My Android application is OpenSource, and I am a little bit afraid to share the code on Github, because my API keys were also shared.
I can git ignore my strings.xml file, but I really hope there is an alternative and I will be able to do something clever, so I wont have to worry about it.
Any idea or suggestion?
The only way to hide it is to proxy your request through your own server. Netlify Functions are a free way to add some simple backend code to a frontend app. This is this method I used while learning to program in college, where I needed to share my progress with my peer group without disclosing my API keys.
Deployment: Hiding API Keys on Netlify In order to use your secrets in Netlify, go to Settings > Build & deploy > Environment > Environment variables. There, add your variables, just like you had in your . env file. And that's it!
A slightly good way to keep the key out of the repository would be to create a secrets package in your project and add the whole package to the project's Git Ignore file. # Files and directories with API keys, IAM usernames and passwords, # etc.
Customize the ant build script of your project to generate a mapskey.xml (strings) from local.properties (which you add to git ignore). Those who fork just create their own local.properties with debug and release keys for Google Maps.
Put the key in a separate file and read it from there, and only commit a placeholder file to the repository.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With