Sunday 22nd Sep 2013

I’ve been making some baby steps using github. One issue I’ve faced is what’s the best way to push projects that have sensitive data such as usernames, passwords and API keys inside.

I found a post on stack exchange which seemed a simple workflow. Here’s the gist:

  1. Put all the userinfo into a single file (eg: userinfo.py).
  2. Make a copy of this file with a ‘default_’ prefix.
  3. Ensure your data is stripped out of this file, and only placeholders remain.
  4. Add your ‘userinfo’ to the .gitignore file to ensure it’s not pushed into the remote repository in future updates.
  5. Then leave instructions for users to rename the file when they download the repo.