Git：忽略公共存储库的文件，但不要私人存档 [英] Git: Ignore files for public repository, but not for private

问题描述

我通过git在Heroku上部署了一个Rails应用程序（现在），并且还希望有一个供人们查看的公共版本。有些文件很敏感，只能在heroku分支中提交并推送，而不是公共分支。 最好的方法是什么？

（I do 了解Heroku的配置变量，它是作为一个临时的解决方案非常棒，但是当我需要切换主机的时候并不好玩。）

这两个分支不需要随时同步 - 好吧，定期合并主分支到公共分支并分别推送给github。

我尝试了各种各样的东西：

• 单独的 .gitignore 文件和我们的合并策略 - 这不起作用首先，在弄了一段时间之后，我认为它变得太复杂了，以至于我可以用一个自定义的<$ c来实现一个看似简单的任务




• $ c> exclude 文件，并将以下内容添加到 .git / config ...这根本行不通：

.git / config

  [分支public] 
 excludesfile = + info / exclude_from_publi c 
  

让私有和公共存储库共享相同代码的最佳方式是什么？但忽略公共存储库中的敏感文件？

您可以假定没有代码被提交或推送，即这是一个刚刚初始化的存储库。 p>

（这个问题以前已经以各种形式提出过，但没有一个答案是直截了当的，或者答案似乎真的很糟糕。我只是在这里以一种非常简单的方式提出这个问题，并希望得到一个非常简单的回答。）

第二个子模块的答案，但尝试提供一些澄清。首先，git不处理文件，而是提交。没有办法过滤分支中的文件或路径，因为分支实际上是指向提交的指针。当你排除或忽略你只是让文件被添加到你的存储库。没有任何敏感文件文件甚至在存储库中，就在您的工作目录中。

子模块只是存储在存储库中的另一个存储库的引用，检出存储库的特定提交正在进行跟踪。你可以使用

 来更新  

为了简化，您可以在指向子模块路径的适当位置提交符号链接。

  ln -sf sensitive-files / shadow passwd 
  

然后像任何其他文件一样添加符号链接。

请记住，子模块只是一个签出的git存储库，您可以轻松地限制对该实际存储库的访问并使主一个公众。

更新：

对不起，我错过了通知，如果您仍在处理此问题。

您可以在引用专用存储库（子模块）的私有存储库中拥有多个符号链接，该子存储库位于子目录中。每个数据库或Rails实例使用的任何成为该私有子目录的符号链接。

另外，您不需要远程指向到私有存储库，只需在.gitmodules文件中由 git submodule 自动维护的条目。您仍然需要保护私有存储库，以便只有您的Heroku实例可以访问它。为此，我会建议在服务器上安装gitosis，或者使用其他私人git托管解决方案。将与您的实例私钥匹配的公共ssh密钥添加到允许的用户列表中。 （我不熟悉如何在Heroku中执行此操作。）

当您将更改推送到heroku时，它应该递归下载存储库中提到的所有子模块。 / p>

I'm deploying a Rails app on Heroku (for now) via git, and would also like to have a public version for people to look at. Some files are sensitive and should only be committed and pushed in the "heroku" branch, but not the "public" branch. What is the best way to go about this?

(I do know about Heroku's Config variables, which is great as a temporary solution, but not fun if and when I need to switch hosts.)

The two branches don't need to be synced at all times - I'm okay with periodically merging the "master" branch into the "public" branch and pushing it to github separately.

I have tried various things:

• separate .gitignore files and an "ours" merge strategy - this didn't work at first, and after messing with it for a while I decided it was getting too complicated just so I could achieve a seemingly simple task

• using a custom exclude file, and adding the following to .git/config... this simply did not work:

.git/config

[branch "public"]
  excludesfile = +info/exclude_from_public

What is the best way to have a private and public repository share the same code, but ignore sensitive files in the public repository?

You can assume that no code has been committed or pushed, i.e. this is a freshly initialized repository.

(This question has been asked before in various forms, but none of the answers were straight-forward or the answers seemed really hacky. I'm just here to ask this in a very simple manner, and hopefully receive a very simple response.)

解决方案

I will second the submodule answer, but try to provide some clarification. First, git does not deal with files but with commits. There is no way to filter files or paths in a branch because a branch is really a pointer to a commit. When you exclude or ignore you are just keeping files from being added to your repository. none of the 'sensitive files' files are even in the repository, just in your working directory.

The submodule is just a reference to another repository stored in your repository, and a specific commit that that checked out repository is tracking. you can say update using

git submodule update --recursive sensitive-files

In order to simplify things, you can commit symlinks in the proper place pointing to the submodule path.

ln -sf sensitive-files/shadow passwd

Then add the symlink as you would any other file..

Remember the submodule is just a checked out git repository, you can easily restrict access to that actual repository and make the main one public.

Updated:

Sorry I missed the notification, if you are still working on this.

You can have multiple symlinks in your private repository referencing the private repository (submodule) which is checked out in a subdirectory.Each of the databases or whatever used by the Rails instance could be a symlink into that private subdirectory.

Also, you don' t need a remote pointing to the private repository, just an entry in the .gitmodules file which is maintained automatically by git submodule. You would still need to protect the private repository so that only your Heroku instance could access it. For that I would suggest installing gitosis on a server if you can or use some other private git hosting solution. Add the public ssh key matching your instances private key tothe list of allowed users. (I'm not familiar with how to do this in Heroku.)

When you push your changes to heroku it should recursive download all the submodules mentioned in the repository.

这篇关于Git：忽略公共存储库的文件，但不要私人存档的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！