问题描述
我试图将一个全新的,空的Rail 3.0.4项目推向GitHub,但只是意识到cookie会话存储具有密钥:
In config / initializers / secret_token.rb
NewRuby192Rails304Proj :: Application.config .secret_token ='22e8 ...'
那么我们应该如何避免它被推送到GitHub?我们可以忽略这个文件(使用 .gitignore
),但是如果没有这个文件,Rails应用程序根本无法运行(并且不是完整的Rails应用程序)。或者一般来说,其他文件或框架也可能含有包含密钥的文件。在这种情况下,推送到GitHub时应如何处理?
$ b $ ul
secret_token.rb.template
), secret_token.rb
(就像一个加密文件,秘密值准备好被解码并放入在 secret_token.rb
文件中)从那里添加一个 :
上面引用的脚本是您的 涂抹
脚本,将在工作树检出时自动生成正确的文件。
I am trying to push a brand new, empty Rail 3.0.4 project to GitHub, but just realize that the cookie session store has a secret key:
In config/initializers/secret_token.rb
NewRuby192Rails304Proj::Application.config.secret_token = '22e8...'
So how can we avoid it being push to GitHub? We can ignore this file (using .gitignore
), but without this file, a Rails app won't run at all (and is not a complete Rails app). Or in general, other files or frameworks may have files containing secret keys too. In such case, how should it be handled when pushing to GitHub?
Add in your repo:
- a template of it (
secret_token.rb.template
), - a script able to generate a proper config file
secret_token.rb
based on local data found on the server (like an encrypted file with the secret value ready to be decoded and put in thesecret_token.rb
file)
From there, add a git attribute custom driver:
The script referenced above will be your 'smudge
' script which will, on checkout of the working tree, generate automatically the right file.
这篇关于当你在项目中拥有秘密密钥时,如何推动GitHub成为可能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!