Git:忽略公共存储库的文件,但不忽略私有存储库 [英] Git: Ignore files for public repository, but not for private
问题描述
我正在通过 git 在 Heroku 上部署 Rails 应用程序(目前),并且还希望有一个公共版本供人们查看.一些文件是敏感的,应该只在heroku"分支中提交和推送,而不是公共"分支.解决此问题的最佳方法是什么?
I'm deploying a Rails app on Heroku (for now) via git, and would also like to have a public version for people to look at. Some files are sensitive and should only be committed and pushed in the "heroku" branch, but not the "public" branch. What is the best way to go about this?
(我确实知道 Heroku 的 Config 变量,这是一个很好的临时解决方案,但在我需要切换主机时并不好玩.)
(I do know about Heroku's Config variables, which is great as a temporary solution, but not fun if and when I need to switch hosts.)
这两个分支不需要一直同步——我可以定期将master"分支合并到public"分支并分别推送到 github.
The two branches don't need to be synced at all times - I'm okay with periodically merging the "master" branch into the "public" branch and pushing it to github separately.
我尝试了各种方法:
单独的
.gitignore文件和我们的"合并策略 - 这起初不起作用,在弄乱了一段时间后我认为它变得太复杂了我可以完成一个看似简单的任务
separate
.gitignorefiles and an "ours" merge strategy - this didn't work at first, and after messing with it for a while I decided it was getting too complicated just so I could achieve a seemingly simple task
使用自定义 exclude 文件,并将以下内容添加到 .git/config... 这根本不起作用:
using a custom exclude file, and adding the following to .git/config... this simply did not work:
.git/config
.git/config
[branch "public"]
excludesfile = +info/exclude_from_public
让私有和公共存储库共享相同代码但忽略公共存储库中的敏感文件的最佳方法是什么?
您可以假设没有提交或推送任何代码,即这是一个新初始化的存储库.
You can assume that no code has been committed or pushed, i.e. this is a freshly initialized repository.
(这个问题之前曾以各种形式被问过,但没有一个答案是直截了当的,或者答案看起来真的 hacky.我只是在这里以一种非常简单的方式提出这个问题,并希望得到一个非常简单的回复.)
(This question has been asked before in various forms, but none of the answers were straight-forward or the answers seemed really hacky. I'm just here to ask this in a very simple manner, and hopefully receive a very simple response.)
推荐答案
我将支持子模块的答案,但尝试提供一些说明.首先,git 不处理文件,而是处理提交.无法过滤分支中的文件或路径,因为分支实际上是指向提交的指针.当您排除或忽略时,您只是在阻止文件被添加到您的存储库中.任何敏感文件"文件都不在存储库中,仅在您的工作目录中.
I will second the submodule answer, but try to provide some clarification. First, git does not deal with files but with commits. There is no way to filter files or paths in a branch because a branch is really a pointer to a commit. When you exclude or ignore you are just keeping files from being added to your repository. none of the 'sensitive files' files are even in the repository, just in your working directory.
子模块只是对存储在您的存储库中的另一个存储库的引用,以及检出存储库正在跟踪的特定提交.你可以说更新使用
The submodule is just a reference to another repository stored in your repository, and a specific commit that that checked out repository is tracking. you can say update using
git submodule update --recursive sensitive-files
为了简化事情,您可以在指向子模块路径的适当位置提交符号链接.
In order to simplify things, you can commit symlinks in the proper place pointing to the submodule path.
ln -sf sensitive-files/shadow passwd
然后像添加任何其他文件一样添加符号链接..
Then add the symlink as you would any other file..
请记住,子模块只是一个检出的 git 存储库,您可以轻松限制对该实际存储库的访问,并将主存储库设为公开.
Remember the submodule is just a checked out git repository, you can easily restrict access to that actual repository and make the main one public.
更新:
抱歉,我错过了通知,如果您仍在处理此问题.
Sorry I missed the notification, if you are still working on this.
您的私有存储库中可以有多个符号链接,引用在子目录中检出的私有存储库(子模块).每个数据库或 Rails 实例使用的任何内容都可以是指向该私有子目录的符号链接.
You can have multiple symlinks in your private repository referencing the private repository (submodule) which is checked out in a subdirectory.Each of the databases or whatever used by the Rails instance could be a symlink into that private subdirectory.
此外,您不需要指向私有存储库的远程,只需要 .gitmodules 文件中的一个条目,该文件由 git submodule 自动维护.您仍然需要保护私有存储库,以便只有您的 Heroku 实例可以访问它.为此,如果可以的话,我建议在服务器上安装 gitosis 或使用其他一些私有 git 托管解决方案.将与您的实例私钥匹配的公钥 ssh 密钥添加到允许的用户列表中.(我不熟悉如何在 Heroku 中执行此操作.)
Also, you don' t need a remote pointing to the private repository, just an entry in the .gitmodules file which is maintained automatically by git submodule. You would still need to protect the private repository so that only your Heroku instance could access it. For that I would suggest installing gitosis on a server if you can or use some other private git hosting solution. Add the public ssh key matching your instances private key tothe list of allowed users. (I'm not familiar with how to do this in Heroku.)
当您将更改推送到 heroku 时,它应该递归下载存储库中提到的所有子模块.
When you push your changes to heroku it should recursive download all the submodules mentioned in the repository.
这篇关于Git:忽略公共存储库的文件,但不忽略私有存储库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
