有没有一种很好的方法来限制每个分支在git上的读取（提取）？ [英] Is there a good way to restrict read (fetch) on per branch basis in git?

问题描述

我很乐于使用围绕git的工具和策略。本质上，我们希望将存储库中的分支的子集公开到一组用户的读取或读取/写入。另一个分支子集甚至不会被这些用户知道。使用两个独立的存储库，一个公用的私人存储库，don不要将私人分支推送到公共存储库。

您可以使用 update hook 在公共存储库中拒绝尝试推送这些私人分支的推送，以避免意外推送私人分支到公共存储库。你也可以使用 pre-receive 钩子，如果你想阻止整个推送，如果有人不小心尝试推送一个私有分支，而不是阻止该分支的创建。

您也可以简单地使用公共存储库中的示例 update 钩子（将其重命名为 update.sample 到 update ，并确保它是可执行的），并设置 hooks.denycreatebranch 配置设置拒绝创建公共回购协议中的任何新分支，只允许它包含已经存在的分支或在该回购协议中本地创建的分支。

I am open to using tools and strategies around git. Essentially, we want to expose a subset of the branches on a repository to Read or Read/Write for a set of users. Another subset of branches would not even be known to those users.

解决方案

Use two separate repositories, one public one private, and don't push the private branches to the public repository.

You could use a update hook in the public repository to deny pushes that try to push those private branches, in order to avoid accidentally pushing the private branches to the public repository. You could also use a pre-receive hook if you want to block the entire push if someone accidentally tries to push a private branch, instead of just blocking the creation of that branch.

You could also simply use the sample update hook in the public repository (rename it from update.sample to update, and ensure that it is executable), and set the hooks.denycreatebranch configuration setting to deny creation of any new branches in the public repo, only allowing it to contain branches that already exist or which are created locally in that repo.

这篇关于有没有一种很好的方法来限制每个分支在git上的读取（提取）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！