tags:

views:

124

answers:

1

Hello all,

We are considering switching our VCS to either git or subversion. I'd prefer switching to git, but subversion has a nice feature that I don't see in git : per directory access control.

We currently have project1, project2 repositories in cvs, with different permissions. We'd like to have one single repository, with two directories project1 & project2 with different permissions. Is it doable with git as it is with svn ?

I'm aware of submodules, which could probably achieve that, but the goal for us is to be able to do one single commit with changes in project1 & project2.

We mainly have IP issues, and want to be sure that some people can't read (not just push) some directories. So, is git up for the challenge or will I have to use git-svn ?

Thanks

+1  A: 

It is doable with a central repo with access (push/pull) managed by gitolite.
See its features.

If you combine that with submodules (which you are aware of), you would only manage per-repo or per branch access and still commit both project1 and project2 (with two commits in case of a subrepo: see this question)

If you insist on working with one repo (even though you have to set of data which could evolve with their own lifecycle, which should make them good candidates for modules), then the gitolite features do include:

file/dir NAME based restrictions

In addition to branch-name based restrictions, gitolite also allows you to restrict what files or directories can be involved in changes being pushed

VonC
Yeah, saw that, but it seems to me that permissions here are about blocking pushs, not read on cloning. I barely see how cloning stuff would go along with this kind of read denial.
Wam
@Wam: for reading, you *have* to use the submodule approach: gitolite will prevent any cloning and pulling from a repo with the right ACLs (and a submodule is a Git repo of its own). In other word, it will block pull at the repo or branch level.
VonC
@VonC : yes, but then I lose the "single commit / single push / single pull" functionnality
Wam
@Wam: yes, you loose it because in a true configuration management (when you have to commit first your changes to submodules, then commit the new submodule reference to the parent repo), it doesn't make sense: see Git submodules vs. SVN externals: http://stackoverflow.com/questions/3131912/why-are-git-submodules-incompatible-with-svn-externals/3132221#3132221
VonC
@Wam: but it is ok though. A simple git alias can make those two commits in one smooth step.
VonC