Home > database >  How can I prevent myself from pushing to the master branch?
How can I prevent myself from pushing to the master branch?

Time:10-02

Sadly, our master branch is not protected anymore.
Mistakes can happen, but how can I prevent accidental pushes to master?

Greedy Microsoft

CodePudding user response:

It's unfortunate that you need to do this for every repo (although you can use templates to alleviate this for each user), but you can just use a pre-push hook. Something like:

#!/bin/sh

read ref name remote_ref remote_name

if test "$ref" = refs/heads/master; then
    echo stubbornly refusing to push master >&2
    exit 1
fi

should be adequate. Put that file in .git/hooks/pre-push and make it executable and any accidental push of refs/heads/master will be rejected.

CodePudding user response:

Two suggestions to avoid mistakes:

  1. Split the integration workflow in (Main repo Fork repo), which can optionally be enforced by setting appropriate permissions to collaborators.

  2. Use some git hook, e.g. on client side.

I'll elaborate only on the idea 1. below, since idea 2. is addressed in @WilliamPursell's answer.

Main Fork repos

Whether your team is working in a public or private organization repo, it's possible to make forks (e.g., private forks).

Then, you will have for example two remotes:

  • https://github.com/Orga/project.git (Main)
  • https://github.com/user/project.git (user's Fork)

Then, two options:

  • Either you only grant Release Managers "push access" to the Main repo, in which case no mistake is possible,

  • Or all devs have push access to Main, typically using SSH: in this case, you could just ensure that the devs configure their local clone with:

    • (1) an HTTPS (not SSH) remote URL:
      git remote remove origin && git remote add upstream https://github.com/Orga/project.git
    • and (2) an SSH remote to their Fork:
      git remote add origin [email protected]:user/project.git

    In which case, some git push upstream master (or git push from a wrong configuration) won't be able to push through without querying one's HTTPS username or so, and then detect and stop the potential mistake.

In both cases, the idea would be to follow a Pull-Request based workflow to integrate changes in Main's master branch…

CodePudding user response:

You can use a pre-commit hook -- look in .git/hooks/pre-commit.sample for information on how this hook works and an example.

You could also possibly use a server-side pre-receive hook, but setting that up generally requires admin access to the remote.

  •  Tags:  
  • git
  • Related