I'm trying to set up my Gitolite permissions but I'm not really sure how to use the -
thing.
Situation: I have two groups; @gatekeepers
and @devs
. I want both groups to be able to work in all remote branches except the master
branch. They are supposed to be able to pull
the master branch though.
So far I have this, but I'm positive that it doesn't work:
repo foo
- master = @devs @gatekeepers
RW+ = @devs @gatekeepers
If I understand it correctly, this disallow the groups from doing anything at all (reading or writing) to the master branch.
What is the way to do this properly?
For the stated purpose (which IIUC is disallow push to master), the original code in the question is fine; it does indeed prevent push to master to both groups mentioned.
Adding the
deny-rules
option makes it so no one can even clone.Recap: the
deny-rules
option makes it so that deny rules are honored for the pre-git access check also. This means, (as the doc says), refexes are ignored -- in fact you don't even know what ref will be pushed, even if it is a push operation.