OneWay Sync with Github Actions

Good afternoon everyone!

We are currently running a couple PSU instances test and prod. Today they are both being synced to a single repo with two branches test and main. Both are twoway git syncs. Updating code from test and prod is starting to get messy as certain files depend on other files.

We are looking into configuring prod to be a one-way git sync so it only pulls code from the main branch. This should be easy enough on the PSU side. However, an issue I currently have is that there is a bunch of scripts and config items in the test PSU server I dont want pushed up to the main branch for prod.

I’ve considered using .gitignore for main so certain scripts dont get committed into prod and then leverage something like GitHub actions to handle pull requests for merges into the main branch.

Is anyone out there doing something similar? Have I gone devops crazy?

Hopefully this makes sense.


we are running test/prod instances with this git configuration. Test is in two way sync with a dev branch and prod only pulls from main branch. Through pull request, we can make sure to only get wanted changes from dev to prod.

Our .gitignore file contains files, which are different between dev and prod e.g. variables.ps1/roles.ps1 etc.

We are planing to switch back both servers to two way sync for the following reasen.

You need to know, that if you are using this type of configuration, the “pull only” instance is read only and you are not able to change files through web ui.

So if your .gitignore contains a file like variables.ps1 than you are not able to add new variables. This is a dealbraker for us.

Hope this helps a little bit

Interesting. Thanks for sharing.


I have been doing some thinking about this…

That bad thing about adding endpoints.ps1 and scripts.ps1 to gitignore is that well… git doesnt track those files.

Would it make sense to write a script that only checkout\merges files that we want to move over? Git does not handle branch specific files and ideally that is what we want.

We never want to commit or merge over the following files from test to prod.

  • .universal/dashboards.ps1
  • .universal/endpoints.ps1
  • .universal/schedules.ps1
  • .universal/scripts.ps1
  • .universal/variables.ps1

Would it make more sense to have two separate GIT repos for test and prod? Then you are back to the issue of how do you update your code from test to prod?

You cant really exclude commits from pull requests on github from what I can tell.

Is anyone else using github with multiple PSU instances?