我有一个小Bash脚本,我用它来访问twitter,并在某些情况下弹出咆哮通知。用脚本存储密码的最佳方法是什么?
I would like to commit this script to the git repo and make it available on GitHub, but I'm wondering what the best way to keep my login/password private while doing this is. Currently, the password is stored in the script itself. I can't remove it right before I push because all the old commits will contain the password. Developing without a password isn't an option. I imagine that I should be storing the password in an external config file, but I thought I'd check to see if there was an established way to handle this before I tried and put something together.
Is there any possibility to tell github to track the file under a different name?
Example: Locally, I have a file passwords.config with real passwords, and sample-passwords.config with stubs. However, in public repo, I'd like to have only passwords.config with content from sample-passwords.config and real passwords.config ignored.
I know .gitignore, which can hide my passwords.config, but I don't know is there any solution to rename sample-passwords.config while commiting to remote public repo.
Of course, I'd like to avoid situation, when my local repo tracks renamed file as if something changed in git status.
信任,但要核实。
在.gitignore中,这将从repo中排除一个“安全”目录:
secure/
但我和迈克尔·波特一样偏执。因此,为了验证.gitignore,这里有一个Python单元测试,如果这个“安全”目录被签入,它将发出一个喇叭。为了检查检查,也要测试一个合法的目录:
def test_github_not_getting_credentials(self):
safety_url = 'https://github.com/BobStein/fliki/tree/master/static'
danger_url = 'https://github.com/BobStein/fliki/tree/master/secure'
self.assertEqual(200, urllib.request.urlopen(safety_url).status)
with self.assertRaises(urllib.error.HTTPError):
urllib.request.urlopen(danger_url)