Reputation: 3970
TFS 2010 Prevent direct edits of Stage branch (only allow merge from Dev)
I have the following scenario:
- I have a Dev and Stage branch
- Code is checked into Dev, and at some point those changesets from Dev are merged into Stage
- No direct edits/check-ins happen to stage (beyond the merges from dev)
What I want to do is identify/verify that no new code has been introduced directly into the stage branch which did not originate from a changeset in Dev.
It does not appear possible to secure Stage (from a source control perspective) to only allow check-ins of merges from dev (since all operations appear to be merge,edit after I do the merge), so what I thought I could do is create a TFS Check in policy which attempts to compare the merged changes to their source.
I have created a class which derives from PolicyBase and have over-ridden the Evaluate method. In the Evaluate method, I spin through this.PendingCheckin.PendingChanges.CheckedPendingChanges and check the .IsMerge property and .ServerItem property to see if the item in question is a merge and is destined for my Stage branch.
When I spin through each change however, I don't see a way to track its lineage or access the parent from where it might have originated (ie: the Dev branch version #).
How do I only allow merges, but no direct edits on my Stage branch?
Upvotes: 1
Views: 203
Answers (1)
Reputation: 23434
The only way to achieve this in TFVC is for you to take ownership of all merges. If you do the merge then you have the control. Many organizations with these sorts of draconian policies create an automated script that does the merge and rejects if there are any conflicts. That way the developer is forced to pull from Staging to Dev and resolve all conflicts before requesting the merge through a web portal. If the merge is successful it was conducted on a server by a single service account and no coder required permissions to Staging of any sort.
This is however dysfunctional. Either you don't trust your coders, or they are not competent enough to work in your code base.
Another method might be to move to Git in TFS for source control. In Git merges are non-editable and are performed as a single action rather than the merge/edit you get in TFVC.
Upvotes: 1
Related Questions
- Can we configure TFS to accept merges only from specific branches?
- TFS 2013 - Only allow merge commits to branch(es)
- TFS - Set a branch to allow check ins of "Merge" changeset only
- Prevent check-ins and restrict merges for TFS branch
- How to enforce merging for hotfixes in TFS?
- TFS Branch & Merge
- Break the branch link for individual files in TFS
- Hide changesets from merge dialogs in TFS 2008 (2010)?
- TFS Branch Permissions
- How to prevent Merging in TFS