Good Morning,

I need to pitch an Enterprise level code management system. This system 
needs to have some fairly strict read-only vs. read/write requirements 
based on environment.

I first asked this question in Stack Overflow 
<http://stackoverflow.com/questions/34404372/git-push-pull-restrict-by-subdomain>,
 
but I need to flesh out additional details...

Posit three environments identified by their subdomains: DEV.example.com, 
TEST.example.com, and PROD.example.com.


   - The three subdomains have firewalls between them, and cross-domain 
   access is the exception, not the rule.
   - DEV is the only subdomain that is allowed to push code to a central 
   git repository.
   - TEST and PROD MUST <https://www.ietf.org/rfc/rfc2119.txt> be pull 
   only. Repositories MUST NOT be modifiable from these subdomains.
      - Include the possibility that developers and testers may be the same 
      people, so user-based access control to a single git repository won't 
work.
   
The solution that I came up with use two repository servers: 
git.DEV.example.com and git.PROD.example.com.

   - Projects in git.DEV.example.com include
      - Project directories owned by git:<group>.
      - Group-based access control via "git init --shared=group 
      /path/to/project".
      - Push control set with "git remote add -t master -m master 
      --mirror=push gitPROD ssh://g...@git.prod.example.com/path/to/project.git
      "
      - The "git push gitPROD" command in hooks/post-update.
      - git-web installed, but push access via SSH only. (WebDAV probably 
      wouldn't be approved by security.)
   - Matching projects in git.PROD.example.com would include
      - Project directories owned by git:git.
      - Access control via "git init --bare --shared=0644 
      /path/to/project.git".
      - git-web installed, and read access available via http. Firewall 
      modifications would be made to allow http GET access from anywhere in 
      TEST or PROD.
   
So, a developer has a git repository in their local workspace. When they're 
happy with their code, in whatever branch they're on, they push to 
git.DEV.example.com as their central repository in DEV. When that push 
happens, git.DEV.example.com automagically pushes the MASTER branch ONLY up 
to git.PROD.example.com. (If MASTER isn't changed, existing "no changes to 
push" results are fine.)

Here are my questions:

   - Am I missing a substantially easier solution?
   - For "--shared=group" is the group membership of the .git directory the 
   relevant group? I think so, but I would appreciate verification.
   - When the post-update script fires, who is the initiating user?
      - Is it the developer pushing to the repository?
      - Is it the user associated with the .git directory?
      - I need to know what user is launching the "git push gitPROD" in 
      order to allow/limit access on git.PROD.example.com.
   
Thanks!
David

-- 
You received this message because you are subscribed to the Google Groups "Git 
for human beings" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to git-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to