在Git中隐藏API密钥的正确方法 [英] Proper way to hide API keys in Git

问题描述

在我的C#项目中，有APIKeys.cs文件，该文件包含带有API密钥的const字符串. 我希望这些字符串在Git服务器中为空，但在本地计算机中具有实际的API密钥. 因此，拉项目的人们可以毫无问题地对其进行编译，而我的本地计算机仍将在同一文件中具有API密钥.

In my C# project have APIKeys.cs file which have const strings with API keys. I want those strings to be empty in Git server but have actual API keys in my local computer. So peoples who pull project can compile it without problem and still my local computer gonna have API keys in same file.

如果我尝试上传带有空字符串的APIKeys.cs文件，那么我将无法获得带有API密钥的本地文件，因为当我尝试推送它时，它将覆盖空的APIKeys.cs文件.同样，我也不能忽略此文件，因为它将从Git服务器中删除空的APIKeys.cs文件.

If I try to upload APIKeys.cs file with empty strings then I can't have local file with API keys because when I try to push it, it will overwrite empty APIKeys.cs file. Also I can't ignore this file too because it will remove empty APIKeys.cs file from Git server.

那么对这个问题最好的自动化方法是什么，它将允许类文件在服务器中包含空字符串，因此当人们将其拉出并在本地计算机中具有真实的类文件时，项目将是可编译的?

So what is best automated approach for this problem which will allow class file with empty strings in server, so project will be compileable when people pull it and have real class file in local computer?

推荐答案

我现在想出了另一种解决方案，它虽然不完美，但对我来说仍然足够好，例如:

I figured another solution now which is not perfect but still good enough for me, example:

APIKeys.cs文件:

public static partial class APIKeys
{
    public static readonly string ImgurClientID = "";
    public static readonly string ImgurClientSecret = "";
    public static readonly string GoogleClientID = "";
    public static readonly string GoogleClientSecret = "";
    public static readonly string PastebinKey = "";
    ...
}

APIKeysLocal.cs文件:

public static partial class APIKeys
{
    static APIKeys()
    {
        ImgurClientID = "1234567890";
        ImgurClientSecret = "1234567890";
        GoogleClientID = "1234567890";
        GoogleClientSecret = "1234567890";
        PastebinKey = "1234567890";
        ...
     }
}

忽略Git中的APIKeysLocal.cs文件，如果没有此文件的人将其从解决方案资源管理器中删除，仍然可以编译项目.

Ignore APIKeysLocal.cs file in Git and people who don't have this file can still be able to compile project if they remove this file from solution explorer.

如果使用项目预构建事件尚不存在空的APIKeysLocal.cs文件，我也会自动创建该文件:

I also automatically create empty APIKeysLocal.cs file if it is not already exists using project pre build event:

cd $(ProjectDir)APIKeys\

if not exist APIKeysLocal.cs (
    type nul > APIKeysLocal.cs
)

这样，用户无需执行任何操作即可编译项目.

That way user don't need to do anything to be able to compile project.

这篇关于在Git中隐藏API密钥的正确方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！