c# - How do I keep ASP.net connection string passwords secure on a git repository? -
up until have been using gitignore ignore web.congfig , web.release.config files connections strings (including passwords) not stored in git repository.
this has been fine changes web.config being passed around on encrypted removable media.
but have started @ using continuous integration , storing code on visual studio team services. work (unless can suggest fix) must have web.config included part of project.
i hosting application on windows server (in-house) mssql db , connection oracle db on different server.
i'm not advanced developer holding own far. support welcomed.
you can achieve moving connection string details external configuration file. move connection string connections.config file
<connectionstrings> <add name="name" providername="system.data.providername" connectionstring="valid connection string;" /> </connectionstrings>
now in web config can reference file connection string as
<?xml version='1.0' encoding='utf-8'?> <configuration> <connectionstrings configsource="connections.config"/> </configuration>
more detail external configuration file
after can list connections.config file in gitignore file
then push git repo.
but make sure readme file contains necessary settings apply make app working other developer. have moved connection details file other may not familiar approach , may cause issue.
Comments
Post a Comment