.env.example and github repo

Published 1 year ago by xtremer360

I'm building an web app that will eventually be a pay per month use by companies so my code base I would like to keep private for right now. So far I have done my initial commit to my local repository master branch and created a development branch. Then I switched to the dev branch and did two changes with deleting the welcome view as well as changing the .env.example file to .env. as my second commit.

Next I started getting into the meat of my project and making 15 additional commits while still being on the development branch. However I had a conversation with a fellow Laravel developer that says even in the development branch I should include the .env.example file just so if I ever decide to have this repository be public then those developers will know what environment variables they'll need to include.

Is this really what I should do?

I ask this because in the video lessons I've seen from @JeffreyWay he immediately changes it to the .env file name. So I was seeking additional thoughts?

martinbean

@xtremer360 You should keep the .env.example in your repository, and never include your .env file populated with sensitive information such as database credentials and API keys.

The reason being, the .env.example file acts as a “blueprint” for your .env file so any developer who checks the repository out—no matter what branch—should be able to create an .env specific to their environment to be able to work with your project.

xtremer360

@martinbean Okay so that is very helpful. How can I go back to my second commit and update that commit so that it doesn't show that it was deleted.

Refringe

Here's how to search for and completely remove sensitive information (like your .env file) from your repo: https://help.github.com/articles/remove-sensitive-data/

I've used the BFG Repo-Cleaner that's mentioned at the bottom of the article. It works like magic.

xtremer360

@Refringe that's a good resource however doesn't answer my question exactly. I didn't say I wanted to just go through and remove the information. What I wanted to do is more git specific with amending or rebasing or something of that nature.

Refringe

@xtremer360: So to be clear, you want to go back in your repo's history and rewrite it so a file was never deleted?

xtremer360

@Refringe That is correct.

Refringe

@xtremer360: I'm sure there's a way to do that, but why? Do you expect yourself or others to specifically checkout the commits between when you deleted it and your current commit? Have you tagged commits in that time period? Made releases? If not, there's no reason to rewrite any history. Simply add it back in a new commit and merge it into all of your working branches. Good to go. =)

xtremer360

Or would it be okay to create a new repository then.

Refringe

@xtremer360: Sure, no problem there. But again, why? You're never going to have an absolutely perfect repo where anyone can checkout any commit in your history and expect fully functional code. It's just history, focus on the now. :D

Please sign in or create an account to participate in this conversation.