added proposed default.gitignore #8
Conversation
There was a problem hiding this comment.
I have mixed feelings about this - having good defaults is awesome, but I don't know what overriding them looks like in this case.
If we go the route of having this as a default repo-local gitignore, then we can of course edit as necessary (but we don't get protection on non-cg repos)
If we suggest this as a global gitignore, then again, folks can edit as necessary, but it gets pretty weak as time and drift go on
If we enforce this as a global gitignore, it seems likely that some of these will be surprising, so there will probably be some painful adjustment and tuning time
| manifest.yml | ||
| manifest-*.yml | ||
| *.env |
There was a problem hiding this comment.
I think these will cause problems, for example:
[we have a manifest.yml here])https://github.com/cloud-gov/cf-hello-worlds/blob/8a17d850b6cf13e679754da0adfc0b62c5245fcb/go-hello/manifest.yml#L4)
Including manifests is a somewhat-common pattern, and there are definitely ways to do it safely
| *.vars.yml | ||
| *.vars-*.yml |
There was a problem hiding this comment.
these feel a little aggressive, especially with the globs. If my repo needs a ${env}.vars.yml, I'm likely to include an example.vars.yml or dev.vars.yml.example
There was a problem hiding this comment.
I think a dev.vars.yml.example would pass this, but you're right the other formats wouldn't. Having the examples format narrowly scoped/standardized is a good thing though imo. What do you think?
| # Concourse specific | ||
| /fly-* | ||
| /concourse-* | ||
| /pipelines/ |
There was a problem hiding this comment.
pretty sure we use this pattern deliberately somewhere?
There was a problem hiding this comment.
Everything I've seen has been /ci
Plus this only impacts new repos so 🤷
Changes proposed in this pull request:
Things to check
Security considerations
This should improve security by ensuring developer configs and other files do not accidentally make their way into github.