Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent accidental checkin of password file using git

Tags:

git

git does not seem to do what I want here so I need some advise. I have a configuration file with sensitive information such as passwords. Say I have checked in the config file with blank/generic values:

username =
password =

Now I fill it with real values, and then add the file to .gitignore (the filename is build.properties)

username = bob
password = secretpassword

Even though I have added it to .gitignore, git still seems to "see it". What should I do here?

hostname$ more .gitignore 
build
ant.build
*.swp
build.properties

hostname$ git status
# On branch dev
# Changed but not updated:
#   (use "git add <file>..." to update what will be committed)
#   (use "git checkout -- <file>..." to discard changes in working directory)
#
#   modified:   build.properties
#
no changes added to commit (use "git add" and/or "git commit -a")

Am I misunderstanding something?

like image 928
corydoras Avatar asked Sep 29 '09 05:09

corydoras


2 Answers

.gitignore will only ignore files not already checked in. in your case you need to create an password.file.template and check that in. then put your password.file in the .gitignore file.

like image 52
knittl Avatar answered Sep 27 '22 15:09

knittl


Well it says modified: build.properties, so someone has checked-in this file already. Best guess of mine would be: delete the file, commit the changes and then re-create it without checking-in.

like image 26
seb Avatar answered Sep 27 '22 15:09

seb