Restricted access to files with Git

Asked

Viewed 78 times

2

I’m recruiting new developers to work on a PHP project, and there’s a configuration file that contains all the keys to my clients' databases.

How can I make this new developer only have access to the connection to the development instance and not the production one?

php

1 answer

1


Let’s go by part.

First of all, it is not interesting files with sensitive data walk in versioning, for example settings could be made using this library: https://github.com/vlucas/phpdotenv

Now, if the configuration files go along with versioning, you may need to separate them. The configuration file for production, would be for example: config/production.php, this specific file you can use the Git-Crypt, so it can create the local configuration file, which should be in . gitignore and production is protected, sharing the key only with who can and with the servers.

https://medium.com/trainingcenter/protendo-dados-sens%C3%Adveis-com-git-crypt-9fca13e6835b

  • What does using phpdotenv have to do with separating the configuration files? This got confusing. The . gitignore I agree, another cool thing would be a "flag" to instead pull the production file would use a version for "development" with simple/common authentication data such as localhost, root, etc.

  • The phpdotenv library makes it easy to capture environment settings and use in the library, or even leave environment settings file .env in production, without the need to walk with settings file in versioning. Versioning is not for that.

  • Okay, but I’m not talking about versioning, and using or not using phpdotenv doesn’t necessarily have anything to do with solving the problem of the author of the question, but the way you wrote it leads you to understand this, which can confuse his head, you understand?

  • Yes, you have to fix yes. Because his problem is configuration files in versioning, which at first hurts the proposal. Now, this library can solve yes the source of the problem, now, if it does not want, read the full answer that suggested a second alternative.

Browser other questions tagged php

You are not signed in. Login or sign up in order to post.