Git: Teamwork across branches without Push Permission

Question

I am currently working for a Scrum Team that is using a shared git repository with another Scrum Team. For ease, we will call my scrum team Autobot and the other Decepticon.

Team Decepticon has full push and pull access to the repository, and are in charge of the framework.

Team Autobot is able to pull, but not to push. Generally there is no issue if members of the team work independently. However, cases arise where it would be useful to pull and push to another team members branch. As of yet, Autobot has not been granted push access by Decepticon (the easy fix) so a work around is required.

A use case example: Consider if Optimus (To continue the transformers metaphor) has done the following:

#!/bin/bash
optimus@workstation0:~/git/work_project/> git branch sdev /sprint/dev --track
optimus@workstation0:~/git/work_project/> git checkout sdev
optimus@workstation0:~/git/work_project/> touch important_file.py
optimus@workstation0:~/git/work_project/> git add important_file.py
optimus@workstation0:~/git/work_project/> git commit -m "Important file added."

Now, Rodimus is to help Optimus by editing important_file.py. He creates his own branch and pulls straight from Optimus's branch, and tries to push:

#!/bin/bash
rodimus@workstation1:~/git/work_project/> git branch sdev /sprint/dev --track
rodimus@workstation1:~/git/work_project/> git pull ~optimus/git/work_project sdev
rodimus@workstation1:~/git/work_project/> echo "'''TODO: Add content''' > important_file.py
rodimus@workstation1:~/git/work_project/> git commit -m "Added TODO".
rodimus@workstation1:~/git/work_project/> git push ~optimus/git/work_project sdev

And errors occur. What is the Proper procedure for this? It is undesirable to have a second repository, but do-able if required.

Answer 1

Update 2014 (3 years later)

As mentioned by Adrien Be in the comments

Stash implemented branch level permissions

See "Using Branch Permission"

---

Original answer (July 2011)

The usual solution is a second repo where:

• Team Autobot can push to
• Team Decepticon can regularely fetch and see if there is anything to merge

But that would require a second repo.

Another solution would be, with an authorization framework like Gitolite, to give push access to an Autobot branch.
It requires only one repo, but with a server (ssh or apache) able to authenticate the user pushing to said repo (since the local protocol don't have authentication).

So both solutions aren't an easy fix.