packages.json? I only add that I can't access repositories via ssh.
Problem solved. I have to use .netrc file and store my credentials there. Everything works like music now.
I have recently started using GitHub. I am uploading my cakephp website.
Also, I am using GitHUb for windows, http://windows.github.com/
Now, after I added my CakePHP files -> committed the changes -> synced, I do not see my app/database.php file being uploaded.
I checked the repository through browser, but still can't find the database.php file.
I have re-installed GitHub for windows, created a new repository, again added the files to it, but same result.
Please help, what is the issue.
Clear your .gitignore file and commit again.
But database.php is in your .gitignore is for a security reason. It may contain sensitive data, double check it before pushing.