使用 gitolite 拒绝读取特定存储库分支
我想要实现的目标如下: 同事在@coworkers组中, 客户位于@clients 组中。
Git 存储库应可供所有人读写,但应有特殊分支。 即我创建一个新分支“实习生”,@coworkers 应具有 RW+ 访问权限,但客户端不应该能够 R 或 W。
我以为我可以通过以下方式实现这一目标,
repo myrepo
- intern = @clients
RW+ = @clients @coworkers
但这不起作用。
What I'm trying to achieve is the following:
coworkers are in group @coworkers,
clients are in group @clients.
The Git repo shall be available to read and write for everyone, but there shall be special branches.
i.e. I create a new branch "intern" and @coworkers shall have RW+ acces, but clients should NOT be able to R or W.
I thought i can achieve that by
repo myrepo
- intern = @clients
RW+ = @clients @coworkers
But this does not work.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
根据与 gitolite 作者的讨论,请阅读分支机构无法进行访问限制:
According to a discussion with the author of gitolite, read access restriction is not possible for branches:
现在可以使用 gitolite 的部分复制功能
$GIT_CONFIG_KEYS = '.*'在 ~/.gitolite.rc 文件中示例:如果您希望客户端只能访问
deploy分支(如果 git 抱怨它无法删除 master 分支),您可以在服务器上使用此命令:
客户端现在可以克隆以下版本的部署分支: my-repo-deploy 存储库,使用如下命令:
It is now possible to restrict read access to gitolite branches with the latest version of gitolite v3.x using the partial-copy feature of gitolite
partial-copyline in theENABLEsection of the ~/.gitolite.rc file$GIT_CONFIG_KEYS = '.*'in the ~/.gitolite.rc fileExample: if you want the client to only have access to the
deploybranchif git complain that it cannot delete the master branch you can use this command on the server:
The clients can now clone the deploy branch of the my-repo-deploy repository with a command like this:
我不是 gitolite 专家,但我认为规则是按顺序处理的。您是否尝试过简单地反转最后两行?也就是说,首先向@clients和@coworkers授予权限,然后再拒绝@clients对intern的访问。
I'm not a gitolite expert, but I think the rules are processed in order. Have you tried simply reversing the last two lines? That is, grant permission to @clients and @coworkers first, and then secondly deny access to intern by @clients.