How to restrict access to master branch on git

后端 未结 3 1745
梦谈多话
梦谈多话 2020-11-27 12:20

I have a single repo in which I have 2 user groups:

  • Admins
  • HTML/UI Developers

I do not wish to give read/write access of my maste

相关标签:
3条回答
  • 2020-11-27 12:45

    Addition to @1615903's answer, you can protect a branch in Azure DevOps like below:

    Using Azure DevOps

    In Azure DevOps, protecting a branch with security permissions and policies which allow you can do the following:

    • Add or remove users and groups to a specific branch.
    • Declare a minimum number of reviewers for pull requests.
    • Automatically include code reviewers
    • Automatically check linked work items is required or optional
    • Check for comment resolution
    • Enforce a merge strategy(No-fast-forward or squash)
    • Build validation

    and more detailed information on the docs page.

    To protect the branch:

    1. Select Repos > Branches in the project's main page to open the Branches.
    2. Locate your branch on the page in which all branches are listed.
    3. Select the ... button. Then select Branch policies or Branch security from the context menu.
    4. Once you have done, select Save changes to apply your new policy configuration.
    0 讨论(0)
  • 2020-11-27 12:48

    Git itself does not have such feature, but many hosting providers do. This is generally known as branch protection. There is no way to prevent read access as far as I know.

    Using BitBucket

    BitBucket allows a lot of customization for the actions to prevent by branch protection. To protect a branch:

    1. Go to a repository in a project.

    2. Choose Settings > Branch permissions.

    3. Click Add permission.

    4. In the Branches field, select either Branch name, Branch pattern, or Branching model.

    • Branch name - select an existing branch by name.

    • Branch pattern - specify a branch using branch pattern syntax for matching branch names.

    • Branching model - select the branch type to restrict access to.

    1. Select the type of actions you want to prevent.
    • Branch deletion - prevents branch and tag deletion.

    • Rewriting history - prevents history rewrites on the specified branch(es) - for example by a force push or rebase.

    • Changes without a pull request - prevents pushing changes directly to the specified branch(es); changes are allowed only with a pull request.

    • All modifications - prevents pushes to the specified branch(es) and restricts creating new branches matching the specified branch(es) or pattern.

    1. Optional: Add exemptions for any of the selected restrictions. Adding a user or group as an exemption means that it will not apply to them. This is not required; not adding any exemptions means the restriction will apply to everyone.

    2. Click Create to finish.

    Source

    Using GitHub

    A repository can have multiple protected branch rules that affect the same branches.

    Protected branches are available only in public repositories with GitHub Free.

    Protected branch in GitHub can be configured to require:

    • pushes to be made via pull requests and reviewed before being merged,

    • other branches to pass status check before being merged,

    • commits to be signed,

    • history to be linear,

    • that the above rules are enforced even for administrators,

    • that pushes come from specific people, teams or app,

    Force pushes and deletions can be allowed independently.

    To protect a branch:

    1. On GitHub, navigate to the main page of the repository.

    2. Under your repository name, click Settings.

    3. In the left menu, click Branches.

    4. Next to "Branch protection rules", click Add rule.

    5. Under "Branch name pattern", type the branch name or pattern you want to protect (Impacted branches are listed and counted).

    6. Configure specific branch rule settings if needed.

    7. Click Create or Save changes.

    Source

    Using GitLab

    In GitLab, protecting a branch does the following:

    • it prevents its creation, if not already created, from everybody except users with Master permission
    • it prevents pushes from everybody except users with Master permission
    • it prevents anyone from force pushing to the branch
    • it prevents anyone from deleting the branch

    To protect the branch:

    1. Navigate to the main page of the project.

    2. In the upper right corner, click the settings wheel and select Protected branches.

    3. From the Branch dropdown menu, select the branch you want to protect and click Protect.

    4. Once done, the protected branch will appear in the "Already protected" list.

    You can then allow some access to users with developer rights by checking "Developers can merge" or "Developers can push"

    Source

    0 讨论(0)
  • 2020-11-27 12:53

    In Git itself you can use the "pre-receive" hook in the server to protect for writing in a branch to some user.

    Using this hook you can apply your restriction policies for each file in the push.

    Here you can find an example.

    0 讨论(0)
提交回复
热议问题