[guardian-dev] A tag-team git workflow that incorporates auditing

Abel Luck abel at guardianproject.info
Mon Nov 25 08:03:11 EST 2013


Hans-Christoph Steiner:
> 
> I finally wrote up the git workflow that Abel and I have been using.  I think
> that other Guardian Project members use a similar workflow:
> 
> https://guardianproject.info/2013/11/21/a-tag-team-git-workflow-that-incorporates-auditing/
> 
> .hc
> 

Thanks for writing this up Hans!

This is a great workflow for projects with a small number of contributors and no single
manager who is responsible for approving all commits. Instead Hans and I review each
others commits.

Setting up a tool like Gerrit would definitely help maintain a more pure blessed repo, as
things like accidental pushes to "upstream" wouldn't be possible, but with only a handful
of contributors the overhead of setting up, maintaining, and using a Gerrit deployment is
too costly.

A note on github: We do not use Github's pull request feature, specifically the auto merge
because we don't ever want to be in a situation where we have to "pull" from the upstream
repo. The flow of data to the blessed repo is onewayu. You are only pulling from
contributor repos, reviewing commits, and then pushing to the blessed repo.

Now not all GP members use this workflow. Nathan and Miron, the primary devs on
ChatSecure, make heave use of Pull Requests [1]. I'm not sure whether they're using the
auto merge feature or not.

~abel



[1]:
https://github.com/guardianproject/ChatSecureAndroid/pulls?direction=desc&page=1&sort=created&state=closed



More information about the Guardian-dev mailing list