This article will help you get started with Git.
Git is an extremely powerful tool. An understanding of Git will help you collaborate with product development engineers and it will help you solve some of your product security challenges.
Unfortunately, many security engineers dismiss Git as a tool strictly for developers. They are missing a key point. Learning Git will improve your collaboration. It will give you a shared mental model.
When we have shared mental models, we can more quickly communicate ideas and have a common understanding of problems and potential solutions. - Gene Kim, The Phoenix Project (2013)
Mastering Git leads to clearer communication and better teamwork between security and development teams. Here are three other reasons security engineers should learn Git:
You are in luck. Learning Git won't take a long time. In a few minutes, you can learn enough to start using Git.
Here’s how to get started:
Let's take a quick look at how Git works. It is easy to get into a tricky situation with Git. Knowing how it works will help you find your way out of a future mess.
Git is a version control system like CVS or Subversion. CVS and Subversion use delta-based version control. That is, they track changes, or deltas, to files.
Git uses a series of snapshots, and it operates more like a filesystem. Git records a SHA-1 checksum hash for every file or directory it tracks. This makes Git more efficient than previous version control systems.
There are three critical concepts to understand: file states, environments and the Git workflow. Let's dive into each one.
This is important. Git tracks the state of each file. The possible states are:
Understanding file states helps you grasp a Git project's environments.
There are three environments in Git. Think of them as distinct workspaces for your files. They are:
As you probably noticed, file states and environments are sequential. They fit into a typical Git workflow.
The typical Git workflow looks like the following:
Many people gain a theoretical knowledge of Git and then stop learning. Theory can only take you so far. Let's fix that.
If you don't have Git installed, head over to the following documentation site for help:
https://git-scm.com/book/en/v2/Getting-Started-Installing-Git
You should be able to open a terminal or command prompt. Type git --version. The command should return your Git version.
Next, configure the username and email for your commits. You do this by typing the following:
If you did this right, typing git config --list will show the variables you just set.
Next, create a directory somewhere on your filesystem. You can delete it later, so don't overthink this.
Change directories into your test directory and type git init.
This will initialize a Git repository in that directory, which is currently empty. There is a hidden directory, .git. It contains your repository metadata and snapshots.
Now create a simple text file in your Git repository directory.
You can check the state of your repository with the git status command
$ git status
On branch main
No commits yet
Untracked files:
(use "git add <file>..." to include in what will be committed)
Git's return message indicates that you have an untracked file that you can add. Let's do that.
$ git add <file name>
Your file is now staged. If you run git status again, Git will tell you that the file is staged for the next commit.
$ git status
On branch main
No commits yet
Changes to be committed:
(use "git rm --cached <file>..." to unstage)
new file: test.txt
To commit the file, type:
git commit -m "first commit"
Finally, check out the (very short) commit history for your repository.
$ git log --oneline
dc963f3 (HEAD -> main) first commit
Congratulations, you created your first commit!
Last, but not least, let's chat about branches, merges, and pull requests.
Branches are a way to separate your development work from the default (e.g. main or master) branch. It lets you do your work on a separate snapshot. You can later "merge" your changes into the default branch.
Here's what that looks like in practice. We will create a new branch in our git repository with the git branch command.
$ git branch test
Let's view the branch we just created using the git branch command.
$ git branch
* main
test
This created the branch named test. The git branch command shows we now have two branches: main and test. We are currently on the main branch (designated by the *).
Let's switch to the test branch with the git checkout command.
$ git checkout test
$ git branch
main
* test
Go ahead and make some changes to your test branch and commit them.
$ touch test2.txt
$ git add test2.txt
$ git commit -m "modify test branch"
Now, we want to merge our test branch with our default branch (main). We do that by switching back to the main branch and running the merge command.
$ git checkout main
Switched to branch 'main'
The syntax is
git merge <name of branch you want to merge>
$ git merge test
Updating dc963f3..7ed2bdc
Fast-forward
test2.txt | 0
1 file changed, 0 insertions(+), 0 deletions (-)
create mode 100644 test2.txt
And that's it. The command merged all your changes from the test branch with the default branch. Congratulations!
There are a myriad of reasons for learning Git. It will make you a better security engineer and it will help you communicate and collaborate better with product teams. Plus, it is a really interesting tool.
Here are a few resources to help you dive deeper: