16

After the first release of our product, we will be switching to a different branches for the main development and feature development. Is there a way to create a branch in such a way, so that we can protect it from being removed (accidentally or on purpose) unless you're a specific user (based on role or username)?

I tried to create a sample git repository in our local gitlab machine, then protected one of the branches from the option on the website, but then I was able to remove it with git push origin :branch_name. Thanks in advance!

Will the solution work on github.com?

Sherzod
  • 5,041
  • 10
  • 47
  • 66
  • 1
    this could help you: http://stackoverflow.com/questions/2471340/is-there-a-way-to-lock-a-branch-in-git (assuming pushing to `:branch_name` will also trigger the `update` hook) – eckes Jul 09 '12 at 19:05
  • will hooks work on github.com? – Sherzod Jul 09 '12 at 19:07
  • yes, will work (https://help.github.com/articles/post-receive-hooks) but no `update` hooks. Missed the `github` tag. Sorry. – eckes Jul 09 '12 at 19:11
  • other question that might help you: http://stackoverflow.com/questions/5094524/github-prevent-colaborator-from-push-f – eckes Jul 09 '12 at 19:14
  • @eckes: regarding the article link, it says it will send the POST call AFTER the push is done, but without being able to confirm that, it's basically useless, right? Is it possible to set up `pre-receive` hook on our server, which based on the push data, allows/denies the action for github.com? – Sherzod Jul 09 '12 at 19:29
  • Sadly GitHub still doesn't support this natively without the workarounds mentioned below (local repository, etc). Bitbucket has the ability to protect branches! – jontsai Mar 22 '14 at 01:36
  • This will be soon (Sept. 2015) available at GitHub. See [my answer below](http://stackoverflow.com/a/32384071/6309) – VonC Sep 03 '15 at 19:37

5 Answers5

8

There are many ways to tackle this:

  1. Make another repo that's a sand box, and give readonly access to the master one. If they delete by accident they can get the branch from the master repo. This assumes you are only using github for your repos aside the local dev repos.
  2. Setup hooks in the repository that don't allow branches to be deleted unless you are a specific user. You can't do that on github as they won't allow arbitrary code to be executed on their servers. If you get a local repo instead, you can do this.
  3. Setup a local gitolite install to manage branches with permissions.
Adam Dymitruk
  • 124,556
  • 26
  • 146
  • 141
  • 2
    So in other words, there's no native way of doing it without a hack? – Sherzod Jul 09 '12 at 19:06
  • these are not hacks. A blessed repository is a pattern in DVCS. Github can't allow you to install custom code. Before github, you had your own bare repos sitting on an internal server. Sounds like you guys could use a gitolite install. – Adam Dymitruk Jul 09 '12 at 19:14
  • Yes, I understand that. We do have local git, but we're planning to switch to github and I was wondering if they have something implemented there for this purpose or is it possible to implement something custom. – Sherzod Jul 09 '12 at 19:40
  • not that I know of. They may add that feature. You can use github as auxiliary for code review and other features but keep a master local. – Adam Dymitruk Jul 10 '12 at 02:49
  • @AdamDymitruk "A blessed repository is a pattern in DVCS" - Well not really. I never heard of that before git. In mercurial (a real DVCS) you do not need that. In git the branching concept is so dysfunctional that people come up with things like "A blessed repository" or bare repositories as Proxy's. In Fact, gits current defaults make it a VCS without the D? Don't believe? Just push from one PC to another. It will tell you to not corrupt the other repro this is disabled. See... no "D". Git wants its central server repro. The ability to have some of them doesn't make it a DVCS! – schnedan Nov 08 '21 at 11:37
5

Since the OP shershams mentioned in the comments

we're planning to switch to github and I was wondering if they have something implemented there for this purpose

It turns out there is something implemented (and available soon) in GitHub:

Protected branches and required status checks (September 3, 2015) will allow you to protect a branch:

  • against forced pushed
  • against deletion
  • against merged changes until required status checks pass

https://cloud.githubusercontent.com/assets/25792/9596474/27db3ce6-502a-11e5-9b19-5b47a8addc65.png

Note that, since Dec. 4th 2019, you can grant all users with push access the ability to delete a protected branch by enabling Allow deletions.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
4

You can use branch permissions on the server by adding a pre-receive hook that protects your repository and add something like this to your config file in your bare repository:

[hooks]
        allowedtomerge = user1,user2,user3
        protectedbranches = master
Michael
  • 10,124
  • 1
  • 34
  • 49
1

I have a git branch model which has dev/master/production branches used for staged deployments, so there are branches that I want protected against deletion. I use pull requests and Visual Studio Team Services, so after each pull request from dev to master for example, VSTS would ask if I would like to delete the source branch (dev).

I was worried about a developer accidentally deleting dev or another important branch which is used for deployments so I used this hack:

I created a branch off of dev called "save", made a one line change, opened a pull request against dev, and just leave it open.

As long as there is an open pull request against dev, dev cannot be deleted and VSTS will not ask if I would like to delete the branch.

If there is any other more official solution to this problem, I'd be happy to use it. But for now, this was easy and works.

Asher G.
  • 4,903
  • 5
  • 27
  • 30
0

If you are using Gitlab then you can configure protected branches:

Configuring protected branches

To protect a branch, you need to have at least Master permission level. Note that the master branch is protected by default.

  1. Navigate to your project's Settings ➔ Repository

  2. Scroll to find the Protected branches section.

[...]

kinjelom
  • 6,105
  • 3
  • 35
  • 61