You are viewing a single comment's thread from:

RE: Hive Comments: I Built A Web App Using HiveSQL And Streamlit - All In Python

in LeoFinance3 years ago

I made the github repo to the code private because it was leaking the private credentials. I am just learning how these things work. If you need the code I will be happy to share. To make the github repo public I need to learn how to secure sensitive data first.

This is a very common issue, in fact there has been a few issues with private keys. I had one person who had over 50,000 liquid Hive exposed on Github back in the Steem days.

Anyway, the best practice is structuring your app like this.

Config File

  • Put a config.js/config.yml into your project
  • Add the config file to your .gitignore
  • Store all secrets in the config file

Env variables

  • Use environment variables for secrets
  • If using a script to launch and set env var, add it to .gitignore

Either of these two solutions will prevent leaking secrets to GitHub.

Seeing as you likely (I haven't seen your code) put secrets in your core files, you can't scrub your Git repo to just remove that file from the history. Seeing as this is a small project, I would remove the .git folder and just fix your problem then make a new repo.

If you need the history, it gets a lot more complicated.

Posted Using LeoFinance Beta

Sort:  

Awesome. Thank You. I will try these options.