分支上的 Gitolite 权限 [英] Gitolite permissions on branches
问题描述
我真的很茫然.我已经阅读了很多示例,并尝试了所有示例.最基本的工作正常,但每当我尝试转向更复杂的东西时,一切都会崩溃(即使我直接复制示例).另外,作为记录,我使用的是 gitolite 版本 3,如服务器垃圾邮件所示:
I'm really at a loss here. I've read through quite a few examples, and tried all of them. The most basic ones work fine, but anytime I try to move to something a bit more complicated everything falls apart (even when I'm directly copying the example). Also, for the record I am on gitolite version 3 as shown by the server spam:
this is gitolite@ubuntuserver running gitolite3 v3.1-2-g3eefc06 on git 1.7.9.5
所有这些都表明我想要完成的(我认为)相对简单.我有一群初级开发人员 [@scrubs],我只希望他们创建和提交新分支,并且能够读取/拉取 master.这样我就可以在合并之前检查他们的代码.
All this said what I am TRYING to accomplish is (I THINK) relatively simple. I have a group of junior developers [@scrubs], and I only want them to create and commit to new branches, and be able to read/pull master. That way I can review their code before it gets merged in.
我有一群高级开发人员 [@vets],我想自由支配.
I have a group of senior developers [@vets] that I want to have free reign.
我的配置文件如下:
@scrubs = al ted matthew
@vets = kevin will guy
@offlimitbranches = master$
repo gitolite-admin
RW+ = @vets matthew
repo dawebsite
RW+ = @vets
- @offlimitbranches = @scrubs
RW+ = @scrubs
R @offlimitbranches = @scrubs
R = daemon
option deny-rules = 1
dawebsite "Owner" = "This is THE site"
在我添加之前,我发现否认没有任何作用:
I noticed nothing worked at all for denying till I added :
option deny-rules = 1
我想我可能在 20 个例子中找到了一个(稍微咆哮一下,原谅我的挫败感.
of which I think I found in maybe one out of 20 examples (a touch of a rant forgive the frustration.
通过目前的设置,兽医可以按预期做任何事情.
With this current set up vets can do anything as expected.
scrubs 既不能 pull 也不能 push 到 master(我认为这是因为它抓住了它可能匹配的第一个规则?) Scrubs 也不能 pull 或 push 到任何非 master 分支,也不能推送新创建的分支.每次尝试都返回相同的消息致命:[R/W] any dawebsite matthew DENIED by refs/heads/master$"
scrubs can neither pull or push to master (and I think that's because it grabs the first rule it can possible match?) Scrubs also can not pull or push to any non master branch, nor push newly created branches. Each attempt returns the same message "FATAL: [R/W] any dawebsite matthew DENIED by refs/heads/master$"
我尝试过使用 master、master$、@offlimitbranches 甚至 refs/heads/master 对分支 ref 无济于事.
I've tried using master, master$, @offlimitbranches and even refs/heads/master to no avail for the branch ref.
如果有人能帮助我阐明这一点,我将不胜感激.
If anyone can help shed some light on this for me I'd be quite appreciative.
更新**
玩弄我注意到的事情,如果我从磨砂组中删除马修并尝试直接用
Playing around with things I've noticed that if i remove matthew from the scrubs group and try to manipulate him directly with
- master$ = matthew
RW+ = matthew
如果他搬到一个新的分支并尝试以下操作:(感谢 VonC 对日志的提醒)
if he moves to a new branch and tried the following: (thanks VonC for the heads up on the logs)
git pull origin newBranch
git push origin newBranch
每个返回一个错误
拉:
ARGV=matthew SOC=git-upload-pack 'dawebsite.git' FROM=172.24.1.198
access(dawebsite, matthew, R, 'any'),-> R any dawebsite matthew DENIED by refs/heads/master$
trigger,Writable,access_1,ACCESS_1,dawebsite,matthew,R,any,R any dawebsite,matthew DENIED by refs/heads/master$
R any dawebsite matthew DENIED by refs/heads/master$<<newline>>(or you mis-spelled the reponame)
推送:
ARGV=matthew SOC=git-receive-pack 'dawebsite.git' FROM=172.24.1.198
access(dawebsite, matthew, W, 'any'),-> W any medehrdev matthew DENIED by refs/heads/master$
trigger,Writable,access_1,ACCESS_1,dawebsite,matthew,W,any,W any dawebsite matthew DENIED by refs/heads/master$
W any dawebsite matthew DENIED by refs/heads/master$<<newline>>(or you mis-spelled the reponame)
似乎我所有的分支都与 ref master$ 匹配是因为它们都是从 master 中衍生出来的?
It seems all my branches match against the ref master$ is that because they are all spawned off of master?
推荐答案
我的配置,现在正在工作:
My config, that is working now:
@gatekeepers = ustimenko
@developers = ustimenko user1 user2
@deployers = puppet
@project = repo1
@project = cakephp
repo @project
RW+ = @gatekeepers
R master develop = @developers
- master develop = @developers
RW+ = @developers
R = @deployers
<小时>
- 看门人拥有完全访问权限.
- 开发者可以读master和develop分支,然后拒绝其他操作.
- 开发者可以做所有其他事情.
- 部署者可以阅读所有内容.
这篇关于分支上的 Gitolite 权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
