You can find lots of advice online about several different ways to keep “secrets” like API keys and passwords out of Git repositories, but I haven’t been able to find concrete examples for Java programs. This article will detail those concrete examples.

There are quite a few different ways to keep API keys out of Git repositories, each with its own pros and cons. Some articles explain the pros and cons, but without examples, it’s a little difficult to assess which way is the best way for your particular project.

Hopefully these examples I present here will help you figure out which method of keeping API keys out of your own Java Git repositories makes the most sense for your own projects.

For this article’s examples, I will use the CurrencyConverter class, which has only one function, the static convert() function. That function takes a CurrencyAmount object and a Currency object (the latter comes from the java.util package, the former is something I’ve been working on).

The convert() function consults an online API and, if all goes well, returns a new CurrencyAmount object that corresponds to the original CurrencyAmount object converted to the specified Currency.

If this function receives a CurrencyAmount object corresponding to $100.00 and Currency.getInstance(Locale.JAPAN), it should return a new CurrencyAmount object corresponding to ¥10901, give or take a few yen.

There are a few different APIs we could use for this. Some are free and don’t require an API key, but they have very few currencies and the data might be up to a week old.

#api-key #git #java #github

Keep API Keys Out Of Git Repositories: A Few Concrete Examples
1.05 GEEK