There are many threads。由于git也简化了部署,人们尝试将部署特定的秘密文件添加到内部分支,并且将出现这些线程中讨论的问题。一种可能的suggested解决方案是使用submodule
。我宁愿避免它。因此,通过扩展this method创建了一个脚本,让我合并私有分支,而不考虑.branchownfiles
中列出的秘密文件的更改。
看起来效果很好,但是在git中提出了一个关于文件删除的问题:git merge
抱怨从private
合并到master
时删除的文件,即使此文件从未参加过与master
相关的提交:“在HEAD中删除并在私有中修改的文件”
这是您可以看到的程序:
i@my % git init
Initialized empty Git repository in /here/there/.git/
i@my % echo 'hello' > 'start.txt'
i@my % git add start.txt
i@my % git commit -m 'started'
[master (root-commit) 32d41f5] started
1 file changed, 1 insertion(+)
create mode 100644 start.txt
i@my % git checkout -b private
Switched to a new branch 'private'
i@my % echo 'this is secret' > a_secret.txt
i@my % echo a_secret.txt > .branchownfiles
i@my % echo .branchownfiles >> .branchownfiles
i@my % git add a_secret.txt
i@my % git add .branchownfiles
i@my % git commit -m 'a secret file added'
[private c2e174f] a secret file added
2 files changed, 3 insertions(+)
create mode 100644 .branchownfiles
create mode 100644 a_secret.txt
i@my % git checkout master
Switched to branch 'master'
i@my % git-merge-with-care.sh private
Automatic merge went well; stopped before committing as requested
rm '.branchownfiles'
rm 'a_secret.txt'
Success
# this is basically a `git merge` followed by two `git rm` for two files.
# so i suppose .branchownfiles and a_secret.txt never should leave anything in `master`
# but my assumption is not true..
i@my % git commit
[master 916c14b] Merge branch 'private'
i@my % git checkout private
Switched to branch 'private'
i@my % echo 'changed in private, should change in public too' > start.txt
i@my % echo 'secret changed too' > a_secret.txt
i@my % git add -u
i@my % git commit -m 'secret changed'
[private dc8938a] secret changed
2 files changed, 2 insertions(+), 2 deletions(-)
i@my % git checkout master
Switched to branch 'master'
i@my % git-merge-with-care.sh private
# now my question arise.
CONFLICT (modify/delete): a_secret.txt deleted in HEAD and modified in private. Version private of a_secret.txt left in tree.
# git merge complains about a_secret.txt an knows it deleted in HEAD. Why?!
Automatic merge failed; fix conflicts and then commit the result.
Trying to fix conflicts for branch limited files
a_secret.txt: [b]
Remerge with ours strategy
CONFLICT (modify/delete): a_secret.txt deleted in HEAD and modified in private. Version private of a_secret.txt left in tree.
Automatic merge failed; fix conflicts and then commit the result.
a_secret.txt: needs merge
rm 'a_secret.txt'
Success
我的脚本仍然有效,因为它在合并之前删除了这些文件。但我想知道为什么git回忆a_secret.txt
虽然它从来没有在这个分支的提交中?有没有办法以某种方式实现git merge --no-commit
后跟git rm
的效果git永远不会回想起这些已删除的文件在此之前?我的意思是git merge
,但能够只将一些文件添加到索引目录。
我的方法安全吗?如果我git rm
一些文件和git后来回想起这些文件在这里之前,git仍然有一些关于这些文件的信息。什么样的数据和它在哪里?有人可以通过她的a_secret.txt
分支找到master
的内容吗?
这是我的git-merge-with-care.sh
:
#!/bin/env zsh
ls -d .git 2>/dev/null 1>&2
if [ $? != 0 ]; then
echo "error: run this from root of project"
exit 1
fi
if [ $# != 1 ]; then
echo "usage: $0 <private branch>"
exit 1
fi
current_branch=$(git branch -q | sed -n -e 's/^* //p')
from_branch=$1 #private branch
into_branch=master #public branch
if [ $current_branch != $into_branch ]; then
echo "error: merge while out of $into_branch branch"
exit 1
fi
new_files=$(git diff -z --name-only --diff-filter=A $into_branch $from_branch)
changed_files=$(git diff -z --name-only --diff-filter='M|T' $into_branch $from_branch)
branch_files=$(git show $from_branch:.branchownfiles)
git merge --no-commit --no-ff $from_branch
# fix conflict with strategy
if [ $? != 0 ]; then
echo "Trying to fix conflicts for branch limited files"
failing=false
git diff -z --name-only --diff-filter=U | while IFS= read -r -d $'\0' f; do
{ grep -x -q "$f" <<<"$branch_files" && echo "$f: [b]"; } || { [ $f != ".branchownfiles" ] && echo "$f: [!]" && failing=true; }
done
git merge --abort
if $failing; then
echo "Merge aborted because of merge conflicts"
exit 2
else
echo "Remerge with ours strategy"
git merge --no-commit $from_branch -s recursive -X ours --no-ff
if [ $? != 0 ]; then
# conflits for deleted files in merger but added again from mergee
conflicting_files=$(git diff -z --name-only --diff-filter=U)
# echo "$conflicting_files" | sort
# echo "$new_files" | sort
if grep -q "$(echo \"$conflicting_files\" | sort -z)" <<<"$(echo \"$new_files\" | sort -z)"; then
xargs -0 <<<"$conflicting_files" -I'{}' git rm --ignore-unmatch '{}'
[[ x`git diff --diff-filter=U` == 'x' ]] || exit 5
fi
fi
fi
fi
# remove files added from private branch but are restricted to private branch
xargs -0 -I'{}' <<<$new_files sh -c "grep -x -q '{}' <<<\"$branch_files\" && [ -e '{}' ] && git rm -rf '{}'"
# bring back public files overwritten bye private branch data
xargs -0 -I'{}' <<<"$changed_files" sh -c "grep -x -q '{}' <<<\"$branch_files\" && git checkout HEAD '{}'"
echo "Success"
exit 0
答案 0 :(得分:1)
合并两个分支时,这些提交都可以从合并提交中获得。因此,如果您有权访问master,则可以在合并之前获取所有秘密信息。这也是git认为文件被删除的原因。
如果我签出该回购并且只获得主分支,您可以git checkout master^2
,并且您实际上是在什么是秘密分支。
尝试运行git merge-base master private
。它会给“一个秘密文件添加”提交。 commit和master之间的区别之一是master(a_secret,.branchownfiles)上缺少的文件。所以他们必须在master上删除git的东西,因为那个提交是master的祖先。这是真的。这就是信息的来源。