Did I really just commit and push a file with a password in it?-Remove all traces of pushed Git commit

Surely I would never be so stupid as to commit a file that contains sensitive information — say my Oracle Cloud account’s private key. And even if I did, I would not push that change to a public git repo on GitHub, would I?

It turns out that I did exactly that. Ooops. Big one.

I quite frantically looked for a way to undo that mistake — remove the push and undo the commit as if it never had happened.

It turned out not to be very hard — thanks to this thread on StackOveflow.

I first checked the git log to get the commit identifier for the commit I wanted to revert to. Note: this whole story takes place on branch oci-objectstorage-state.

git log

Finding the commit identifier for the commit I want to fallback to

The identifier eb54584888c3901ac6944712bd9a685db4fa1f24 -from the one but last commit — is the correct one,.

Using git push -f origin <last correct commit id>:<branch> or:

git push -f origin eb54584888c3901ac6944712bd9a685db4fa1f24:oci-objectstorage-state

I got rid in the remote repository of the commit that took place