Today I Learned

19 posts about #git

What to do when you commit secret in git

It depends.

If you made a commit just now

Remove the commit using BFG or filter-branch

If you have pushed the commit to repository

CHANGE THE SECRET!

All secrets that get pushed to remote repository should be treated as compromised and you cannot be 100% sure it haven’t been pulled by somebody else. github docs

You should still cleanup your commit using methods above to prevent confusion among other devs if they stumble upon the secret in the codebase (even if it’s already changed, they might not know about it)

It’s better to prevent

Git secrets prevents you from commiting secrets https://github.com/awslabs/git-secrets

Github docs

Single command to rebase branch on updated master

Having branch protection enabled in github prevents merging PR’s if the branch is out of date with target branch. Imgur

In github UI is a button to update branch, but it creates additional merge commit. To not have additional merge commit rebase the branch yourself.

It requires a few steps:

  • checkout master
  • pull master branch
  • checkout to your branch
  • rebase your branch on the new master
  • push with force

Here is the command to make all that automatically

git checkout master & git pull & git checkout - && git rebase master && git push --force-with-lease

Adding alias makes it easier to remember.

alias grbm="git checkout master & git pull & git checkout - && git rebase master && git push --force-with-lease"

Conditional .gitconfig

You can have conditional configuration based on path that you are in for git. For example if you have two emails defined one for work and one personal you can tell git to load gitconfig based on path you are in.

In your .gitconfig add the following lines:

[includeIf "gitdir:~/work/"]              
        path = ~/work/.gitconfig

And then create a .gitconfig file in the path above with whatever settings you need. A simple one would be to change the email of the user.

[user]
        email = "work@email.com"

Git will load this file also for all the subdirectories of the work dir.

Debugging git push(ssh) hanging

Sometimes when we try to push some changes to the repository git push can hang and we cannot get any meaningful information. We can check the GitHub status page but when everything is green there what can we do to get more information(applies only for ssh)

1) Create script like ~/sshv.sh

#!/bin/bash
ssh -vvv "$@"

2) Add permissions chmod u+x ~/sshv.sh

3) Push to the repo GIT_SSH=~/sshv.sh git push <rest of your command>

We should see what exactly what ssh is doing.

Enable diff-so-fancy for other git actions 

[core]
  pager = diff-so-fancy | less -FXRi
[pager]
  add      = true
  diff     = true
  difftool = true
  log      = true
  show     = true

it would enable diff-so-fancy also for git add --patch command and others.

$ git add --patch .
─────────────────────────────────────────────────────────────
modified: main.go
─────────────────────────────────────────────────────────────
@ main.go:6 @ package main
import (
        "flag"
        "fmt"
        log "github.com/sirupsen/logrus"
        "io/ioutil"
        oldLog "log"
        "os"
        "strings"

        log "github.com/sirupsen/logrus"

        "github.com/juliosueiras/terraform-lsp/langserver"
        "github.com/spf13/pflag"
        "github.com/spf13/viper"

Automate Pull Request labels via Github Actions

Imagine You want to add automatic review me label when someone makes PR to master. You can do it by using Github Actions and action named “Labeler”.
At first You have to had this specific label added to your repository.

Next, move to Github Actions tab in your repository, and create new workflow with following code:

name: Your-Labeler-name // change it before commit
on: 
  pull_request:
    branches:
      - master // destination branch where this workflow will trigger

jobs:
  label:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/labeler@v2
      with:
        repo-token: "${{ secrets.GITHUB_TOKEN }}"
        configuration-path: .github/Your-labeler-trigger-function-name.yml  //change it before commit

Commit this file and create new one in .github/ directory with this name (^). This file will define what changes should trigger this action and which label should be defined then. For example:

review me:
- "*"

will trigger and add review me label if any file in ROOT directory will change.

This example: 

bug:
- "**"

will trigger and add bug label if any file in ANY directory will change.

Another example:

hotfix:
- example_directory/**/*

will trigger and apply hotfix label if any file inside example_directory or any nested directories inside it will change

If You need more informations, here’s official repository of Labeler action: https://github.com/actions/labeler

Big files version control using Git Large File Storage

On our project we performed a full back up of entries on Contentful and downloaded all its assets. The assets together were about 150MB so we decided to compress them in a .zip and push it to GitHub. Unfortunately we encountered a warning that the upload limit for one file is 100MB and the git push got aborted. To solve it, we could just push the images without compressing them or…

Git Large File Storage to the rescue. Install it using your favourite tool > guide here < and all you need to do is specify the file extension that you are interested in using git lfs track "*.zip" (zip in our case, can be any other extension). All you need to do after that is just follow standard git procedure, but from now on you won’t be limited with big file uploads.

Delete all local branches except the current one

From time to time it is necessary to delete all local branches. Assuming there are branches:

git branch --verbose

  a             2eb734f6 Update image tag
  b             2eb734f6 Update image tag
  first-branch  2eb734f6 Update image tag
  second-branch 2eb734f6 Update image tag
* staging       2eb734f6 Update image tag

This command will delete all branches except the current one:

git branch | grep -v `git symbolic-ref -q --short HEAD` | xargs git branch -D
Deleted branch a (was 2eb734f6).
Deleted branch b (was 2eb734f6).
Deleted branch first-branch (was 2eb734f6).
Deleted branch second-branch (was 2eb734f6).

An alias is handy:

alias gdal="git branch | grep -v `git symbolic-ref -q --short HEAD` | xargs git branch -D"

Revert^2

In the given scenario:

  1. Pull request was merged
  2. The connected branch#1 was removed
  3. Merged PR was reverted
  4. You don’t have branch#1, but you can see the reverted commit#1

All you have to do is to track the commit#1 and revert reverted commit.

$ git revert commit#1

Clean up local list of your git branches

Have you ever had to search through a long list of local branches, which are mostly obsolete for you?

To keep your local git repository slim and avoid a long list of branches while doing git branch, there is an easy strategy that can save you a bit of time.

First, always remember to push everything you did to the remote when you leave a desk, then just run in the console:

git branch | grep -v "master" | xargs git branch -D

It will remove all your local branches except master. If you need to restore any particular branch, you can fetch and checkout - it will wait for you on your remote!

Have you Cmd-C'd your overcommit and lost your changes?

During overcommit running I have interrupted the process and received following message

Interrupt signal received. Stopping hooks...

⚠  Hook run interrupted by user

then 

Unable to restore working tree after pre-commit hooks run:
STDOUT:
STDERR:unable to refresh index

To my horror, all my changes were lost! Fortunately, those were kept in stash, so simple git stash pop helped :) More info here

Remove sensitive data from git repository.

When you forgot to use secrets from the very beginning - and some secrets landed in your repository eg. login/password/secret_key you can remove them in a simple way using filter-branch for example to remove password you need to use:

git filter-branch --tree-filter "find . -type f -exec sed -i -e 's/password/**REMOVED**/g' {} \;"

It will replace password with **REMOVED** in the whole repo and commits.