October 4, 2012

Git Fusion - Access Control for Git, Down to the File Level

Git at Scale

The powerful access control model of Git Fusion intrigued me right from the start. That comes from my days as the developer who would take a stab at writing the clearmake or Ant build scripts: these files are so important that I really wanted to lock them down more tightly than other files. When I've used systems like SVN that provide access control mostly at the branch level, or Git that work mostly at the repository level, I've missed the ability to be a little more selective about permissions.

It's worth a very short review of Git access control to understand how well Git Fusion solves this particular problem. Git by itself doesn't provide any intrinsic access control. Without any extra tools, you can use SSH and operating system techniques to control read and write access to particular repositories. The next step up is using a repository manager like Atlassian Stash or Bitbucket, which give you easy read/write control over individual repositories. And at the top tier for Git, you can manage your repositories in Gitolite or Gerrit, which grant you control down to individual branches or tags.

Git Fusion lets you step up to progressively more granular Git access control depending on your needs, using simple out-of-the-box Perforce tools.

What do I need?What do I do?Typical Use
Control which parts of your Perforce repository can be accessed in Git.Control the Perforce protections for the Git Fusion user account.Don't allow build artifact depot to be accessed through Git. (Git doesn't handle large binary files well.)
Set default Git access for any Perforce users.Set counter git-fusion-permission-group-default to push, pull, or none.For the average Perforce user, let them pull but not push data using Git Fusion, until they've read a good Git book and know what they're doing.
Determine which Perforce users should be allowed to push and pull using any Git Fusion view.Control membership in groups git-fusion-pull and git-fusion-push.Globally determine read and write access to Git repositories.
Determine which Perforce users have push and pull access to a single repository.Control membership in groups git-fusion-repo-pull and git-fusion-repo-push, where repo is the name of the repository.Set repository level read/write privileges.
Set file level write permissions.Use Perforce protections to control access to a file or files used in a Git Fusion repository.Eureka! I can make sure I'm the only one changing the build script.

I think Git Fusion strikes a nice balance between letting team leads control access to a repository via group membership, and letting Perforce administrators have more fine grained (and final) control in the protections table. There are no add-on tools to worry about; you're just using normal Perforce groups and protections.

Whichever approach you take, just turn on the spec depot so you have a permanent record of the permission settings in the protections table and group membership. That'll help if you ever need to pin down a permission problem in the past.

How well does Git Fusion solve your Git access control needs? Grab the download and head over to the Git Fusion forum to let us know!