CODEWITHSUNDEEP
gitolite
andipla
andipla

Reputation: 383

Same permissions for multiple repositories

I have 2 git repos that have permissions looking similar to this:

repo    myrepo
    RW+     = admin
    RW user1$       = user1
    RW user2$       = user2
    RW user3$       = user3
    RW user4$       = user4

with the number of users being rather high (~100 at the moment) and growing. In order to avoid to maintain the permissions for both lists I was wondering if some sort of inheritance between repos or a looping over users would be possible (I tried to search the http://gitolite.com/gitolite/#documentation and stackoverflow)

So is it possible to do something similar to configure that repo2 has the same permissions as repo1 and/or do the permissions per user/branch in a loop?

Upvotes: 1

Views: 229

Answers (2)

Mort
Mort

Reputation: 3549

Just to add to @VonC's excellent answer, you can also group your repos.

@developers     =   user1 user2 user3
@cust1repos     =   myrepo myrepo2

repo    @cust1repos
    RW+     = admin
    RW      = @developer

This is basically the very first example here http://gitolite.com/gitolite/conf/

Upvotes: 0

VonC
VonC

Reputation: 1323115

At least, the first thing to consider would be the notion of group of users: you can use one group in both repo, and update the user list for that group once.

See group definition

@developers     =   user1 user2 user3

repo    myrepo
    RW+     = admin
    RW      = @developer

repo    myrepo2
    RW+     = admin
    RW      = @developer

After that, to really scale, you could define that group in order to get its content automatically from a user referential like LDAP.

GROUPLIST_PGM           =>  '/home/git/bin/ldap-query-groups',

You would then no longer have to modify the gitolite-admin repo at all.

what I need is that everyone in the group gets their own branch (with branch name == user name).

That is called "personal" branches in Gitolite:

"personal" branches are great for environments where developers need to share work but can't directly pull from each other (usually due to either a networking or authentication related reason, both common in corporate setups).

Personal branches exist in a namespace of their own. The syntax is:

RW+ personal/USER/  =   @userlist

where the "personal" can be anything you like (but cannot be empty), and the "/USER/" part is necessary (including both slashes).

A user "alice" (if she's in the userlist) can then push any branches inside personal/alice/ (i.e., she can push personal/alice/foo and personal/alice/bar, but NOT personal/alice).

Upvotes: 2

Related Questions