Re: preventing destructive operations to central repository

["Shawn O. Pearce" <spearce@spearce.org>]

Jay Soffian <jaysoffian@gmail.com> wrote:
> On Thu, Apr 15, 2010 at 8:39 PM, Brendan Miller <catphive@catphive.net> wrote:
> > Let's say you have a bare git repository writeable by a number of
> > different people. How do you prevent them from borking the central
> > repository?
> 
> Depends what you mean by borking, but you might consider starting with
> reading the "git config" man page for the following entries:
> 
> - receive.denyDeletes
> - receive.denyNonFastForwards
> 
> > Also, is there an automated mechanism to ensure that the timeline
> > stays clean? Say, force people to rebase their repositories before
> > merging into the shared repository?
> 
> In order to prevent merges, you will need to use a a receive-pack hook such as:
> 
> http://lists.gnu.org/archive/html/bug-gnulib/2008-10/msg00221.html
> 
> You might also consider something like gitosis/gitolite/gerrit
> depending upon how formal you want to be.

I think his only choice is to install a gitosis/gitolite/gerrit
solution.  Basically he needs to completely remove write access
to the repository, so developers can't muck with it directly.
That requires one of those 3 tools to provide secured proxy access.

On top of those, yea, you would then also want to configure the
receive.denyDeletes and denyNonFastForwards you mentioned above,
as well as maybe also write a custom update or pre-receive hook to
prevent merges from entering the repository.

Though preventing merges is a bit pedantic.  Eventually you'll want
to use a merge rather than a rebase (e.g. merge in a maintenance
branch to pick up its bug fixes into the main development trunk).

-- 
Shawn.