配置 Gerrit 权限禁止直接 push 代码到仓库
关于 Gerrit Push 权限描述如下:
This category controls how users are allowed to upload new commits to projects in Gerrit. It can either give permission to push directly into a branch, bypassing any code review process that would otherwise be used. Or it may give permission to upload new changes for code review, this depends on which namespace the permission is granted to.
具体权限配置与 namespace 有关
refs/for/*代码评审refs/head/*直接提交refs/tags/*tag
配置如下:
- Reference:
refs/for/*- Read: ALLOW
- Push: ALLOW
- Push Merge Commit: ALLOW
- Reference:
refs/heads/*- Read: ALLOW
- Push: BLOCK
- Label Code-Review: -1 +1
- Reference:
refs/tags/*- Push: ALLOW