本文介绍了当你在项目中拥有秘密密钥时,如何推动GitHub成为可能?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图将一个全新的,空的Rail 3.0.4项目推向GitHub,但只是意识到cookie会话存储具有密钥:



In config / initializers / secret_token.rb

  NewRuby192Rails304Proj :: Application.config .secret_token ='22e8 ...'

那么我们应该如何避免它被推送到GitHub?我们可以忽略这个文件(使用 .gitignore ),但是如果没有这个文件,Rails应用程序根本无法运行(并且不是完整的Rails应用程序)。或者一般来说,其他文件或框架也可能含有包含密钥的文件。在这种情况下,推送到GitHub时应如何处理?

添加回购:


$ b $ ul
  • 它的模板( secret_token.rb.template ),

  • 一个脚本能够根据服务器上的本地数据生成一个合适的配置文件 secret_token.rb (就像一个加密文件,秘密值准备好被解码并放入在 secret_token.rb 文件中)



  • 从那里添加一个



    上面引用的脚本是您的 涂抹 脚本,将在工作树检出时自动生成正确的文件。


    I am trying to push a brand new, empty Rail 3.0.4 project to GitHub, but just realize that the cookie session store has a secret key:

    In config/initializers/secret_token.rb

    NewRuby192Rails304Proj::Application.config.secret_token = '22e8...'
    

    So how can we avoid it being push to GitHub? We can ignore this file (using .gitignore), but without this file, a Rails app won't run at all (and is not a complete Rails app). Or in general, other files or frameworks may have files containing secret keys too. In such case, how should it be handled when pushing to GitHub?

    解决方案

    Add in your repo:

    • a template of it (secret_token.rb.template),
    • a script able to generate a proper config file secret_token.rb based on local data found on the server (like an encrypted file with the secret value ready to be decoded and put in the secret_token.rb file)

    From there, add a git attribute custom driver:

    The script referenced above will be your 'smudge' script which will, on checkout of the working tree, generate automatically the right file.

    这篇关于当你在项目中拥有秘密密钥时,如何推动GitHub成为可能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

    09-26 13:04