Menu
Back when I first started using SVN for version control I was told to use 'svn export' to always be running a clean copy of the code on the server.
With Git it seems like the best way to get my files on the server is just to have Git managing the application folders and tell it what tag I want it to be running. Is this an okay practice or is there a better way?
I would of course block .git/ from public access, but it feels weird having an active version of the Git repo on the production server. (Guessing I may be missing a step...)
Thank you for any insight you can help me with in this area.
Edit: I currently use 'svn export' to a timestamped release folder that I symlink the public directory into with my deploy script.
834
At its core, Git is not built for security but for collaboration. As such, it is not secure but can be made secure through the use of tools and best practices. Self-hosting a Git server is a security nightmare.
You shouldn't store credentials like usernames, passwords, API keys and API secrets. If someone else steals your credentials, they can do nasty things with it.
One of the biggest advantages of Git is its branching capabilities. Unlike centralized version control systems, Git branches are cheap and easy to merge. This facilitates the feature branch workflow popular with many Git users. Feature branches provide an isolated environment for every change to your codebase.
Instead of cloning your repo on the webserver as a normal non-bare repo, you should use a method such as this one. http://toroid.org/ams/git-website-howto
115
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
