So here's the deal: For each of our 50+ repositories, we have a three-tiered branch model: Dev, Test, Master. Dev can be updated whenever the Devs want, and changes are aggregated by a team lead and submitted for deployment to our test environment, at which time the code is merged to the test branch and tagged. Once the code is tested and passed, (and deployed) it is migrated to master. After the code is in master and deployed successfully, we kill the old branches and create new ones only when requested.
But we are scanning our code with SonarQube and Fortify and it's getting overwhelming to update our scan schedule every time a new branch is requested. We want to keep the model of refreshing the branches each release.
My thought is to create one new branch per repository that would always stay the same name but which would automatically have the code from the test branch merged in to it each time a merge to test is done from the dev branch. We would use this branch for code scanning, as it should match the changing branch exactly.
We could kick it off as part of our Jenkins pipeline scripts, but that would just move the problem from 'updating the branches in the scanning schedules' to 'updating 50+ scripts' (or one parameterized list, which is better, but not ideal)
Is there a way to automatically perform a merge from the dev branch to a permanent test branch at the same time as the primary merge to the impermanent primary test branch? All without having to go in and update the scripts by hand (or better, a parameterized list)? Am I likely to run into problems (parent branch issues, etc?)