Menu
I use to git to pull source changes (from GitHub after pushing from dev) to my web apps on live websites. My .git directory/repo is in my web root (not accessible publicly) just like most projects are when you build a web app and start using git with 'git init' and so on. Is this ok?
By "ok", I mean I know there may or may not be better locations to put the .git repository on the production server and use build scripts to deploy or something, but in your answers, I first and foremost want to know if it's "ok" the way I'm currently doing it from a security, best-practices, etc. perspective. It seems to be the easiest, straightforward way to deploy changes to the live site and maintain a git repo, and it's been working for me.
If it is "ok, but there's a better way", i'm curious about those suggestions as well.
717
it's fine but a better way would be to make sure your history is not in the folder of the web root. You can get around this with git level options letting git know where the working directory is:
git --git-dir=some/path/.git --work-tree=my/web/root/projectX pull
would update that. If you are scripting and don't want to keep repeating those options, you can set 2 environment variables and after that you can skip those options.
You can also just have the git repo somewhere else and use the archive command to get the working folder out:
git archive | tar -xzvf
Also consider not having in your history anything such as connection strings or passwords. Have the deploy script manipulate those files at the point of deployment.
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
