How to push code to Github hiding the API keys?

git github api-key
Sreeram TP picture Sreeram TP · Jun 3, 2017 · Viewed 29.9k times · Source

I want to push some codes to my GitHub Repository. These codes are in different languages like Javascript, Java, Python etc. Some of those codes contain some private API key that I don't want to publish.

Is there any way to hide the keys automatically.? Should I remove it from my code manually.?

There are many projects that I want to push to GitHub. So, manual removal is not a good option.

Answer

Przemysław Zalewski picture Przemysław Zalewski · Jun 3, 2017

You should consider using .env files and read the keys from the environmental variables. How to do so depends on the language and tools you use (for node.js, php, etc.).

You can exclude .env file from commits by adding .env to the .gitignore. You can also upload an example configuration .env.example with dummy data or blanks to show the schema your application requires.

Related questions

How can I determine the URL that a local Git repository was originally cloned from?

I pulled a project from GitHub a few days ago. I've since discovered that there are several forks on GitHub, and I neglected to note which one I took originally. How can I determine which of those forks I pulled?

Read More
Git pull a certain branch from GitHub

I have a project with multiple branches. I've been pushing them to GitHub, and now that someone else is working on the project I need to pull their branches from GitHub. It works fine in master. But say that someone …

Read More
How to remove a directory from git repository?

I have 2 directories on my GitHub repository. I'd like to delete one of them. How could I do that without deleting and re-creating entire repository?

Read More