Let’s go by part.
First of all, it is not interesting files with sensitive data walk in versioning, for example settings could be made using this library: https://github.com/vlucas/phpdotenv
Now, if the configuration files go along with versioning, you may need to separate them. The configuration file for production, would be for example: config/production.php
, this specific file you can use the Git-Crypt
, so it can create the local configuration file, which should be in . gitignore and production is protected, sharing the key only with who can and with the servers.
https://medium.com/trainingcenter/protendo-dados-sens%C3%Adveis-com-git-crypt-9fca13e6835b
What does using phpdotenv have to do with separating the configuration files? This got confusing. The . gitignore I agree, another cool thing would be a "flag" to instead pull the production file would use a version for "development" with simple/common authentication data such as localhost, root, etc.
– Guilherme Nascimento
The phpdotenv library makes it easy to capture environment settings and use in the library, or even leave environment settings file
.env
in production, without the need to walk with settings file in versioning. Versioning is not for that.– juniorb2ss
Okay, but I’m not talking about versioning, and using or not using phpdotenv doesn’t necessarily have anything to do with solving the problem of the author of the question, but the way you wrote it leads you to understand this, which can confuse his head, you understand?
– Guilherme Nascimento
Yes, you have to fix yes. Because his problem is configuration files in versioning, which at first hurts the proposal. Now, this library can solve yes the source of the problem, now, if it does not want, read the full answer that suggested a second alternative.
– juniorb2ss