Jump to content

Exclude some sensitive files from .gitignore in Prestashop 1.7

MaXi32

By MaXi32
in Core developers

 Share

Recommended Posts

MaXi32 Contributor

MaXi32

Posted
Posted (edited)

Hello guys, just a quick question that I could not find it mention anywhere about building my .gitignore for sensitive data for Prestashop 1.7.8.1. I want to create a git repository for my current Prestashop and I only want to exclude sensitive information from the .gitignore like username, password or any PHP session files plus the /var/cache folder. For the rest, I want to include it if they do not contain sensitive data.

This is my current .gitignore that I think they contain sensitive information and cache that should be ignored to be pushed to git repository: 

/.htaccess

/app/config/parameters.yml

/app/config/parameters.php

/var

Is there any extra information that should be excluded in this list for example the session files .

Edited by MaXi32
changed title (see edit history)
Link to comment
Share on other sites
  • MaXi32 changed the title to Exclude some sensitive files from .gitignore in Prestashop 1.7
JulienPct Rising Star

JulienPct

Posted
Posted (edited)

Why do you want to version unnecessary files?

Let me explain: 

You can choose not to version sensitive files but why version the folders like: admin / vendor / etc...

These files are integrated in each version of PrestaShop, so an installation of a new Presta gives us these folders.

If you look at my example below, I think the best way is to exclude all folders / files and then allow some files, in my case the versioned files are : Child theme, override folder and my modules.

In case of big problem on the site requiring to reinstall a Presta or big change of the site directly, it's rare but you never know, we would just have to install a new Presta, put the .git in the httdocs and pull.

And, at least, you would be sure that there will be no sensitive data.

Translated with www.DeepL.com/Translator (free version)

image.png.d87b5bdc08eb1b7ccb32ff7557b66833.png

The screen above is only a part of my .gitignore

Edited by JulienPct (see edit history)
Link to comment
Share on other sites
MaXi32 Contributor

MaXi32

Posted
  • Author
Posted
2 hours ago, JulienPct said:

Why do you want to version unnecessary files?

Let me explain: 

You can choose not to version sensitive files but why version the folders like: admin / vendor / etc...

These files are integrated in each version of PrestaShop, so an installation of a new Presta gives us these folders.

Hey @JulienPct, I really appreciate your reply on this. Thank you very much. Now, I learned something new that the folders above will not get replaced when the new version get released (perhaps through 1-click update?). This is something that I hardly find in the documentation. But then I think, I have the reason why I should version everything because if something goes wrong with the site, (let say the backup restoration failed). I can use this git idea to restore my site. I can create an empty server then pull the git files into my servers and finally  just replace whatever sensitive files that I did not include before.

 

2 hours ago, JulienPct said:

In case of big problem on the site requiring to reinstall a Presta or big change of the site directly, it's rare but you never know, we would just have to install a new Presta, put the .git in the httdocs and pull.

 

The reinstallation thing is the reason why I don't want to experience when the site get deployed  unless it is easy to migrate the database... So, my plan was to version everything including dumping the database. I have a ready bash script that when I trigger a command it will dump the database and automatically use git command to commit my repo. So I got database + files version in one command. The only thing that I care is, since I place this files in private repo in github (as a backup), I should make sure that I ignore the sensitive files... as to prevent those GitHub employees spy on the authentication files just for fun.

 

2 hours ago, JulienPct said:

image.png.d87b5bdc08eb1b7ccb32ff7557b66833.png

The screen above is only a part of my .gitignore

Seems like from your list, you did not exclude sensitive files like password. If I use git only for local development I don't care about sensitive files but the reason is I also want to 'PUSH' it to private server. That's why I need to exclude sensitive files.

Link to comment
Share on other sites
JulienPct Rising Star

JulienPct

Posted
Posted
35 minutes ago, MaXi32 said:

Hey @JulienPct, I really appreciate your reply on this. Thank you very much. Now, I learned something new that the folders above will not get replaced when the new version get released (perhaps through 1-click update?). This is something that I hardly find in the documentation.

Precisely, these files are replaced only by using new versions but never otherwise (if I don't say anything stupid).
 

36 minutes ago, MaXi32 said:

But then I think, I have the reason why I should version everything because if something goes wrong with the site, (let say the backup restoration failed). I can use this git idea to restore my site. I can create an empty server then pull the git files into my servers and finally  just replace whatever sensitive files that I did not include before.

This is the same as if you only saved your modules, themes and overrides.

Just install a Presta and pull, however you don't "clutter" yourself with folders that won't change and are therefore useless to version.

Also, if you choose to version some Presta core files while others are not, how are you going to do if the problem comes from one of those unversioned files?

 

41 minutes ago, MaXi32 said:

The reinstallation thing is the reason why I don't want to experience when the site get deployed  unless it is easy to migrate the database

I think Presta is one of the easiest CMS to migrate. There are 1 or 2 modifications in the parameter.php and 1 in the DB

 

45 minutes ago, MaXi32 said:

Seems like from your list, you did not exclude sensitive files like password. If I use git only for local development I don't care about sensitive files but the reason is I also want to 'PUSH' it to private server. That's why I need to exclude sensitive files.

My room is linked directly to my online testing site.

I go through 3 steps: Local site -> Test site -> Production site

When I finish a code modification, I push on my repository and via Rundeck, I apply a kind of pull on the test site.

Moreover, I necessarily delete the sensitive files because at the beginning I exclude all the files : "/*"
Then I put exceptions only for my child theme, my overrides and my personal modules

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...