Stash in Practice – Protecting Branches Made Easy

On the one hand, risks can arise while working on Git-based software projects that hamper the development process, software quality and stability of existing processes. On the other hand, you also do not want to slow down the development process by using models that are too restrictive.

It's good that Stash, Atlassian’s Git repository management system, has a granular and adjustable security concept. Here are a few pragmatic steps for protecting Git branches in Stash.

1. Establishing team workflows

First, it is important that a team define and internalize a fixed workflow for working with Git, the different branching models and the integration of qualitative approval processes (Communication > Tools).

2. Prohibiting force pushes in Stash with workflow hook

It is recommended that you prevent force pushes. This means push requests are rejected if they result in non-fast-forward merges and that they cannot be forced with git push --force. This screenshot shows how this can be done with a single click:

Force push in Stash deaktivieren

Deactivate Force Push in Stash

3. Configuring permissions for release/production/development branch

We prohibit rewriting the history and deleting the branch. We also don't allow changes to be made in the branch without a pull request:

Konfiguration der BranchBerechtigungen in Stash

Configure Branch Permissions in Stash

4. Configuring pull requests in Stash

Ultimately, we configure the settings for pull requests based on the following points:

  • Number of testing persons necessary for release
  • Necessity to complete all tasks associated with a pull request
  • Minimum number of successful builds provided that, for example, a Bamboo integration server is connected with and appropriately configured for the project

As a result, our branch is configured so that no one can overwrite existing commits and only the right people have write and admin access to our development progress, and so that specific quality assurance criteria are mandatory for pull requests. All this can be done with a few clicks in Stash.

Konfiguration für Pull-Requests in Stash optimieren

Optimize configuration for pull requests in Stash

Would you like to test and license Stash? We are your partner!

Are you interested in Stash and/or other developer tools from Atlassian? Would you like to learn more? Do you want to test the system yourself? We are an official Atlassian sales partner and one of the largest Atlassian experts in the world. We are happy to help evaluate your needs and answer your licensing questions. Feel free to contact us with no obligation.

Diesen Beitrag auf Deutsch lesen.

Interview: Advantages of Git within the software development and the possibilities of Stash
Real integration: The interaction of JIRA, Stash and Bamboo
Scaling Git with Stash Data Center
Stash 3.2: Pull Request Previews, Better Comment Navigation, Easier Onboarding

Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud
Our blog articles reflect the situation at the time of writing and are not updated. It is therefore possible that the contents are outdated and no longer correspond to the latest developments. We do not accept any liability for this.