Production configration on a public GitHub repository - github

I have a project that will be published on GitHub, but we don't want to expose our production configuration to the public, e.g. items like: api url, api key, and 3rd party keys.
Many projects do it but using .ignore is not the desired way to achieve this.
What is the way to do this so that the repository has all the configuration on company machines but not included on GitHub?
Example projects:
Wire ios APP
Artsy
kickstarter

Related

CI/CD for multi-tenant application with single repository but multiple clients

I have a database-driven application with a single code base configured for multiple clients using the database setting and config files.
The main code base consists of common/core code/files that are being used by all the clients and some client-specific code/files. Both types of files are in different folders of the same repository.
We have been planning to integrate CI/CD using GitHub and Jenkins. I am new to Jenkins.
In GitHub, we have a single repository that contains all the code/files. I want to use Jenkins to deploy to different client environments but make sure that only files related to a specific client should be deployed to that client environment.
What could be the best way or possible solutions for this?
Edit: Basically I want to deploy specific files that are client related to specific client environments.
Any and all suggestions would be highly appreciated.

Using github packages without personal access token?

The project I'm working on currently deploys our private node packages via github packages. Our current workflow is for each developer to create and maintain their own personal access token, and then we use a central account's PAT for automation in AWS.
I was wondering if it's possible to authenticate with github packages without the use of Actions or PAT's?
As of 2022-07-30
No, it is not possible to use github packages without a personal access token (PAT):
It is not possible to upload without a PAT (which makes sense as it prevents random people to upload binaries to your package repo);
It is not possible to download without a PAT (not even publicly available packages can be used);
As early as 2019-10-20, people have requested github to remove PATs as a requirement for mainly downloading public packages.
The idea is that users of libraries should not need to have a github account to access a developer's package.
Sadly, the request for pat-less package downloads was not granted by Github to this day.
If you want a package registry without a hassle, it might be wise to look for other registries, such as MavenCentral or JitPack (not necessarily meant for node packages),
or host a service yourself.
I even had to link a cached webpage, as the original question has been removed from Github community along with a bunch of related questions.
Another question on github, stating pat-less access to packages is still on the roadmap for "fall 2021" is here.
I could not find what the current status of this feature is.
Edit: It is possible to download binaries without a PAT for public repositories using jitpack.io. Jitpack builds the given jar/aar on their servers.
You can add jitpack as a repository to your build system, and use the jitpack-specified URL to reference releases, branches, or specific commits.
Sadly, there is no way to refer to packages (yet).
However, this system allows your users to use your code without needing PATs nor a Github account.
I'd like to offer an alternative.
You may use a Gradle plugin of mine (magik, I was exactly in your shoes) to easier the consumption of artifacts from your Github Packages for Gradle clients.
It require you to save your read-only PAT on the repo itself, so that the users don't have to deal with any authentication (apart using the plugin above mentioned)

Serve public executable from private GitHub repository?

I'm a contractor developing an app for a client and the code and exes are stored in a private github repository. They plan to sell the app through a WordPress-based store. I assumed or thought I read somewhere that files could be hosted on GitHub and in my tests it seemed to work – except it only worked because I was logged in to GitHub, with access to the private repo.
Is there some setting or "feature" on GitHub which will allow us to link to an exe (or zip) from another site or from a link in a "purchase confirmation" type email?
I've seen Hosting executable on github but it is quite old now and not really about private repos.
GitHub does allow you to host release assets as part of a release based on a tag, but these assets are controlled with the permissions of the repository. If the repository is public, then the release assets will also be public; if it is private, then they will also be private, with the same permissions of the repository.
If what you're trying to do is use GitHub with a custom access control system to allow only people who have purchased the software to download it, then that's not possible, and you'll need to set up your own server with the binaries. GitHub provides release assets so that folks can distribute binaries and other compiled stuff without needing to check them in, but it's not designed to be your CDN or web store.

Can we have multiple repositories inside a project in Github

I am developing an application with fronend and backend separated and communicated using REST API (say, backend is JAVA/.NET/NodeJS and frontend is React/Angular).
In BitBucket we can have a project and inside that project we can have multiple repository so that code base for backend and frontend can be in same container,
But in Github, if I am not wrong, concept of project is entirely different (Project vs Repository in GitHub).
Is there any way to have this feature in Github. Because I have lot of projects which all have separate frontend and backend and it will be helpful if I can organize repositories for a single application in one place instead of keeping it with long list of other applications repositories.
Thanks in advance!
The closest would be to combine:
GitHub Organization in order to declare in it all your repositories
an Organization-wide project board in order to manage all your issues and pull requests across those repositories within that organization.

GitHub Google Cloud Build - Multiple Repositories

I'm interested in trying the Google Cloud Build continuous integration application on GitHub.
My application currently has 2 repositories I would like to deploy in a single Docker image. One of them is NodeJS API server, the other is a browser-based (no server side rendering) ReactJS application.
The idea would be to have the NodeJS repo serve requests under /api/... and any for any other URIs, it would serve up the React app.
My question, is it possible to have the Google Cloud Build grab another repo as well, as long as it's on GitHub? Ideally, a commit to either repo (in the right branch) would trigger the same underlying build. Just curios if this is possible.
One approach would be for GitHub Google Cloud to grab a third repository, which would be a "parent" repo referencing the right SHA1/branch of your two other repositories as submodules.
You can see an example of such a build in "Static Website with Hugo, Cloudflare and Automated Builds using Google Cloud".
That would allow you to still work with "one" repository, even though that would check out two others in their own subfolders.