On the one hand, risks can arise while working on Git-based software projects that hamper the development process, software quality and stability of existing processes. On the other hand, you also do not want to slow down the development process by using models that are too restrictive.
It's good that Stash, Atlassian’s Git repository management system, has a granular and adjustable security concept. Here are a few pragmatic steps for protecting Git branches in Stash.
1. Establishing team workflows
First, it is important that a team define and internalize a fixed workflow for working with Git, the different branching models and the integration of qualitative approval processes (Communication > Tools).
2. Prohibiting force pushes in Stash with workflow hook
It is recommended that you prevent force pushes. This means push requests are rejected if they result in non-fast-forward merges and that they cannot be forced with git push --force. This screenshot shows how this can be done with a single click:
3. Configuring permissions for release/production/development branch
We prohibit rewriting the history and deleting the branch. We also don't allow changes to be made in the branch without a pull request:
4. Configuring pull requests in Stash
Ultimately, we configure the settings for pull requests based on the following points:
- Number of testing persons necessary for release
- Necessity to complete all tasks associated with a pull request
- Minimum number of successful builds provided that, for example, a Bamboo integration server is connected with and appropriately configured for the project
As a result, our branch is configured so that no one can overwrite existing commits and only the right people have write and admin access to our development progress, and so that specific quality assurance criteria are mandatory for pull requests. All this can be done with a few clicks in Stash.
Would you like to test and license Stash? We are your partner!
Are you interested in Stash and/or other developer tools from Atlassian? Would you like to learn more? Do you want to test the system yourself? We are an official Atlassian sales partner and one of the largest Atlassian experts in the world. We are happy to help evaluate your needs and answer your licensing questions. Feel free to contact us with no obligation.
Diesen Beitrag auf Deutsch lesen.
Interview: Advantages of Git within the software development and the possibilities of Stash
Real integration: The interaction of JIRA, Stash and Bamboo
Scaling Git with Stash Data Center
Stash 3.2: Pull Request Previews, Better Comment Navigation, Easier Onboarding