2

I felt a little bit confused about .gitignore. Here's the thing, I developed in Rails, and I don't want the secrets.yml and database.yml to be uploaded into Github.

I thought that I only need to edit these two file on the AWS EC2, so I add them into .gitignore.

Then I run 

git rm --cached secrets.yml database.yml

to clean my git track file status.

Therefore, these two file are still in the folder, but they can't be added into git track list.

However, I found out when I checkout other branch and then come back. These two files will disappeared, what happened?

rj487
  • 4,476
  • 6
  • 47
  • 88
  • 3
    It's because they're still being tracked in the other branches. You'll probably want to rewrite your history with `git filter-branch` to purge those files. – Jeff Puckett Oct 26 '16 at 17:43
  • So if I update every branch, it will solve this queatio. – rj487 Oct 26 '16 at 23:57
  • Perhaps, but you should know that it will always be available in history, so if you checkout an older commit, then it will disappear when you switch back to master. Plus if it's publicly available repository, anyone can view it – Jeff Puckett Oct 27 '16 at 01:11
  • Oh, I knew that, I just don't want others edit the file to affect on EC2. – rj487 Oct 27 '16 at 06:56

2 Answers2

2

Git stores these files for each branch individually. So you could have the same files with different contents on many branches. You can also have the files on one branch and have them removed from another branch (which is probably what you currently have).

In case you already pushed your files to Github, the secrets are already public and should be changed ASAP. Do not just remove the files, you can never be sure nobody copied them!

As mentioned in the comments, you can filter-branch the files out and force-push the repository, but this would break some things if there are other people who have checked out the repository. I'd rather remove the file from all branches using git rm --cached and push the branches to keep a stable history and change the secrets.

You can remove the files automatically from all branches:

for branch in $(git for-each-ref --format='%(refname)' refs/heads/); do
    git checkout "$branch"
    git rm --cached config/secrets.yml config/database.yml
    git commit -m 'Remove secrets.yml'
done
echo "Remember to git push"

If you haven't pushed the branches yet, you can filter the files out (taken from this answer):

git filter-branch --index-filter 'git rm --cached --ignore-unmatch config/secrets.yml config/database.yml' --all
Community
  • 1
  • 1
das_j
  • 4,444
  • 5
  • 31
  • 47
0

Filter branch works well but is pretty non intuitive and slow at scale. I.e a lot of commits.

GitHub recommends: https://rtyley.github.io/bfg-repo-cleaner/

Luke Exton
  • 3,506
  • 2
  • 19
  • 33