Merge / Branch Only Check in Policy

At my workplace, we have two main branches in TFS, Production (our trunk branch), and QA (our testing / release branch). One or more development branches are taken from QA, and users code against these development branches. When it comes to testing time before a release, we lock down the development branch to everyone except senior developers, who can check changes in on other people's behalf (for last minute important fixes), and users begin merging their changes into the QA branch.

The problem is, there is a tendency for people to 'sneak' changes directly into the QA branch, and merge them back to development after the code freeze. This is potentially dangerous, as the changes will not have been tested properly or built against all other code. Considering the QA branch had to allow check in and out permissions to allow people to merge their changes, and in the absence of some way of stopping people directly checking in to the Production and QA branches, I wrote a custom check in policy to block check ins that are not part of either a branch or merge operation

.(Image: screenshot of the policy failure window)

The policy can be downloaded below, and needs to be installed on the TFS server and all developer client machines.

DownloadMerge / Branch Only Check in Policy (TFS 2005)
DownloadMerge / Branch Only Check in Policy (TFS 2010)
DownloadMerge / Branch Only Check in Policy (TFS 2012)

The policy can be limited to particular branches in source control using version 1.2 of the Team Foundation Server PowerTools. As above, the PowerTools need to be installed on the TFS server and all client machines.

To set up the Merge Only policy limited to a path:

  1. In Team Explorer, right click the project you want to work with and select 'Security Settings / Source Control':
    (Image: screenshot of the team explorer security context menu)
  2. In the Checkin Policies tab, click Add, and select the 'Branch and Merge Only' policy. Click add, highlight the new policy, and click the disable button
    (Image: Screenshot of the source control settings dialog)
  3. Click OK to save the settings, and then reopen the source control security dialog as in step 1
  4. Click add again, and add the 'Custom Path Policy'
    (Image: Screenshot of the Add Check in Policy dialog)
  5. A new dialog will appear prompting you for settings for the custom path policy. In the drop down menu, select the Branch and Merge Only policy, and then add regular expressions to denote which path(s) you would like the policy to apply to.
    (Image: Screenshot of the custom path policy settings dialog)
  6. Click OK, and then OK again to save the settings

Now, if a user attempts to check changes in directly to the path you have specified, they will be confronted with a policy failure warning dialog. What you do to people who override the policy is up to you!

Source Code

Should you need to play around with the source code, the .vb file can be downloaded below. Note that you need to create a VB.NET class library project and import this file, and you need to add a reference to Microsoft.TeamFoundation.VersionControl.Client.dll to your project.

Download Source Code

© Leon Mayne 2007