Git migration: permission control

Wed Apr 22 00:26:01 CEST 2009

Jannis Pohlmann wrote:

> How do we handle permission control? Do we need a pre-commit hook?
> ==================================================================
> 
> Git offers no way of controlling fine-grained repository permissions
> the way SVN does.

Well, that's a bit incorrect.  SVN doesn't offer a way to do this 
either.  We use a 3rd-party script that runs as a pre-commit hook.

> Now the question is: do we need them at all?

Yes.

> The current situation (quite simplified) is:
> 
>   - repository admins have access to everything

Sure.

>   - goodies developers have access to the entire goodies repository

I never liked this, and intended to tighten this up at some point, but 
never got around to doing it.

>   - core developers only have access to some core components of Xfce

It's more like core devs have access to all of the core of Xfce, with a 
few small exceptions.

>   - translators only have access to po/ and directories related to docs

Right.

> First of all, I think we should change this a bit:
> 
>   - core developers have access to everything officially part of Xfce

Sure.  If everyone is willing to be good citizens and respect module 
maintainers' commit policies, I'm ok with this.  I don't think it'd be a 
problem...

>   - goodie developers have access to their goodies only

Yep.

>   - translator coordinators have access to everything

Sure.

>   - translators have no access (coordinators pull from them)

Eh.  This means translators have to set up their own public repos, 
right?  That's not really a burden I'd like to impose on them.

> Additionally, if we choose something like Transifex for managing the
> translations, it would become
> 
>   - core developers have access to everything officially part of Xfce
>   - goodie developers have access to their goodies only
>   - Transifex needs access to everything (I guess)

Well, sorta.  I'd think it only needs access to the stuff it actually 
has to change.  I mean, if it's never going to commit outside of po/ and 
maybe configure.ac.in, there's no need to grant it permission to touch 
anything else.

> I don't see the need for more personally. How do we achieve this? IMHO
> we have two options:
> 
>   1) Use a self-baked pre-commit hook script to check permissions
>   2) Use something like gitorious 
> 
> 1) follows the DIY approach we've been rolling for years. It's not
> really comfortable though and requires a maintainance work from time to
> time.
> 
> I suppose that 2) has a lot of advantages in that it already ships all
> the tools needed to administrate and configurate the repositories. I
> guess it also handles permission control on its own. Since gitorious
> also provides an integrated wiki, maybe we could tweak it to merge
> repository and project websites into one web based representation?
> Brian, I guess you know it better than I do.

Yeah, I'd briefly thought about using Gitorious for the whole thing, but 
kinda dismissed it, but not for any good reasons.  I'll look into that. 
  I think it uses a similar approach for authentication that my 
homegrown crappy git admin interface uses (you upload ssh keys), which 
is good and bad.  I kinda like the idea that you can easily log in just 
with a plain password if you want to.  But maybe that's not such a big 
deal (hell, I never do it, anyway).

	-brian