views:

333

answers:

4

My app is hosted on Heroku and I have a public github repo too.

My app has a config file containing my amazon S3 credentials. It's important to ensure that the file gets pushed to heroku but not github.

So I was thinking that I could push my master branch to heroku and create a seperate github branch and ensure that it's .gitignore file references my s3.yml file. I could then just do "git push origin github:master" to push the github branch to github.com

This works fine for the first commit.

But then I switch to my master branch, write some awesome code and then push it all to heroku. I then switch back to my github branch and do "git merge master" so that the new code gets added to it. But this causes the s3.yml and gitignore files from the master branch to get copied into the github branch. Cue head-to-desk banging session.

Is there any advice on ways to keep branches synched up whilst ensuring that untracked files remain untracked. Can I tell git not to merge in the unwanted S3.yml file and the different .gitignore file?

Am I flogging a dead horse here? I can't justify paying for a private github account yet but I imagine the answer will involve doing just that.... or switching to projectlocker

I'm hoping that this problem is just down to my crap git skills and that there is a way.... thanks in advance

EDIT::: The accepted answer is a great solution, but I've just found a new one that I like much more. Read about it here: http://docs.heroku.com/config-vars - those clever people at Heroku have an answer for everything... seriously awesome

+2  A: 

in SVN this is called 'ignoring files' so I assume it will be something similar in GIT - I don't use GIT so don't quote me on this, but I've found this reference on the GITHub website:

http://github.com/guides/ignore-for-git

Hope that helps

phalacee
I've been using the method detailed on that link for a some time now, but thanks anyway :)
stephenmurdoch
A: 

If you use a branch named heroku as your "alternative master" branch (with sensitive data) and your old master branch without the sensitive data, then you could always do

git merge master

So you can push heroku branch to heroku not the master branch.

Vili
thanks but this still results in the same problem. if I develop in the new heroku branch, I will always need to merge the changes into the master (github) branch, which means that the config files get copied over and if I develop on the master branch, then I need to have the config files available as otherwise my app won't work during development. Thanks though.
stephenmurdoch
+5  A: 

But this causes the s3.yml and gitignore files from the master branch to get copied into the github branch

You can avoid that with a custom merge driver which will make sure to the .gitignore file of the github branch will always retain its content over the one merged from master.

See How do I tell git to always select my local version for conflicted merges on a specific file?

VonC
Thanks! The custom merge driver is exactly what I wanted! Nice write-up by the way.
stephenmurdoch
Note that this might not do what you want -- the head of the branch will have the correct file in it, but if you did a merge using Git then the head commit will have two parents, both accessible. One will be from your github branch and the other from the master branch, still containing your passwords.
Andrew Aylett
+1  A: 

You could maybe move the "dangerous" files away from git entirely - eg have them in ~/.yourapp or something like that. (that doesn't really answer the question directly but its what lots of software does - .fetchmail, .ssh, ...) and would permit other users to do the same.

Ben Clifford