Using github to host public git repositories whilst ensuring that sensitive data files remain untracked

Question

My app is hosted on Heroku and I have a public github repo too.

My app has a config file containing my amazon S3 credentials. It\'s important to ensure that the fil

Answer 1

If you use a branch named heroku as your "alternative master" branch (with sensitive data) and your old master branch without the sensitive data, then you could always do

git merge master

So you can push heroku branch to heroku not the master branch.

Answer 2

in SVN this is called 'ignoring files' so I assume it will be something similar in GIT - I don't use GIT so don't quote me on this, but I've found this reference on the GITHub website:

http://github.com/guides/ignore-for-git

Hope that helps

Answer 3

You could maybe move the "dangerous" files away from git entirely - eg have them in ~/.yourapp or something like that. (that doesn't really answer the question directly but its what lots of software does - .fetchmail, .ssh, ...) and would permit other users to do the same.

Answer 4

But this causes the s3.yml and gitignore files from the master branch to get copied into the github branch

You can avoid that with a custom merge driver which will make sure to the .gitignore file of the github branch will always retain its content over the one merged from master.

See How do I tell git to always select my local version for conflicted merges on a specific file?