October 22, 2012

Collaborating Outside the Firewall with Git Fusion

Media & Entertainment
Git at Scale
Traceability

Collaborating with external contributors on a software project is always challenging. You'll face a different set of challenges if your primary repository is Perforce or Git, of course. If you're working with a partner company or a consulting firm, you have to work out a lot of logistics:

  • Your primary repository is behind your firewall. How do they access it securely?
  • How do you limit their view of the data? They shouldn't be able to see everything you're working on. (This is the tricky part if your primary repository is Git. Splitting a partial set of data out of Git is challenging to say the least.)

Git Fusion provides a great solution for this situation: expose a carefully scoped, shared Git repository through Git Fusion.

Perforce Git Fusion deployment

Alternatively, if you prefer to only permit outbound SSH through your firewall, you can use an intermediary Git repository outside the firewall. This configuration is similar to an open source project where a trusted reviewer will accept and review contributions from external collaborators, before pushing changes to the 'master' repository. The external Git repository serves as a collaboration point for merging external and internal work, with an internal developer pulling changes back through the firewall to Git Fusion.

Perforce Git Fusion extra security

Using this deployment solves a few problems.

  • The data accessible to the external users is the data exposed through Git Fusion views. You can be very selective about which files to share.
  • The external users do get the full history of the shared data in their local Git repositories. That's better than working with 'code drops'.
  • You only need to open the SSH port in your firewall. (Of course you can take other normal network precautions if you wish.)
  • Communication outside the firewall is over SSH, a secure protocol.
  • Git Fusion requires the use of public/private keys for authentication. A lost password won't compromise your data; a hacker would need to get someone's private key as well.
  • You can quickly remove someone's public key to revoke their access.

Interested in how to use Git Fusion to solve a collaboration or deployment problem? Grab Git Fusion today or head on over to the Git Fusion forums for advice.