2010: For Gitolite 2 (might have changed for gitolite 3)
No (meaning a dedicated branch with the right content needs to be created).
As the author of gitolite himself put it:
I am the author of a project called gitolite that does an excellent job of branch-level access control for multiple git repositories on a central server.
My target "market" is precisely corporate users of git.
So far, I have not seen a situation where read-access needs to be restricted to ortions of a repo (git can't do that anyway).
[well sparse checkout might help, but it is not easy anyway)
Write-access does often need to be restricted, and gitolite can let you restrict:
- both by branch name (e.g. only the QA lead can push a commit series into the "QA-done" branch)
- or by filename (e.g., only the team lead can make changes to the Makefile and files in
src/very-important-and-critical-module
).
See the section "security, access control, and auditing", and here is an example of write access:
The conf/example.conf
file has all the detailed syntax:
repo foo
RW+ = lead_dev # rule 1
RW = dev1 dev2 dev3 dev4 # rule 2
RW NAME/ = lead_dev # rule 3
RW NAME/doc/ = dev1 dev2 # rule 4
RW NAME/src/ = dev1 dev2 dev3 dev4 # rule 5
each file touched by the commits being pushed is checked against those rules.
- lead_dev can push changes to any files,
- dev1/2 can push changes to files in "
doc/
" and "src/
" (but not the top level README
),
- and dev3/4 can only push changes to files in "
src/
".
That being said, the tough question remains, as the OP puts it:
how do I create new branch witch some selected files only, and delete the previous commits, so the graphic designer could not access them, and see only the selected ones after the clone?
General principle:
create 'graph_designer' branch at a point in history where those files weren't present.
From there, two choices:
- either reorganize your current commits (
git rebase --interactive
) in order to have first the one with only dir2
files (and then commits impacting any other directory)
- or, if the first choice represents too much work (or isn't possible because those commits have already been pushed and pulled in other repos), simply copy and add the relevant files in that new branch.
That means, no past history for those files, but they might not need that history right from the beginning.
That 'graph_designer
' will be the only branch allowed to be cloned, and won't contain any history with non-authorized files.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…