I am trying to setup a shared git repository via ssh, copying users public keys to the authorized_keys. I'd really like the "username" from the ssh-key to be part of the commit history in the repo (so that the user "joe" cannot just set his name to be "kate" - we need some kind of accountability). Is there any way to do this ?
Simply, no, there is no way. The reason is that the author and committer details are set when a commit is made and this usually happens locally. A git push
happens at a later time to push existing commits to the remote repository. Because the commits are already made and referenced by SHA1 hash, they cannot be altered during a push operation.
What you might consider doing is having a pre-receive or update hook that prevents people from pushing commits that they haven't authored, but this might prevent a lot of legitimate uses. You may find that trusting your users is the only sensible option.
That won't work with the decentralized nature of git. Imagine joe merges kate's development branch. There are commits from joe and kate in his local clone now:
* joe: Merge branch 'kate'
|\
| * joe: update foo
* | kate: fix test
* | kate: add test
|/
* joe: initial commit
If joe pushes to the central repository now, and you are enforcing the username, kate's commits would be attributed to joe.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With