I'm new to git and github and would like to know how to git push login-credentials.php without Username and Password in it.
Suppose, there are just two files on local repository and index.php will include ("login-redentials.php");:
index.php
login-credentials.php
When using git push origin master, both files will be pushed to github. In this case, USERNAME and PASSWORD will be made published.
What is the best way to remove login credentials from login-credentials.php BEFORE using git push? - I could not find a best practice for this use case in git documentation.
If you want to totally ignore the files, you should add them to your .gitignore.
If you wish to "hide" only the credentials, that depends on your deployment and your build process. One way is using a vault (again, depending on your system).
Another option would be reading credentials from some environment variable, that'll be set in a secured manner somewhere else.
Related
As you can probably tell, I am new to Magento2 and I am trying to figure out some of the basics. I'm a full-stack developer that is use to developing (frontend and backend) myself then using docker and finally hosting it on an AWS:S3/EC2 or AWS: Elastic Beanstalk. With that said, Magento seems like a completely different beast to conquer.
I have a family member who is wanting me to do some basic frontend stuff for their website (such as changing Navbar design and a potential home page overhaul later on), naturally wanting to help them out I agreed to have a look and see what I can do. I have access to their Magento 2 dashboard area and have been looking around with no sure luck thus far. I have researched online that Magento 2 allows for a "Page Builder" or a "WYSIWYG" type functionality. But I am unable to use these types of tools because my family member had the website built by a Magento 2 developer firm awhile back and everything is coded manually and could cause problems if using one of the above mentioned tools. Due to this I am trying to get access to their site directory so that I can go in and make the necessary changes and upload the files. But I am really struggling on how to access the codebase.
I have read that an admin needs to send me the code??? Or grant me access to the code or something along those lines? I do have the host, port, root, username, password, etc. for the live server but still having trouble.
Any help would be greatly appreciated.
You need to use ssh to access the server
ssh user#host -p port
After you get into the server, you should set up a git repository in the project root and push the code from the server to the repository, then clone the repo to your local environment.
From there on, it's the normal development flow. You can use a clean database with sample data or you can dump the db from the live env and use it on your local env, but this will require some changes in the db after the import.
Detailing all the steps required to do this task would take forever and would cover a lot of different issues/steps.
"I have read that an admin needs to send me the code???"
Not sure what you mean by this, but a Magento admin is just a user on the backend side of the website. He does not have access to any code.
A git repository admin(probably previous dev) could grant you access to the code repository, but this doesn't seem like an option.
I am developing a laravel application and have a test server setup to show the demo to client. How i get the code in server is I push the code to github and login to server and pull the code there and run.
Is there an automated way of doing this? I looked at continuous integration/delivery and it seemed to be dealing with testing the code?
You can make it by using webhook
To get git pull to run on the server every time there is a commit, can be achieved by using Webhooks.
On GitLab go to Settings -> Integrations
Enter a url to your server and a file to handle the webhook for this tutorial I will create a file called gitlab.php to the url will be
http://example.com/gitlab.php
Enter your url ensure push events is tickets and click Add Webook.
Now head over to your server and create a php file on the server.
touch gitlab.php (you can name it anything but it much match the webhook on GitLab)
As the file created won’t have the right permissions change it with chmod
chmod 644 gitlab.php
Now edit the file with vim:
vi gitlab.php
Press i to go into edit mode
Type:
git pull
Then press escape to go into read mode then save and exit by pressing : then type wq and enter.
By using backticks in the file the server will treat the file as a bash script.
Alternatively, you can use system_exec(‘git pull’)
Now make a change on GitLab and the change will be pushed to your server automatically.
Using rsync
1) You could rsync the code directly from your instance to the customers server:/path/
Example:
rsync -avz yourwebfolder/ user#customerserverip:/var/www/
Using CI/CD
2) You can also push to Github or Gitlab and have a CI/CD which may run tests, and if they pass, to push directly to the customer's server, (for which you would need to setup ssh keys between the git build and the customer's server)
Testing of the code is always optional but also always preferable. So you can do a CI/CD without any testing..
How To CI/CD
If your repository is on Github go to it and then click on Actions, and there you can setup workflows.. There are tutorials online on how to set it up, here's one exampe tutorial.
Gitlab has similar CI/CD section, where you can create a .gitlab-ci.yml file in the root of the project, and add the instructions there.
Create an SSH key in the server and add that the public key to github. Once you have done that, you do not need to login to push or pull.
Creating public and private key
http://lunar.lyris.com/help/lm_help/12.0/Content/generating_public_and_private_keys.html
Adding keys to github
https://help.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account
I've a tricky problem in my project. I have an application runs on VDS. I installed this application with git and composer. This project have git repository just like local one.
I'm trying to make an auto updater bot.This bot is going to get last commit/tag from gitlab and fetch it.
I can use nodejs or php cron job to do.
But git pull command asks for my username and password.
I cant install php_expect extension. Tried this yuloh/expect library but it didn't catch username input.
So here is my question:
How and which method should i implement for run this git pull command and pass username and password?
Solved
For getting new updates...
git pull https://username:password#gitprovider/vendor/repository "version_code":"version_code"
For merging updates with the end-user application.
git merge "version_code":master
this two together completely updates app with new version.
About password protection, we'r going to use ioncube for cron file.
if I fully understanded your question you can try this:
you can put the password in .netrc file (_netrc on windows). From there it would be picked up automatically. It would go to your home folder with 600 permissions.
you could also just clone the repo with https://user:pass#domain/repo but that's not really recommended as it would show your user/pass in a lot of places...
a new option is to use the credential helper. Note that credentials would be stored in clear text in your local config using standard credential helper. credential-helper with wincred can be also used on windows.
Usage examples for credential helper
git config credential.helper store - stores the credentials indefinitely.
git config credential.helper 'cache --timeout=3600'- stores for 60 minutes
For ssh-based access, you'd use ssh agent that will provide the ssh key when needed. This would require generating keys on your computer, storing the public key on the remote server and adding the private key to relevant keystore.
TL;DR: Is there a way to use PHP to my advantage so I can serve some stylesheets and javascripts from a private github repository for testing purposes before going live?
The full story:
I have a new, private git repository with a master branch and two sub-branches. My idea is for my fellow developer and I to push our changes to our respective sub-branches, and then add a query string variable to our PHP-based web app to tell it to serve stylesheets and javascripts from github.
For example something like:
Switch to your branch in Atom
Make some changes
Push and commit those changes
Go to a URL like "example.com/MyApp.php?User=Me"
MyApp.php will see the "User" query string var, and will prefix the necessary stylesheets and javascripts with a URL so they load directly from github
We can test Myapp.php and make sure we're happy, and then merge our changes with the master branch.
FTP our local changes to our live site
I like the idea of doing it this way because I can have one local set of files, which we only ever FTP to one spot on the live site, and only after the above steps have been completed. I don't have to worry about one of us accidentally FTPing to the live site instead of some testing folder or something, because during testing we'll only do github pushes, leaving the live site unchanged. Meanwhile, github will keep a nice history of versions etc if we need to backtrack for some reason. I have no plans to use github as an ongoing host or cdn. Once we're happpy with the changes and we've merged with master, we'll proceed to FTP the files to our live site, which will always serve from its own local directory.
Unfortunately there are two problems with this:
Github specifically doesn't allow hotlinking, hence sites like rawgit.com
I can't use rawgit since this is a private repository
So that brings me to the TL;DR. Is there some way I can use PHP to authorize my script so it can serve files from github? Maybe it can get a token or something? I suppose I can be really hacky and use cURL to simulate a login, grab some auth tokens and tack them on to URLs like raw.githubusercontent.com/....../java.js?token=.... But ugh, there must be a better way.
Alternatively is there a better way to go about our workflow? Keeping in mind I'd really like to avoid something like "during testing, FTP your files up to the dev folder, but during production, FTP them up to the live folder" - I feel like this is just asking for trouble.
We have the following setup - remote repository with gitlab gui.
Our webserver is located on another server and we have ssh access to it. We also have local copies of our dev site, our git setup right now just push to the repo in gitlab.
My goal is to automate the process and on every push to gitlab repo to update the server dir with latest changes.
I saw that for this purpose we should use webhooks or deploy keys. I want to avoid using cron job.
I created a bash script which performs git pull after certain php file is accessed.
However when I placed the url to this php file in webhook section in gitlab, nothing happened.
If I access the file manually by typing url in address bar it works ok.
When I try to test the hook I get 500 error and timeout.
Any recommendations how to improve this process or where Im going wrong ?
The webhook does not just sends a get request to the provided URL, it also sends its data as JSON in raw data.
Can your script handle that?
Have a look at gitlab-webhook-push.php
The actual issue was that gitlab was not able to access our domain and was leading to timeouts, of course sys admins decided to restrict the access from external sources without notifying. Also it is good to mention that JSON raw data can be used for more complex solutions which is pretty nice.