Best practices for handling passwords/keys in open source projects?

by Eric Mill » Thu, 10 Sep 2009 03:49:42 GMT

Sponsored Links
 In my app, I'm taking advantage of a web-based API (the Sunlight Labs
API) that requires an API Key.  The project is also open source,
hosted on Github. I want to avoid committing my API key into the

I'd be fine with creating some other .xml file of special string
values, and git-ignoring that file (while providing a .xml.example
file to copy into its place), but I don't know the best way of doing
that with the Android SDK.

Any suggestions?

-- Eric

Best practices for handling passwords/keys in open source projects?

by Mark Murphy » Thu, 10 Sep 2009 04:10:31 GMT


Total brainstorm, never tried this, your kilometerage may vary, etc. It
also assumes you're using Ant...

Step #1: Put the layout file containing the MapView element that needs
the API key somewhere other than res/layout/ (e.g., make a
layout-template/ directory and put it there).

Step #2: Create an Ant target that reads in a property file and uses
<copy> and <replaceregexp> tasks to "paste" the API key out of the
property file into a copy of the layout you make in the proper spot
(e.g., copy from layout-template/ to res/layout/ and then paste in the key).

Step #3: git-ignore the post-API-key edition of the layout file and your
property file.

Step #4: Possibly have your Ant target turn around and call some other
target (e.g., the debug target).

Side benefit of this: you can have two targets and two property files,
one for debug and one for production.

Mark Murphy (a Commons Guy)  | 

_The Busy Coders' Guide to *Advanced* Android Development_ In Print!


Sponsored Links

Other Threads

1. Immediate Opening for or client in Hyderabad for Android SDK Developers

Dear Professionals

Greetings for the day!!!!!!!!!!

We have a pretty urgent opening for our client(MNC) in Hyderabad for
Android developers with Java  AND Android with Linux.

Location : Hyderabad.

Experience :  2 to 8 years(Android with Linux)
                 :  2  to 4 years(Android with Java).

Relevant  in Android  :  Minimum one year  experience

Interested people can forward there update resume ASAP to


Swathi Reddy.


2. Dev with barcode reading expertise

Hi Guys,

  I need to develop an app that reads barcode code 39. There are some
out there, but I need one optimized to read VIN (vehicle
identification numbers.)

  This might simply involve finding the right lib, or tweaking a
current one to work right.

  If you're interested, please let me know.




3. Auto-correction issues in Android 2.0 or higher?

4. Can not visualize correctly the written text of an EditText after animation

5. How to provide animation when calling another activity in Android?

6. How to use the lib(.jar) which android sdk didn't contain

7. Error while consuming Axis2 based WEB SERVICE...