How to enforce a commit policy in Mercurial DVCS?

I think you said you want a "structured way of working", and so I wonder if what you are looking for instead, is code lieutenants. That means that the door is locked from the inside, and only the lieutenant opens it, and code hits the central repo, only when the lieutenant pulls it in. Code that has been through your approval process is pulled into a central or authoritative repository, which is a "structured way of working By talking about denying write to a branch only in a repo, instead of denying write to the entire central repo, It sounds to me almost like you're asking how can you take away the DVCS's #1 great attribute, which (a) that there is not just one copy, and that each copy can have its own read/write access rules, one of those copies is the central one if you like it to be so, and (b) that commits are separate from inflicting them on anyone else.

A commit is a local working copy action. It is not until these commits hit the authoritative repository, either the central one, or the one managed by your code lietenant, that you have even made a real change, under this controlled process, using DVCS Or are you thinking that users shouldn't even commit into their own working DVCS local instances, without making branches? In short, you could say, each local machine's working copy IS A BRANCH, an invisible branch, not inflicted on anyone, or even named, until it is polled by the lieutenant who will do the code review, and integration test the entire changeset, which is functionally equivalent to what you might have called a "feature branch" in a CVCS.

Those invisible branches are all writeable, and the central repo (not a branch, separate REPO) is read only by virtue of how it is set up; users can sync from it, but not push to it, except the lieutenant who pulls new changes into it. Fundamentally stable, but still everybody can get work done.

I think you said you want a "structured way of working", and so I wonder if what you are looking for instead, is code lieutenants. That means that the door is locked from the inside, and only the lieutenant opens it, and code hits the central repo, only when the lieutenant pulls it in. Code that has been through your approval process is pulled into a central or authoritative repository, which is a "structured way of working".

By talking about denying write to a branch only in a repo, instead of denying write to the entire central repo, It sounds to me almost like you're asking how can you take away the DVCS's #1 great attribute, which (a) that there is not just one copy, and that each copy can have its own read/write access rules, one of those copies is the central one if you like it to be so, and (b) that commits are separate from inflicting them on anyone else. A commit is a local working copy action. It is not until these commits hit the authoritative repository, either the central one, or the one managed by your code lietenant, that you have even made a real change, under this controlled process, using DVCS.

Or are you thinking that users shouldn't even commit into their own working DVCS local instances, without making branches? In short, you could say, each local machine's working copy IS A BRANCH, an invisible branch, not inflicted on anyone, or even named, until it is polled by the lieutenant who will do the code review, and integration test the entire changeset, which is functionally equivalent to what you might have called a "feature branch" in a CVCS. Those invisible branches are all writeable, and the central repo (not a branch, separate REPO) is read only by virtue of how it is set up; users can sync from it, but not push to it, except the lieutenant who pulls new changes into it.

Fundamentally stable, but still everybody can get work done.

While this is a good workflow (and a reasonable solution for the question), it does not make technical commit regulations (e.g. By hooks) completely obsolete. If developers themselves in an early state, i.e. When they commit or push, recognize that they break workflow rules, the code lieutenant does not has to deal with accidentally broken rules but can concentrate on more sophisticated issues.

– Oben Sonne Jun 17 at 8:01 I think that a good way to combine these is to have code hooks cause automatic builds of commits to central repos, which can then be flagged as "passed smoke test", or whatever, or you could even have manual QA review on builds, that is used to flag builds as good, as a block to integration. But if you actually block commits, you block work. Block integration moves, (pull/push), not commits.

– Warren P Jun 17 at 17:26 Accepted Answer. I think this has guided me away from the hook idea, instead allowing each cloned repo to be its own branch (which is after all a way that Mercurial works as a DVCS). Having the central repo be pull-only is a nice idea too - combining this with a service like bitbucket or similar, would be possible perhaps by having forks that a user can work from, with the main repo being pushable by only the lieutenant.

– icabod Jun 21 at 10:33 @Warren P: What are the flagging mechanisms implementation in a scenario as above in 'have code hooks cause automatic builds of commits to central repos, which can then be flagged as "passed smoke test"'? Are these mercurial internal means like tags/bookmarks or external means like CI tool log of self made flag keeper? – dim Jul 7 at 11:47 Flagging mechanisms could include modification of the commit log notes to contain markers add tag "PASSED_SMOKE_TEST:yy-mm-dd hh:nn" to commit notes, or they could include creation of tags or bookmarks using BookmarksExtension, you could create a BOOKMARK_LATEST_PASSED_SMOKE_TEST for instance.

– Warren P Jul 7 at 19:35.

If you have access to the central repo's hgrc, you could define a pretxnchangegroup hook which validates that incoming changesets on the integration branch have 2 parents (while the first one must be on the integration branch). AFAIK, on Bitbucket you could only set up post-checks using brokers. These brokers do not prevent any unwanted pushes but may notify you in case someone did not follow the rules.

However, personally I second @Zhehao's comment, i.e. Just try to get everyone follow the rules and let those breaking them serve coffee to colleagues for one week (or so, you get it). Finally you could maintain some shared hgrc and corresponding hooks which every developer has to set up (once) on her system.

If set globally on a system, there's no need to set them up again for each clone.

2 For a shared hgrc you could also check the hash/id of the initial commit in the current repo in the hook if you only wanted the hook to apply to clones of a particular repo. – Tim Delaney Jun 17 at 0:09.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.