Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Prevent modifying file on main branch in GitHub

Tags:

git

git-merge

github

In our main branch we have a file that contains specific configurations. Let's call this file .example-conf.

When the developer creates his branch and pull requests. He can change the content of .example-conf file, so his pull request will execute our custom script based on these configs. Changes in file .example-conf should be ignored on the moment of merge.

We need to prevent developers from modifying .example-conf file in the main branch. But that file should be there for them when they create a branch from main.

We tried implementing a solution with .gitattributes but that doesn't work as there are no conflicts during the merge. So as result after merge content of .example-conf will be modified. We need it to stay same as on main branch.

We use GitHub for version control.

How can this be done?

like image 453
kutsyk Avatar asked Oct 16 '25 15:10

kutsyk

2 Answers

Github allows you to add an extra layer of security by using code owners. This feature can be enabled by adding the Require pull request reviews before merging branch protection rule and then enable Require review from Code Owners Additionally you have to add a code owners file that specifies who is the code owner of the .example-conf. e.g.

conf/*.conf    [email protected]

For further information see Introducing Code Owners

like image 74
Michael Mairegger Avatar answered Oct 18 '25 08:10

Michael Mairegger

From what I understand, these are things you want :

  1. No one can change .conf in main branch.
  2. They can change .conf in branches other than main branch.

You can write a pre-commit hook that aborts the commit if .conf file is changed in main branch. To make a pre-hook, you can write a shell script like :

#!/bin/sh

branch="$(git rev-parse --abbrev-ref HEAD)"

if [ "$branch" = "main" ]; then
  if [ "$(git diff --exit-code .conf)" = "1" ]; then
    echo "Cannot change .conf file in main branch. Aborting commit..."
    echo "Unstage .conf to commit."
    exit 1
  fi
fi

Save this script as pre-commit. Make it executable by using

chmod +x pre-commit

Save/Move this executable in .git/hooks/directory.

This will not allow anyone to change .conf in main branch. However, if you do want to change the .conf in main branch, then you need to pass a --no-verify flag with git commit. This would bypass the hook and will not give error when you change .conf in main and commit it.

Alternative: Branch specific .gitignore

See this answer .You can have a work-around to have branch specific .gitignores. This would mean that a person can change his .conf in local repository feature branch but the changes wont be pushed to remote feature branch. Thus the PR from feature -> main wont have the changes made in .conf.

like image 26
Jdeep Avatar answered Oct 18 '25 06:10

Jdeep
Sign in to Comment

Related questions

How do I reference an alternate URL for a git submodule, depending on where I cloned the super-repo?
How do I skip a patch when cherry-picking multiple?
Are squashed commits in a rebase visible to others?
How can I find the first commit of a branch with JGit?
Submodule - update .gitmodules for specifying a branch name
Git -- Rewrite entire history [duplicate]
What command to use to see what branch my actual branch derived from?
search the whole git subcommands, guides and overview man pages
gitignore for a python venv based in the root of a git project
Git: Pushing multiple branches using wildcards
GitHub Enterprise: enforce code freeze during release?
Unity cant add git packages on external SSD. FATAL: not in a git directory
Git alias on Windows: How to escape double quotes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!