Closed TimLChan closed 6 years ago
Hmmm. I think the idea of putting local_settings.py into .gitignore was to prevent people from accidentally posting it on Github. But that also makes it trickier for users to get it to Heroku if they have to remember to add it without seeing it in git status
. Is there any other way to mitigate this, or should we just put a note in the README to be careful not to post your creds on Github?
It depends on the workflow of the user and how strict they want to protect their data.
Local -> Heroku: It won't touch GitHub so there's no need to hide local_settings.py
Local -> Github -> Heroku: local_settings.py
will be on GitHub, so it should be added to .gitignore
For Local -> GitHub -> Heroku, Environment Variables can be used, and you can refer to them in the config as something like the below
MY_CONSUMER_KEY = os.environ['consumerkey'] #'Your Twitter API Consumer Key'
MY_CONSUMER_SECRET = os.environ['consumersecret'] #'Your Consumer Secret Key'
MY_ACCESS_TOKEN_KEY = os.environ['accesskey'] #'Your Twitter API Access Token Key'
MY_ACCESS_TOKEN_SECRET = os.environ['accesssecret'] #'Your Access Token Secret'
EDIT: The bigger issue currently is that all .csvs currently aren't added. The documentation will probably need to get updated with run git add -f file.csv
I think we should move toward using the environment variables in Heroku config. That’s a best practice I’ve adopted in all my projects in recent years. We can also remove .csv from .gitignore. Are you willing to take a stab at this in the local_settings.py and the README? If not, I can do it.
Hey @TimLChan, I cut a new release today that moves those API keys to Heroku environment variables, per your suggestion. Take a look and see if anything is amiss: https://github.com/tommeagher/heroku_ebooks/releases/tag/v0.3.0
Will fix #54 and all issues that are similar in the future