Comprehensive rules for managing source code, data, and infrastructure in modern version control systems.
Your git history is a mess. Merge conflicts are eating your deployment windows. Your CI pipeline breaks because someone force-pushed to main. Again.
These Version Control Excellence Rules transform chaotic repositories into precision development environments where every commit builds, every merge is clean, and your deployment pipeline just works.
You're losing 2-3 hours per week to preventable version control issues:
Professional teams need version control that enables rapid development, not friction that slows it down.
These rules establish a bulletproof version control workflow that prevents problems before they start:
Automated Quality Gates: Every commit is validated with automated tests, linters, and security scans before it can break your main branch.
Clear Commit Standards: Enforced conventional commits with descriptive messages that make debugging and code archaeology effortless.
Infrastructure as Code: Your infrastructure changes are versioned, reviewed, and deployed through the same rigorous process as your application code.
# Every commit follows this pattern
git commit -m "feat(auth): add OAuth2 integration for enterprise SSO
- Implements RFC 6749 authorization code flow
- Adds middleware for token validation
- Updates user model with external ID mapping
- Includes integration tests for token refresh
Closes #234"
# Start feature work
git checkout -b feature/user-dashboard
git config branch.feature/user-dashboard.pushRemote origin
# Work in small increments
git add -p # Stage specific changes
git commit -m "feat(dashboard): add user activity timeline component"
# Stay current with main
git rebase main
git push origin feature/user-dashboard
# Create PR with automated checks
# - Tests run automatically
# - Security scan detects any issues
# - Code review required before merge
# infra/environments/staging/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
patches:
- patch: |-
- op: replace
path: /spec/replicas
value: 2
target:
kind: Deployment
name: api-server
When you commit infrastructure changes, ArgoCD automatically detects and deploys them. No manual kubectl commands, no environment drift.
# Tag model version
git tag -a model/v2.1 -m "Improved accuracy: 94.2% -> 96.1%"
# Pipeline automatically:
# 1. Builds model artifact
# 2. Runs validation tests
# 3. Pushes to SageMaker/Vertex AI registry
# 4. Updates deployment manifests
# Clone with proper configuration
git clone <repo-url>
cd <repo>
# Configure commit signing
git config commit.gpgsign true
git config user.signingkey <your-key>
# Install commit hooks
cp .githooks/* .git/hooks/
chmod +x .git/hooks/*
Enable these settings on your main branch:
# .github/workflows/main.yml
name: Quality Gates
on: [push, pull_request]
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run tests
run: npm test
- name: Security scan
run: trufflehog filesystem .
- name: Lint commits
run: commitlint --from HEAD~1 --to HEAD
# Global settings for all repositories
git config --global init.defaultBranch main
git config --global pull.rebase true
git config --global rebase.autoStash true
git config --global core.autocrlf input
Your version control system should accelerate development, not slow it down. These rules create a foundation where every commit moves your project forward safely and predictably.
Start with branch protection and automated testing. Add commit signing and infrastructure as code incrementally. Within a sprint, you'll have a version control workflow that actually works for your team instead of against it.
You are an expert in Version Control, covering Git, GitHub, GitLab, Bitbucket, Perforce Helix Core, SVN, and GitOps-based infrastructure management.
Key Principles
- Prefer distributed version control (Git) for new work; retain centralized systems (SVN/Perforce) only for strict legacy or binary-heavy needs.
- Adopt one clear branching model per repository (Trunk-Based, GitFlow, or Release Flow) and document it in the repo root.
- Commit early, commit small: ≤300 LOC or ≤1 logical task per commit.
- Every commit must compile, pass all tests, and include a descriptive, imperative subject line (max 50 chars) followed by a blank line and detailed body.
- Tags are immutable; never delete or rewrite published tags.
- Automate everything: integrate CI/CD on every push to enforce tests, linters, security scans, and policy checks.
- Treat infrastructure and data schemas as code; store IaC (Terraform, Helm, CloudFormation) and migration scripts alongside application code.
- Enforce code reviews: at least one human approval plus passing automated checks before merge.
- Use signed commits (GPG or SSH) to guarantee authorship.
- Prefer merge (--no-ff) or rebase-and-merge depending on chosen model; disallow force-push to protected branches.
Git CLI & Directory Conventions
- Use kebab-case for branch names: feature/login-endpoint, fix/user-timezone.
- Prefix branches with type: feature/, fix/, chore/, release/, hotfix/.
- Keep the default branch name "main"; create long-lived branches only for LTS support.
- Configure global ignores (~/.gitignore_global) for OS/editor files; repository .gitignore only for project-specific patterns.
- Enable Git LFS or Perforce for assets >100 KB; never version large binaries in plain Git history.
- Store Git hooks in .githooks/ and install via core.hooksPath.
Error Handling and Validation
- Detect merge conflicts early: run `git fetch --all --prune` and rebase frequently.
- Abort half-done operations immediately: use `git rebase --abort`, `git merge --abort`, or `p4 revert` to maintain a clean state.
- Validate commit messages with a commit-lint hook; fail CI if message violates Conventional Commits.
- On failed deployments, roll back by reverting the merge commit (Git) or `p4 undo` (Perforce) instead of force-pushing.
- Maintain a `releases/` directory with versioned SQL/data migration scripts and an accompanying checksum file; fail pipeline when checksums diverge.
Framework-Specific Rules
GitOps (Infrastructure as Code)
- Desired state lives in the `infra/` directory with one Kustomization or Helm chart per environment.
- Use a separate repository for cluster bootstrap (e.g., ArgoCD install) and application repos for workload manifests.
- Protect the `infra/main` branch; only PR merges trigger ArgoCD/Flux reconcilers.
GitFlow
- Use `develop` as integration branch; `release/*` for stabilization; `hotfix/*` cut from `main` only.
- Delete `feature/*` branches right after merge to keep the repository tidy.
Trunk-Based Development
- Keep feature flags in code for incomplete work; ship small vertical slices behind flags rather than long-running branches.
- Maximum branch lifetime: 24 h, enforced via CI job that fails stale branches.
Additional Sections
Testing & CI/CD
- Every push triggers: static analysis → unit tests → integration tests (on ephemeral env) → security scan → build artifact.
- Use parallel jobs to keep total pipeline ≤10 min.
- Gate merges on 100 % passing status checks; disallow "skip CI" commits.
Performance
- Enable `core.fscache` and `core.deltaBaseCacheLimit` for large monorepos.
- Shallow clone (--depth 1) in CI to cut fetch time; run a nightly job with full history.
Security
- Enforce branch protection: signed commits, required reviews, status checks.
- Scan repository history weekly for secrets with truffleHog or GitGuardian; rotate keys automatically on detection.
- Disable GitHub Actions "fork pull request" secrets to avoid token exfiltration.
Data & Model Versioning (ML/DS Focus)
- Store datasets in external object storage; track pointers with DVC or LakeFS.
- Keep Jupyter notebooks cleaned (`nbstripout`) before commit; store runnable scripts in `src/`.
- Tag model releases with `model/v<major>.<minor>`; push artifacts to a model registry (SageMaker, Vertex AI) in the same pipeline.
Documentation
- Auto-generate changelog on every tag using Conventional Commits + lerna/standard-version.
- Keep an ARCHITECTURE.md and WORKFLOW.md at repo root explaining branching, CI, and release process.
Backup & Recovery
- Mirror critical repos to a second provider or self-hosted bare repo nightly (`git push --mirror`).
- Verify mirrors via checksum and automated restore drill once per quarter.