admin管理员组

文章数量:1122832

I am working on a project that generates short-form content for social media platforms. The back end uses Laravel, the front end uses React, and Firebase stores the video assets. Additionally, I use Google Cloud's Text-to-Speech API.

To integrate Firebase and Google Cloud APIs, I downloaded the JSON service account files from Google Console and placed them in my project’s root directory. However, when I push the project to my GitHub repository, these JSON files (containing sensitive credentials) get flagged by Google as exposed, and they are disabled for security reasons.

My question:
Is there a secure way to upload and manage these JSON files on my production server without pushing them to GitHub?

Thank you!

I am working on a project that generates short-form content for social media platforms. The back end uses Laravel, the front end uses React, and Firebase stores the video assets. Additionally, I use Google Cloud's Text-to-Speech API.

To integrate Firebase and Google Cloud APIs, I downloaded the JSON service account files from Google Console and placed them in my project’s root directory. However, when I push the project to my GitHub repository, these JSON files (containing sensitive credentials) get flagged by Google as exposed, and they are disabled for security reasons.

My question:
Is there a secure way to upload and manage these JSON files on my production server without pushing them to GitHub?

Thank you!

  • reactjs
  • laravel
  • firebase
Share Improve this question asked Nov 22, 2024 at 19:18 Vusal NovruzovVusal Novruzov 191 silver badge4 bronze badges 4
  • Did you consider sharing them with trusted collaborators outside of the (public) GitHub repo? E.g. on an intranet location, Google Drive, or even a private GitHub repo for such credentials. – Frank van Puffelen Commented Nov 22, 2024 at 19:21
  • I did the last thing that you mentioned. I made my repo private and then pushed my credentials there and immediately received an email from Google that my service account got disabled. – Vusal Novruzov Commented Nov 22, 2024 at 19:24
  • Oh wow, I didn't expect that alert to also apply to private repos.

    本文标签:

    版权声明:本文标题:reactjs - How to securely use JSON service account files for Firebase and Google Cloud APIs without exposing them on GitHub? - S 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736301317a1931135.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。