Managing git - Master branch push permission

Question

Is there an easy way to configure our git repo in a way that would only allow a pre defined set of users to push into master branch on origin ?

I have found certain tools that require payment for such a task, but was wondering whether this was supported in git by default, without the need for a git server tool.

Any comments and directions would be welcome.

Answer 1

A simple solution would be to write a custom hook to listen each update and have a custom authentication solution.

Within the .git file there is a hook directory, which contains example implementations for custom hooks. Deleting the .sample suffix would simply make that hook become operational ( the hook examples there have callback registrations by default ).

Update hook would be triggered after each push, exiting 1 would simply disallow for that push to be applied. Something on the lines of :

refname="$1"
oldrev="$2"
newrev="$3"

author="$(git log $newrev -1)"

# user names on the white list
whitelist=( 'Admin1' 'Admin2' 'Admin3'  )

# branches to be controlled
master="refs/heads/master"
test="refs/heads/test"

if [[ "$refname" == "$master" || "$refname" == "$test" ]]
then
                for name in "${whitelist[@]}"
                do
                                echo $name
                                if [[ "$author" == *"$name"* ]] 
                                then
                                                exit 0
                                fi
                done
else
                exit 0
fi

echo "Master or test branch is not within your reach ! Contact your supervisor ! "
exit 1

I strongly advice you to write your own script according to your authentication policy. The above script is just to give an idea and is easily hackable.

Answer 2

Git does not have any permission system of its own. You will have to use something else to manage them like GitLab or gitolite. You can also build your own using git hooks.