tags:

views:

73

answers:

1
+4  Q: 

Prohibit remote pushing to the master branch in git

Is there any way to modify central repository's configuration to disallow any remote pushing to master branch (using git)? It would only be updated via branch merging by a release owner.

It is possible to do in child repositories but unfortunately it's not always fool-proof enough, easy to forget to do it on new machine - no way to protect from accidental pushes. Developers should be able to pull from any branch and push back to any branch, except for master, which we want to see as read-only. Is it possible with git? Or we are trying a wrong workflow.

+4  A: 

You should take a look at the sample update hook called update-paranoid in the contrib directory of the git distribution. It allows you to set up per-branch ACLs restricting who is allowed to push to which branches. This way you can restrict updating master to just release owners.

I'm not quite sure what you mean by "only updated via branch merging". I'm assuming that your central repository is bare, in which case branches are usually only updated by a push. There's no conceptual difference in git between pushing a commit that is a merge and one that isn't so I'm not sure what your criteria for restricting the type of update for master is intended to be.

In the case that you are pushing to a non-bare central repository and master is always the checked out branch then you can simply set the config variable receive.denyCurrentBranch to true or refuse.

Charles Bailey  2010-01-11 23:07:33
It should be done locally (via merge), as opposed to remote `push` which we want to prohibit. And no, it's not bare - `master` is checked out and is a working copy so to speak.Thanks, I'll take a look at the update-paranoid, maybe restricting to one person will do.
kibitzer  2010-01-11 23:12:31
OK, I'll bite. Why isn't your central repository bare and which branch is generally the checked out branch?
Charles Bailey  2010-01-11 23:17:32
`master` is the checked out branch; we could create a bare repository but I don't see a point since the idea was to prohibit direct pushing to master; hence this question. we could create a bare repository and pull from it if it would help at all in our quest for a read-only master :)
kibitzer  2010-01-11 23:19:51
OK, in your specific case the easiest solution is to just set the config variable `receive.denyCurrenyBranch` to `true` or `refuse`. This will prevent anyone from updating the current branch, i.e. master, via a push.
Charles Bailey  2010-01-11 23:22:27
simple and works, just what is needed. thanks! (I figured there's a typo ;) ).
kibitzer  2010-01-11 23:28:57

related questions

How to have two remote orgins for Git?
Why is branching and merging easier in Mercurial than in Subversion?
Is there a better way of writing a git pre-commit hook to check any php file in a commit for parse errors ?
Bug tracker setup with Git integration?
Does git have anything like `svn propset svn:keywords` or pre-/post-commit hooks?
git-stash vs. git-branch
Git "bad sha1 file" error
Should I use GitHub+Fogbugz or Assembla?
How do you remove a specific revision in the git history?
How do you organise multiple git repositories?
What is the Difference Between Mercurial and Git?
How do I restore files to previous states in git?
Is there anything like TortoiseCVS and TortoiseSVN for git?
Good Git repository viewer for Mac
Deploying a Git subdirectory in Capistrano
How to "unversion" a file in either svn and/or git
How can I graph the Lines of Code history for git repo?
Switch branch names in git
Migrating to GIT
How can I set up an editor to work with Git on Windows?
How do you deal with configuration files in source control?
Undoing a git reset --hard HEAD~1
Version Control. Getting started...
Why is Git better than Subversion?
Distributed source control options