Menu
I just set up Devise (rails authentication plugin) to send a confirmation email upon sign up. This involved my putting the following into my environment.rb file:
ActionMailer::Base.delivery_method = :smtp
ActionMailer::Base.smtp_settings = {
:tls => true,
:address => "smtp.gmail.com",
:port => 587,
:domain => "gmail.com",
:authentication => :login,
:user_name => "[my email]",
:password => "[my pass]"
}
I obviously don't want to push this up to github with [my pass] just sitting there. Is there a standard practice here?
216
If you commit sensitive data, such as a password or SSH key into a Git repository, you can remove it from the history. To entirely remove unwanted files from a repository's history you can use either the git filter-repo tool or the BFG Repo-Cleaner open source tool.
Privacy and data sharingPrivate repository data is scanned by machine and never read by GitHub staff. Human eyes will never see the contents of your private repositories, except as described in our Terms of Service. Your individual personal or repository data will not be shared with third parties.
If you move your private key to each of your computers that use pass, then you can just pull your pass repo from github and use the private key stored on those computers individually. Now they'll all stay synced and safe.
No. Once written to GitHub, secrets have their value hidden in both web interface and the CLI. The only way to access the secret value is to use it in a GitHub Action.
The standard is to put your configuration settings in one YAML file which isn't included in your repo.
Then you simply get the data from it.
Check Railscast "#85 YAML Configuration File" to see it in action.
131
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
