Menu
I am trying to push a brand new, empty Rail 3.0.4 project to GitHub, but just realize that the cookie session store has a secret key:
In config/initializers/secret_token.rb
NewRuby192Rails304Proj::Application.config.secret_token = '22e8...' So how can we avoid it being push to GitHub? We can ignore this file (using .gitignore), but without this file, a Rails app won't run at all (and is not a complete Rails app). Or in general, other files or frameworks may have files containing secret keys too. In such case, how should it be handled when pushing to GitHub?
694
No, but if the repository is public others can fork it, commit to their own fork. They can then ask you to pull some of the changes in their fork into your repository via a pull-request. Show activity on this post. Nobody can push directly to your repository if you are not already granting them write access.
Add in your repo:
secret_token.rb.template),secret_token.rb based on local data found on the server (like an encrypted file with the secret value ready to be decoded and put in the secret_token.rb file)From there, add a git attribute custom driver:
The script referenced above will be your 'smudge' script which will, on checkout of the working tree, generate automatically the right file.
104
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
