分支/分叉只是父库的一部分 [英] Branching/Forking just portion of parent repository

问题描述

我们在bitbucket上有一个代码库，它有一些'机密'库。有没有办法为调查目的创建分支或分支（对于非现场工作人员），这些分支或分支不包含选定的机密文件，但对于所有其他文件，仍然有能力推，拉，查看整个历史记录？

通过指定分支之间的文件/文件夹的高级映射，我已经能够在其他源代码控制中实现这一点，但是我无法在bitbucket上找到类似的功能。

EDIT1：
下面是我想要实现的一个例子： b

  Repo1（main）：
 | -publicFolder 
 | -file1 
 | -file2 
 | -privateFolder 
 | -fileA 
 | -fileB 
 
 Repo2（调查）：
 | -publicFolder 
 | -file1 
 | -file2 
  

在这些回购协议中推送/拉取公共文件的可能性是无限的。远程工作者在 publicFolder 上工作，并且可以从主仓库中获取最新版本，并且能够将他的更改推送到主仓库（或者某些管理员可以从调查仓库到主仓库）。但是，只能访问 Repo2 的工作人员不能查看 privatFolder

解决方案

无法在单个Git存储库中执行此操作。 BitBucket在Git之上没有额外的功能，允许一些文件被限制（它会混淆提交校验和的提交标识等）。但是，这是一个常见问题，最好的办法是将敏感数据分开保存。我可以想到一些方法来做到这一点。

1。配置文件

有时只需在源代码管理之外保留一个简单的配置文件就可以用来以某种方式加载运行时值：例如：

• 
  

  We have a codebase on bitbucket which has some 'confidential' libraries. Is there a way to create branch or fork for investigation purposes (for off-site workers) that will not contain chosen confidential files, but for all other files there still will be ability to push, pull, see entire history?

  I've been able to achieve this in other source controls by specifying advanced mapping of files/folders between branches, but I'm not able to find similar functionality on bitbucket.

  EDIT1: Here is an example of what I want to achieve:

  Repo1(main):
   |-publicFolder
      |-file1
      |-file2
   |-privateFolder
      |-fileA
      |-fileB
  
  Repo2(investigation):
   |-publicFolder
      |-file1
      |-file2
  

  There would be unlimited possibility to push/pull public files across those repos. Remote worker works on publicFolder and can pull latest version from main repo and is able to push his changes to main repo (or some admin is able to pull from investigation repo to main repo). But worker with access to Repo2 only should never be able to view the privatFolder

  解决方案

  There's no way to do this within a single Git repository. BitBucket does not have additional functionality on top of Git that would allow some files to be restricted (it would mess with the identity of the commits which would change the checksums, etc). However, this is a common problem, and the best way is to keep sensitive data separate. I can think of a few ways to do this.

  1. Configuration file

  Sometimes it suffices to just keep a simple configuration file outside of source control that you can use to load in runtime values in some way: for example:

  • set environment variables
  • pass arguments via command line
  • run some script which replaces tokens with the configuration values

  Still, your question is how to keep a part of your codebase private. There are many ways to handle this; it all depends on how your project is structured, how you manage builds, deploys, etc.

  2. Multiple forks

  One way is to maintain multiple forks, such that you have private and public repositories. Only place sensitive commits on a private repository. This way your codebase is still a single module, if you prefer.

  3. Multiple modules

  As any project grows, it often makes sense to split the software out into separate modules or repos (e.g. core, web, config, test, etc). To checkout and build the project, you would checkout the multiple modules and compile them together. Some build tools can manage this automatically for you, like maintaining snapshot builds in your local ~/.m2 repo. One of the first things you can do is separate the production configuration into a separate module that is restricted. Then you might have another repo with development configuration.

  4. Don't do this...

  这篇关于分支/分叉只是父库的一部分的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！