Removing credentials from your git repo

It happens... Occasionally a file you REALLY didn't want in your git repo is in there and you don't spot it until several days/months/years later! Worst case is that it's some credentials.

First thing you do is change any affected systems where credentials may have been inadvertently been exposed.

Make a backup of your repo using something like
git clone --mirror <repo>
Then as per https://help.github.com/en/github/authenticating-to-github/removing-sensitive-data-from-a-repository  you can remove the offending file. Don't forget the if the path to your file is in a sub-folder to use the correct slash, most likely "/" even on Windows.
git filter-branch --force --index-filter \
  "git rm --cached --ignore-unmatch PATH-TO-YOUR-FILE-WITH-SENSITIVE-DATA" \
  --prune-empty --tag-name-filter cat -- --all
Then you can push your repo up and overwrite what's there.
git push origin --force --all
Other users may then have to do the following
git fetch
git reset origin/master --hard

Comments

Popular posts from this blog

Enabling SNMP on an ASUS RT-N66U

Ansible on Ubuntu 18.04 on WSL