How to restrict access to master branch on git

I have a single repo in which I have 2 user groups:

  • Admins
  • HTML/UI Developers

I do not wish to give read/write access of my master branch to my HTML developers as they do not need to work on it and should not be misusing the core code.

  • Git pull on a remote server with an unknown tag
  • JIRA smart commit - Block git commit without JIRA ticket number
  • How to exclude all folders except one?
  • Git / Mercurial : Separate repos in structure
  • Clone bitbucket repo to local machine failed
  • Git cannot lock ref 'HEAD': unable to resolve reference HEAD
  • Though they need to work on their own branch ui-developers. How do I do this on git?

    P.S.: I am using BitBucket

  • Pruning branches that were deleted in upstream Git repo but still exist in my fork
  • Is there a reason not to check in the virtualenv environment along with the source code of a python project?
  • Git push URL encoding issue
  • Git Conundrum: rm -r and .gitignore not working
  • Git - why does the number of objects differ between my two Git clones?
  • Sourcetree and GitFlow - not showing color branches
  • One Solution collect form web for “How to restrict access to master branch on git”

    Git itself does not have such feature, but many hosting providers do. This is generally known as branch protection. There is no way to prevent read access as far as I know.

    Using BitBucket

    BitBucket allows a lot of customization for the actions to prevent by branch protection. To protect a branch:

    1. Go to a repository in a project.

    2. Choose Settings > Branch permissions.

    3. Click Add permission.

    4. In the Branches field, select either Branch name, Branch pattern, or Branching model.

      • Branch name – select an existing branch by name.

      • Branch pattern – specify a branch using branch pattern syntax for matching branch names.

      • Branching model – select the branch type to restrict access to.

    5. Select the type of actions you want to prevent.

      • Branch deletion – prevents branch and tag deletion.

      • Rewriting history – prevents history rewrites on the specified branch(es) – for example by a force push or rebase.

      • Changes without a pull request – prevents pushing changes directly to the specified branch(es); changes are allowed only with a pull request.

      • All modifications – prevents pushes to the specified branch(es) and restricts creating new branches matching the specified branch(es) or pattern.

    6. Optional: Add exemptions for any of the selected restrictions. Adding a user or group as an exemption means that it will not apply to them. This is not required; not adding any exemptions means the restriction will apply to everyone.

    7. Click Create to finish.


    Using GitHub

    Protected branch in GitHub:

    • Can’t be force pushed

    • Can’t be deleted

    • Can’t have changes merged into them until required status checks pass

    To protect a branch:

    1. On GitHub, navigate to the main page of the repository.

    2. Under your repository name, click Settings.

    3. In the left menu, click Branches.

    4. Under Protected Branches, select the branch you want to mark protected using the drop-down menu.

    5. Select Protect this branch.

    6. Click Save changes.


    Using GitLab

    In GitLab, protecting a branch does the following:

    • it prevents its creation, if not already created, from everybody except users with Master permission
    • it prevents pushes from everybody except users with Master permission
    • it prevents anyone from force pushing to the branch
    • it prevents anyone from deleting the branch

    To protect the branch:

    1. Navigate to the main page of the project.

    2. In the upper right corner, click the settings wheel and select Protected branches.

    3. From the Branch dropdown menu, select the branch you want to protect and click Protect.

    4. Once done, the protected branch will appear in the “Already protected” list.

    You can then allow some access to users with developer rights by checking “Developers can merge” or “Developers can push”


    Git Baby is a git and github fan, let's start git clone.