gitolite:允许只改变选择的文件 [英] gitolite: allow to change only selelected files
问题描述
如何配置git和gitolite以允许特定用户只更改特定目录内的文件?
例如。原始主分支中的文件:
/ dir1 /
/ dir2 / file1
/ dir2 / file2
/ dir3 / file1
用户 kathrine
,只允许改变 / dir2 / file1
和 / dir2 / file2
$ kathrine:git clone git@example.com:test.git
结果为:
/ dir2 / file1
/ dir2 / file2
在 gitolite.conf中有任何per-dir指令
或者我应该为这个用户的新分支配置git?
我只是不希望图形设计人员访问源代码文件。
2010:对于Gitolite 2(可能已经改变为gitolite 3)
$ b $需要创建具有正确内容的专门分支)。
我是一个名为gitolite的项目的作者,它在分支级访问控制方面表现出色用于中央服务器上的多个git存储库。
我的目标市场恰恰是git的公司用户。
到目前为止,我还没有看到读取访问权限需要限制回购比例的情况(git无法完成无论如何)。
[well 写访问通常需要被限制,并且gitolite可以让你通过分支名称限制: 请参阅安全性,访问控制和审计,以下是写入访问的示例: 这就是说,棘手的问题仍然存在, OP提出: 如何创建新的分支只会挑选某些选定的文件,并删除以前的提交,所以图形设计人员无法访问它们,并在克隆后看到所选内容? 一般原理: 在历史记录中创建graph_designer分支,其中这些文件不存在。 从这里,有两种选择: 这个' How to configure git and gitolite to allow specific user to change just files that are inside specific directory? e.g. files in origin master branch: User results in: Are there any per-dir directives in I just don't want graphics designer to have access to the source code files. 2010: For Gitolite 2 (might have changed for gitolite 3) No (meaning a dedicated branch with the right content needs to be created). As the author of gitolite himself put it: I am the author of a project called gitolite that does an excellent job of branch-level access control for multiple git repositories on a central server.
My target "market" is precisely corporate users of git. So far, I have not seen a situation where read-access needs to be restricted to ortions of a repo (git can't do that anyway). [well sparse checkout might help, but it is not easy anyway) Write-access does often need to be restricted, and gitolite can let you restrict:
See the section "security, access control, and auditing", and here is an example of write access: The
each file touched by the commits being pushed is checked against those rules.
That being said, the tough question remains, as the OP puts it: how do I create new branch witch some selected files only, and delete the previous commits, so the graphic designer could not access them, and see only the selected ones after the clone? General principle: create 'graph_designer' branch at a point in history where those files weren't present. From there, two choices: That ' 这篇关于gitolite:允许只改变选择的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
src / very-important-and-关键模块
)。
conf / example.conf
文件具有所有详细的语法:
repo foo
RW + = lead_dev#规则1
RW = dev1 dev2 dev3 dev4#规则2
RW名称/ = lead_dev#规则3
RW名称/ doc / = dev1 dev2#规则4
RW名称/ src / = dev1 dev2 dev3 dev4#规则5
$ c $根据这些规则检查被推送的提交所触及的每个文件>
doc /
和 src /
(但不是顶级 README
),
src /
中的文件中。
git为了首先使用
dir2
文件(然后提交影响任何其他目录) / li>
这意味着,这些文件没有过去的历史记录,但它们可能从一开始就不需要这些历史记录。
graph_designer
'将是唯一允许被克隆的分支,并且不会包含任何带有非授权文件的历史记录。/dir1/
/dir2/file1
/dir2/file2
/dir3/file1
kathrine
, allow to change only /dir2/file1
and /dir2/file2
$kathrine: git clone git@example.com:test.git
/dir2/file1
/dir2/file2
gitolite.conf
or shall I configure git with new branch for this user?
src/very-important-and-critical-module
).
conf/example.conf
file has all the detailed syntax:repo foo
RW+ = lead_dev # rule 1
RW = dev1 dev2 dev3 dev4 # rule 2
RW NAME/ = lead_dev # rule 3
RW NAME/doc/ = dev1 dev2 # rule 4
RW NAME/src/ = dev1 dev2 dev3 dev4 # rule 5
doc/
" and "src/
" (but not the top level README
), src/
".
git rebase --interactive
) in order to have first the one with only dir2
files (and then commits impacting any other directory)
That means, no past history for those files, but they might not need that history right from the beginning. graph_designer
' will be the only branch allowed to be cloned, and won't contain any history with non-authorized files.