Protecting files in git repository

为君一笑 提交于 2019-12-18 15:33:51

问题


I have a central repository with a subset of files that I want to protect from being changed (by pushing) from other users. If I add these files to .gitignore, they would not be cloned.

Is it possible to give the ability to clone all files, but after cloning add some of them to .gitignore on the client side?


回答1:


You can have the files in the repository, commit them, then add them to the .gitignore and then remove them from the next commit.

You can still fetch the files directly prior commit (perhaps tag it with something so it can be fetched by name a bit easier) and this will preserve the state of the file, while not making it easily edited in the repository by accident.

To access those files after pulling the clone, just write a rake task that fetches them for the user of your repository.




回答2:


It sounds to me like the problem lies elsewhere if you need this level of access restriction.

Nonetheless, if you indeed do want to implement this, consider Gitolite. It allows you to define rather detailed access rules and should probably suffice for your needs.

Gitolite documentation: http://gitolite.com/gitolite/master-toc.html

You can define 'virtual refs' to control access on file level. More on that: http://gitolite.com/gitolite/vref.html




回答3:


I initially thought about a filter driver (see Pro Book), which would:

  • on the smudge step save your files content
  • on the clean step would restore your files content.

But that is not a good solution since those scripts are about stateless file content transformation (see this SO answer).

You can try enforcing a save/restore mechanism in hooks (see the same SO answer), but note that it will be local to your repo (it will protect your files in your repo only, hooks aren't pushed)

You can also use:

git update-index --assume-unchanged file

See "With git, temporary exclude a changed tracked file from commit in command line", again a local protection only. That will protect them against external push to your repo ("import"), but if you publish them ("export"), than can be modified on the client side.




回答4:


Is there a specific reason why Git must itself be the answer to this?

How about making the files read-only, and dictating as policy that these files shouldn't be pushed?

Sometimes a technological solution is not the simplest way.

If somebody does push changes to these files, these changes can always be reverted.



来源:https://stackoverflow.com/questions/3360092/protecting-files-in-git-repository

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!