Ignoring a local file is deleting the depot file

64 Views Asked by At

I am using smartgit with github.

I have a config.json file on my remote github depot, with hidden passwords, at the root of the app .

I need to keep a different config.json file on my local depot, with real passwords.

As long as I try to ignore config.json locally, sometimes , it is still recorded as 'modified' enter image description here

Some others times, when it finally gets ignored, by right clicking/ignore, It says 1'staged' , config.json finally gets deleted from Github when pushing the commit, I don't understand why: enter image description here

THis is my .gitignore file :

.DS_Store
/config.json
config.json
node_modules
/uploads
/node_module
/dist

# local env files
.env.local
.env.*.local

# Log files
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# Editor directories and files
.idea
.vscode
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?

My config.json file , with blank that I need to leave as this on Github, because Heroku needs it :

{
    "localhost_db": "mongodb://localhost:27017/",
    "mongoDb_atlas_db": "mongodb+srv://jose:[email protected]/vue-starter-webpack?retryWrites=true&w=majority",
    "dev": false,
    "db_name": "vue-starter-webpack",
    "ftp_config": {
        "host": "ftpupload.net",
        "user": "epiz_26763901",
        "password": "x",
        "secure": false
    },
    "node_file_path": "./tmp/files/",
    "cloudinary_token": {
        "cloud_name": "ddq5asuy2",
        "api_key": "354237299578646",
        "api_secret": "x"
    },
    "logs_path": "tmp/logs/logs.txt"

}

Is there any workaround ? I have tried plenty of things already. What does "staged" means ? How can I keep a different version of file on github and locally ?

EDIT : I am trying out this command, it seems to work ! :

git update-index --assume-unchanged config/database.yml

Ignore modified (but not committed) files in git?

1

There are 1 best solutions below

0
On

I have a config.json file on my remote GitHub depot, with hidden passwords, at the root of the app.

That... is not a good practice. If that file (config.json) contains any sensitive information, it should not be added/committed, but explicitely ignored.

What you can commit is config.json.tpl, a template file (which is essentially what your config.json is right now)

From there, you could generate the right config.json file locally, and automatically on git clone/git checkout.

The generation script will:

  • search the right passwords from an external secure referential (like a vault)
  • replace the placeholder value in config.json.tpl to generate the right config.json

For that, do register (in a .gitattributes declaration) a content filter driver.

smudge (image from "Customizing Git - Git Attributes", from "Pro Git book")

The smudge script will generate (automatically, on git checkout or git switch) the actual config.json file as mentioned above.
Again, the generated actual config.json file remains ignored (by the .gitignore).

See a complete example at "git smudge/clean filter between branches".