我有一个小Bash脚本,我用它来访问twitter,并在某些情况下弹出咆哮通知。用脚本存储密码的最佳方法是什么?
I would like to commit this script to the git repo and make it available on GitHub, but I'm wondering what the best way to keep my login/password private while doing this is. Currently, the password is stored in the script itself. I can't remove it right before I push because all the old commits will contain the password. Developing without a password isn't an option. I imagine that I should be storing the password in an external config file, but I thought I'd check to see if there was an established way to handle this before I tried and put something together.
下面是我使用的一个技巧:
我在我的主文件夹中创建了一个名为:
config
在这个文件夹中,我放置了我想外部化密码和密钥的任何数量的配置文件。
我通常使用反向域名语法,例如:
com.example.databaseconfig
然后在bash脚本中我这样做:
#!/bin/bash
source $HOME/.config/com.example.databaseconfig ||exit 1
|| exit 1如果无法加载配置文件,将导致脚本退出。
我在bash、python和ant脚本中使用了这种技术。
我很偏执,认为.gitignore文件不够健壮,无法防止无意签入。此外,没有任何监控机制,所以即使发生了签入,也没有人会发现如何处理它。
如果一个特定的应用程序需要一个以上的文件,我创建子文件夹而不是一个单一的文件。
Is there any possibility to tell github to track the file under a different name?
Example: Locally, I have a file passwords.config with real passwords, and sample-passwords.config with stubs. However, in public repo, I'd like to have only passwords.config with content from sample-passwords.config and real passwords.config ignored.
I know .gitignore, which can hide my passwords.config, but I don't know is there any solution to rename sample-passwords.config while commiting to remote public repo.
Of course, I'd like to avoid situation, when my local repo tracks renamed file as if something changed in git status.