36

在我的主目录中,我在本地 git 存储库中有文件,因为我想在版本控制下跟踪它们。

这些文件中的大多数我想推送到远程存储库,但有一些我只想保留在本地存储库中(它们包含轻度敏感信息)。

我怎样才能用 git 做到这一点?我可以配置一个“ .gitignore-for-push”文件吗?我不能使用本地.gitignore文件,因为它会将这些文件完全排除在跟踪之外。

ps:我知道问题Is there an exclude file-equivalent...,但答案是.gitignore我无法使用的路径。另一个问题Exclude specific files when push...仅回答 git+heroku 的特定情况,而不是单独的 git。

4

7 回答 7

41

您可以继续实际跟踪这些文件(不包含敏感信息),然后使用:

git update-index --assume-unchanged <file>

在每个文件上。然后您可以继续将敏感信息添加到每个文件,但 Git 不会看到文件已更改,并且不会尝试提交(并因此推送)该敏感信息。

要让 Git 再次更新信息,您可以使用:

git update-index --no-assume-unchanged <file>

于 2012-08-10T05:06:00.627 回答
14

这是不可能的。如果你已经提交了一个文件,那么它将被推送。推送操作仅对提交起作用,而不是基于文件。

但是你可以为你的敏感数据使用一个子模块,并将这个子模块保存在你的本地机器上,同时你将常规的 git 存储库推送到远程机器上。

于 2012-08-10T05:03:47.137 回答
7

我最终解决该问题的方法如下:将敏感信息放在具有自己的 git 存储库的子目录中,并将文件符号链接回旧位置。

E.g. in your home folder (~) lives the file .creds which you do not want in the public repository. Move this file in a sub folder called, say protected and create a symlink from ~ to protected/.creds. Of course, do not include this folder in your ~ repository , but create a new repository in the folder protected just to keep track of .creds. If you do not push this repository publicly at all, you are set.

I know this solution is kind of a cop out: My questions states that the file resides in the same directory, but the symlinking works for me.

于 2012-08-18T15:01:03.963 回答
6

Here git-update-index - Register file contents in the working tree to the index.

git update-index --assume-unchanged <PATH_OF_THE_FILE>

Example:-

git update-index --assume-unchanged somelocation/pom.xml

for more details.

于 2015-08-20T13:28:53.337 回答
0

只是不要提交要排除的文件。

例如,如果您有两个文件a并且b在本地存储库中,但您只想提交其中一个,请使用: git add a添加其中一个文件。然后提交git commit(不包括-a标志)

于 2012-08-10T05:04:36.010 回答
0

git update-index --skip-worktree directory/fileName.js

This would modify the index or directory cache. Each file mentioned is updated into the index and any unmerged or needs updating state is cleared. For more reference, you can go through the following URL. https://git-scm.com/docs/git-update-index

于 2020-12-24T07:40:33.060 回答
0

Might it be simplest to create a local branch, delete the sensitive files from that branch, then only ever push that branch to the remote repo? If they rarely change, when you merge locally they should stay deleted in the new branch without asking you to confirm. Plus having a branch specifically used for that remote push gives you a clear inventory of what you are pushing simply by looking at the file system contents without worry about whether a given file or folder is really a link or submodule etc.

于 2022-02-22T17:31:25.377 回答