Heroku has a really neat deployment mechanism. It piggybacks on a popular git tool. To deploy, all users have to do is
git push heroku master
I'm reading https://devcenter.heroku.com/articles/authentication
with the hope of setting something up so I can ditch ftp and use git push to deploy updates to my non-heroku web server.
How does heroku ensure only authorized users can 'git push' to heroku?
Heroku might have used gitosis (obsolete since 2009) or gitolite, but that is no longer the case.
You can push (through https or ssh) if you are the app owner, or a collaborator.
You actually can transfer app ownership.
Today, Heroku uses proprietary software which listens for TCP connections on SSH and HTTP and only understands the GIT protocol.
This means we can perform authentication easily, by inspecting the HTTP headers, or SSH private key sent when the connection is opened, and reject it if necessary.
We haven't been running gitolite for several years now.
You should be able to achieve something similar on your own server fairly easily though.
Using dokku for example.
