Gitolite permissions: How use the “-” thing?

2019-06-01 04:05发布

I'm trying to set up my Gitolite permissions but I'm not really sure how to use the - thing.

Situation: I have two groups; @gatekeepers and @devs. I want both groups to be able to work in all remote branches except the master branch. They are supposed to be able to pull the master branch though.

So far I have this, but I'm positive that it doesn't work:

repo foo
    - master = @devs @gatekeepers
    RW+     = @devs @gatekeepers

If I understand it correctly, this disallow the groups from doing anything at all (reading or writing) to the master branch.

What is the way to do this properly?

1条回答
Deceive 欺骗
2楼-- · 2019-06-01 04:11

For the stated purpose (which IIUC is disallow push to master), the original code in the question is fine; it does indeed prevent push to master to both groups mentioned.

Adding the deny-rules option makes it so no one can even clone.

Recap: the deny-rules option makes it so that deny rules are honored for the pre-git access check also. This means, (as the doc says), refexes are ignored -- in fact you don't even know what ref will be pushed, even if it is a push operation.

查看更多
登录 后发表回答