Protecting files in git repository

后端 未结 4 932
臣服心动
臣服心动 2021-01-02 05:51

I have a central repository with a subset of files that I want to protect from being changed (by pushing) from other users. If I add these files to .gitignore,

相关标签:
4条回答
  • 2021-01-02 06:07

    It sounds to me like the problem lies elsewhere if you need this level of access restriction.

    Nonetheless, if you indeed do want to implement this, consider Gitolite. It allows you to define rather detailed access rules and should probably suffice for your needs.

    Gitolite documentation: http://gitolite.com/gitolite/master-toc.html

    You can define 'virtual refs' to control access on file level. More on that: http://gitolite.com/gitolite/vref.html

    0 讨论(0)
  • 2021-01-02 06:12

    You can have the files in the repository, commit them, then add them to the .gitignore and then remove them from the next commit.

    You can still fetch the files directly prior commit (perhaps tag it with something so it can be fetched by name a bit easier) and this will preserve the state of the file, while not making it easily edited in the repository by accident.

    To access those files after pulling the clone, just write a rake task that fetches them for the user of your repository.

    0 讨论(0)
  • 2021-01-02 06:19

    Is there a specific reason why Git must itself be the answer to this?

    How about making the files read-only, and dictating as policy that these files shouldn't be pushed?

    Sometimes a technological solution is not the simplest way.

    If somebody does push changes to these files, these changes can always be reverted.

    0 讨论(0)
  • 2021-01-02 06:30

    I initially thought about a filter driver (see Pro Book), which would:

    • on the smudge step save your files content
    • on the clean step would restore your files content.

    alt text

    But that is not a good solution since those scripts are about stateless file content transformation (see this SO answer).

    You can try enforcing a save/restore mechanism in hooks (see the same SO answer), but note that it will be local to your repo (it will protect your files in your repo only, hooks aren't pushed)

    You can also use:

    git update-index --assume-unchanged file
    

    See "With git, temporary exclude a changed tracked file from commit in command line", again a local protection only. That will protect them against external push to your repo ("import"), but if you publish them ("export"), than can be modified on the client side.

    0 讨论(0)
提交回复
热议问题