I have some Git private repositories on a GitHub company account, and I don't want anybody to push on some specific branches (like master, develop and beta or by pattern). I also tried to define some hooks but I want this to be done on GitHub and not done with a pre-push hook on the clients.
So to explain my problem simply, I want:
git push origin develop
to be refused by the server (which is GitHub) because of the branch name, but I do not want a client check by pre-push hook, I really want GitHub to do the check and refuse it.
Also if it's possible to allow only certain users to do so, but disabling it for everybody would be enough at first.
To find it go to Settings > Branches > Branch Protection Rules and click 'Add Rule'. Then, enter the name of the branch you want to protect and click the checkbox to require pull request reviews before merging. By default, this only stops people who are not moderators.
Select Restrict who can push to matching branches. Optionally, to also restrict the creation of matching branches, select Restrict pushes that create matching branches. Search for and select the people, teams, or apps who will have permission to push to the protected branch or create a matching branch.
Restrict who can push to matching branches You can enable branch restrictions if your repository is owned by an organization using GitHub Team or GitHub Enterprise Cloud. When you enable branch restrictions, only users, teams, or apps that have been given permission can push to the protected branch.
Ok I got the answer from IRC after a long chat. I'll have to work with forks and pull requests, or add pre-push hooks on each dev's machine since GitHub doesn't allow per branch permissions neither pre-publish canceling hooks. Here is a part of the answers I got:
Fork the repository. then the developer can work on their own version of the repository, and doesn't have to worry about committing to the wrong branch. And then someone upstream can always merge into whatever branch should be committed into.
Yeah but we're a company and we don't want that all our devs have forks
Why not?
Well they should be able to push their branch on a common repo to work with some other devs on the same feature for example.
Have a read through https://help.github.com/articles/using-pull-requests. You can still send patches around between multiple forks. This is the model that git was built on
I know but I want to be able to see quickly in a central way the actual work on any feature/hotfix, ...
To cut a long story short: GitHub doesn't support per-branch permissions
I know that this post is pretty old, but I believe that it may still help for some of you who are looking for an answer.
Well, now it is possible on GitHub.
Recently GitHub have introduced the Protected Branches feature, which makes it possible:
Protected branches block several features of Git on a branch that a repository administrator chooses to protect. A protected branch:
- Can't be force pushed
- Can't be deleted
- Can't have changes merged into it until required status checks pass
- Can't have changes merged into it until required reviews are approved
- Can't be edited or have files uploaded to it from the web
Good luck.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With