On 14/09/14 17:15, Kent Fredric wrote: > On 15 September 2014 02:40, Michał Górny <mgo...@gentoo.org> wrote: > >> However, I'm wondering if it would be possible to restrict people from >> accidentally committing straight into github (e.g. merging pull >> requests there instead of to our main server). >> > > > Easy. > > Put the Gentoo repo in its own group. > Don't give anyone any kinds of permissions on it. > Have only one approved account for the purpose of pushing commits. > Have a post-push hook that replicates to github as that approved account > > => Github is just a read only mirror, any pull reqs submitted there will be > fielded and pushed to gentoo directly. > > Only downside there is the way github pull reqs work is if the final SHA1's > that hit tree don't match, the pull req doesn't close. > > Solutions: > > - A) Have somebody tasked with reaping old pull reqs with permissions > granted. ( Uck ) > - B) Always use a merge of some kind to mark the pull req as dead ( for > instance, an "ours" merge to mark the branch as deprecated )
C) Ask nicely Github to have an application key and have a pull-request bridge to avoid the problem completely. I'd complete the migration first and discuss this kind of details later. lu