问题
For sensitive data such as aws keys or password, I put them to files which is in .gitignore to make sure it is not committed to git. However, when keys are going to be used when scripts are running, what should I do? Manually add key content in a file before running? What if the program need to be triggered periodically by Jenkins?
Can anyone help me with this?
回答1:
Manually add key content in a file before running?
That is the general idea: sensitive information should not be in a Git repo, but in an external referential, like a Vault.
Once you have a script able to extract that information from a vault, you could call that script automatically on checkout through a git content filter driver.
来源:https://stackoverflow.com/questions/48727991/what-if-i-want-to-use-files-in-gitignore