[fab] Version control ACLs
Bret Mogilefsky
bmogilefsky at gmail.com
Wed Jun 7 18:53:26 UTC 2006
Hello,
Reading the below section from the minutes about version control ACLs,
I can offer some information since I faced these same questions not
long ago.
Subversion has very good ACL support. You can do it at two levels...
One, using normal Apache semantics. And two, using very fine-grained
user groupings applied to specific paths in the repository. The
reference in the Subversion manual for the latter is here:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html#svn.serverconfig.httpd.authz.perdir
Since it's an Apache module, nothing really precludes you from ripping
that out and driving it from a backend such as a DB or LDAP instead of
a file; not sure if anyone who's done that has shared their code,
though.
Since it applies to arbitrary paths in the repo, and you determine SVN
repo layout yourself according to how things are packaged and released
(ie tags are first class version-controlled items), it seems like it
would suit the CVS ACL requirements below quite well.
Side note: people who are used to CVS face nothing but pleasant
surprises when switching to Subversion, meaning very little rocking of
the boat if Subversion is your pick. DARCs, monotone, git, arch,
etc. all have lots to offer, but are of a different species than CVS
and Subversion and entail rethinking your development strategy from
scratch, which sounds like it's out of scope here....
Hope that saves you a little time,
Bret
-----8<----
Some potential requirements to use as a starting point:
* We need a version control system that allows ACLs on particular branches.
* What sort of work will be required to make an existing tool fit
our needs (if it doesn't already)?
* Do we have to restrict to one tool? Consensus is yes. Don't want
to mirror commits, and moving things between two systems doesn't
improve the current problems that we have between Core and Extras.
ACTION ITEM:
* WarrenTogami and ElliotLee are tasked with leading this effort,
but it must involve consultation from many others in order for it to
be successful.
Separately, what does it entail to support ACLs in our existing CVS
model, in order to meet people's needs. This is something that Extras
has been asking for, for example. Would the ACLs be on a per package
basis, or a per package, per release basis.
-----8<----
More information about the advisory-board
mailing list