king
21de32a568
푸시 전 git에 추적 중인 민감 파일(.env, *.pem, *.key, *secret*, *password*, *credential*, *token* 등)을 자동 검사하여 발견 시 푸시를 차단하고 제거 방법을 안내함 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
72 lines
1.6 KiB
Batchfile
72 lines
1.6 KiB
Batchfile
@echo off
|
|
cd /d "%~dp0"
|
|
|
|
echo.
|
|
echo [1/2] Checking for sensitive files...
|
|
echo.
|
|
|
|
set FOUND=0
|
|
|
|
:: git? ??? ??(tracked)?? ?? ?? ??
|
|
for %%F in (
|
|
.env
|
|
.env.local
|
|
.env.production
|
|
.env.secret
|
|
) do (
|
|
git ls-files --error-unmatch "%%F" >nul 2>&1
|
|
if not errorlevel 1 (
|
|
echo [ERROR] Sensitive file is tracked by git: %%F
|
|
set FOUND=1
|
|
)
|
|
)
|
|
|
|
:: ??? ?? ?? ??? git? ????? ??
|
|
for %%P in (
|
|
*.pem *.key *.p12 *.pfx id_rsa id_ed25519
|
|
*secret* *password* *credential* *token* *apikey* *api_key*
|
|
db.conf database.conf
|
|
) do (
|
|
git ls-files "%%P" 2>nul | findstr /r "." >nul 2>&1
|
|
if not errorlevel 1 (
|
|
echo [ERROR] Sensitive file pattern tracked by git: %%P
|
|
set FOUND=1
|
|
)
|
|
)
|
|
|
|
if %FOUND%==1 (
|
|
echo.
|
|
echo ============================================================
|
|
echo PUSH BLOCKED: Sensitive file found in git.
|
|
echo.
|
|
echo Remove it with:
|
|
echo git rm --cached ^<filename^>
|
|
echo git commit -m "remove sensitive file"
|
|
echo.
|
|
echo Then add it to .gitignore to prevent future accidents.
|
|
echo ============================================================
|
|
echo.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
|
|
echo No sensitive files detected. Safe to push.
|
|
echo.
|
|
|
|
echo [2/2] Pushing to Gitea...
|
|
echo https://gitea.no1king.freeddns.org/king/dbx-main.git
|
|
echo.
|
|
|
|
git push -u origin master
|
|
|
|
if %errorlevel%==0 (
|
|
echo.
|
|
echo [OK] Push complete.
|
|
echo https://gitea.no1king.freeddns.org/king/dbx-main
|
|
echo.
|
|
) else (
|
|
echo.
|
|
echo [ERROR] Push failed. Check your credentials or network.
|
|
echo.
|
|
)
|
|
pause |