tags:

views:

79

answers:

4
+1  Q: 

Hide password when checking config file in git.

Possible Duplicates:
What is the best practice for dealing with passwords in github?
How can I track system-specific config files in a repo/project?

Hi,

I would like to hide 

DATABASE_NAME = ''
DATABASE_USER = ''
DATABASE_PASSWORD = ''
DATABASE_HOST = ''

Line 13 to 17 of the default Django settings.py file when checking it in github.

I still want to check it in tho, because I am adding modifications from time to time. I just want these four lines to always be set to empty.

+1  A: 

Unfortunately, that's not how Git works - either a file is in version control, or it isn't.

If you don't want the info in Github, then don't check it in. You could keep a copy of the config file in a separate (private) repository elsewhere if you wanted, though.

Amber  2010-08-31 03:46:22
+1  A: 

I would recommend keeping settings.py with those four lines exactly as you've shown them, and have a separate, tiny Python script to add and remove the four bits of secret information (reading them from a file that's not part of your git repository, but rather is safely and secretly kept -- in a couple of copies, for safety -- in very secure places).

You can have a presubmit check to make sure you never, ever push a settings.py that has not been shorn of the secrets (I don't know git enough to tell if it has "presubmit triggers" that can modify the repo, as well as presubmit checks that just check it, but, if it does, then clearly it may be more convenient for you to use said tiny Python script in such a trigger -- indeed, if that's the case, you might want to consider doing the removal/restoring of the secrets by using patch, and a simple diff file to use as its input, so you don't have to write even a line of script for the purpose).

Alex Martelli  2010-08-31 04:04:27
A: 

For my configuration files, I create a config.py-example and a config.py. config.py is ignored by the version control. When I deploy, I just copy config.py-example to config.py and update the passwords.

carl  2010-08-31 06:04:30
+6  A: 

You could also have an extra settings file which holds passwords and just import them in your main settings.py

For example:

settings.py

DATABASE_PASSWORD = ''

try:
   from dev_settings import *
except ImportError:
   pass

dev_settings.py

DATABASE_PASSWORD = 'mypassword'

And keep dev_settings.py out of revision control.

rebus  2010-08-31 06:33:20
This has the advantage that you can put other settings in here too: like DEBUG=True, for instance.
Matthew Schinckel  2010-08-31 06:50:08

related questions

How to have two remote orgins for Git?
Why is branching and merging easier in Mercurial than in Subversion?
Is there a better way of writing a git pre-commit hook to check any php file in a commit for parse errors ?
Bug tracker setup with Git integration?
Does git have anything like `svn propset svn:keywords` or pre-/post-commit hooks?
git-stash vs. git-branch
Git "bad sha1 file" error
Should I use GitHub+Fogbugz or Assembla?
How do you remove a specific revision in the git history?
How do you organise multiple git repositories?
What is the Difference Between Mercurial and Git?
How do I restore files to previous states in git?
Is there anything like TortoiseCVS and TortoiseSVN for git?
Good Git repository viewer for Mac
Deploying a Git subdirectory in Capistrano
How to "unversion" a file in either svn and/or git
How can I graph the Lines of Code history for git repo?
Switch branch names in git
Migrating to GIT
How can I set up an editor to work with Git on Windows?
How do you deal with configuration files in source control?
Undoing a git reset --hard HEAD~1
Version Control. Getting started...
Why is Git better than Subversion?
Distributed source control options