开发者

Per-directory permissions on git

开发者 https://www.devze.com 2023-01-04 22:04 出处:网络
We are considering switching our VCS to either git or subversion. I\'d prefer switching to git, but subversion has a nice feature that I don\'t see in git : per directory access control.

We are considering switching our VCS to either git or subversion. I'd prefer switching to git, but subversion has a nice feature that I don't see in git : per directory access control.

We currently have project1, project2 repositories in cvs, with different permissions. We'd like to have one single repository, with two directories project1 & project2 with different permissions. Is it doable with git as it is with svn ?

I'm aware of submodules, which could probably achieve that, but the goal for us is to be able to do one single commit with c开发者_开发知识库hanges in project1 & project2.

We mainly have IP issues, and want to be sure that some people can't read (not just push) some directories. So, is git up for the challenge or will I have to use git-svn ?

Thanks


It is doable with a central repo with access (push/pull) managed by gitolite.
See its features.

If you combine that with submodules (which you are aware of), you would only manage per-repo or per branch access and still commit both project1 and project2 (with two commits in case of a subrepo: see this question)

If you insist on working with one repo (even though you have to set of data which could evolve with their own lifecycle, which should make them good candidates for modules), then the gitolite features do include:

file/dir NAME based restrictions

In addition to branch-name based restrictions, gitolite also allows you to restrict what files or directories can be involved in changes being pushed

dpk mentions in the comments that this last feature (the file/dir name restriction) is detailed in the conf/example.conf file of Gitolite.


Try nigit https://github.com/kingsimba/nigit. My team(over 30 people) has been using it for years.

It can manage correlated projects as a whole, by pulling them together, switching branch together, etc. Each project has its own collaborators and permissions.

If someone don't have permission to some source code(subprojects), they can use the compiled binaries.

$ nigit status
=== nigit ===
+ some_new_file
- some_deleted_file
M some_modified_file
? some_untracked_file
=== ncgeo ===
- other_deleted_file
? other_untracked_file
0

精彩评论

暂无评论...
验证码 换一张
取 消