4. Using a .gitignore#
What is a .gitignore, and why do you use one?
4.1. Overview#
A .gitignore is a file, title .gitignore, put in the main directory of your project to ignore certain files and not include them in your final repositories. These can be compiled object files like .o files, whole directories, or .env files that can’t be pushed for security reasons. Or because they contain data that may not need to be stored. For instance, it’s best practice to not commit the outputs of your programs, only the source code. This is why .gitignores can come in handy!
Image Source: https://www.designveloper.com/blog/how-gitignore-works/
Here’s an example .gitignore from github/gitignore for java programs:
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
replay_pid*```
…and here’s another one from the same repo for python programs that’s been slightly edited for conciseness
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage.*
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# Environments
.env
.venv
env/
venv/
# Spyder project settings
.spyderproject
.spyproject
Based on the code you’re building and running, you may include different things in your code. Python is a language that often uses different libraries, so using the lines:
#Environments
env/
venv/
ENV/
env.bak/
venv.bak/
Would make more sense than adding it to a .gitignore for a project done entirely in Java, because you’d be far more likely to be using a virtual environment running python code rather than java code.
Depending on your needs, what you’re running, what it produces, and how it builds, you can customize your .gitignore to make sure you’re not commiting anything you don’t want to be, which ensures a clean, easy-to-navigate repository.
4.2. Using .gitignores with API keys#
API keys should not be published to public repositories, so they are often stored in .env files. These .env files can be stored in a .gitignore by using a single line that just looks like
.env
This keeps you from commiting secret keys to the public, which is really important to not leak important information to public repositories! Here’s an example to help visualize the process:
.env file:
DATABASE_URL=postgres://user:password@localhost/dbname
SECRET_KEY=mysecretkey
And using the python package python-dotenv:
from dotenv import load_dotenv
import os
#load environment variables from .env file we made
load_dotenv()
#access env variables
database_url = os.getenv('DATABASE_URL')
secret_key = os.getenv('SECRET_KEY')
print(f"Database URL: {database_url}")
print(f"Secret Key: {secret_key}")
Image Source: https://dev.to/anuradhasivasubramanian/5-things-to-remember-when-using-an-env-file-to-store-you-api-key-in-a-react-app-4f2o
4.3. Conclusion#
Now that you have an idea of how to use a .gitignore, you can ensure safety while using APIs, and keep your github repos clean!
Happy Coding!