1

We are moving our Git repos from plain Git/SSH to Gitosis for security reasons.

One benefit of plain Git/SSH is that any user can SSH into the Git server and perform a readonly Git query without requiring a full local clone.

For example, if I want to find the commit hash of the master branch (but nothing else), I can run:

ssh gitserver 'cd /path/to/repo && git rev-parse master'

This is extremely useful if the full repo is very large and I only want to find out a few small well-defined pieces of information.

If we move the git repo to Gitosis, the SSH method will no longer be possible. Is there any other way for a non-privileged user to perform a small readonly query without having a full clone of the repo? Thanks.

user1947224
  • 11
  • 1
  • Nope. You could write some sort of API to provide this sort of feature, but it seems easier just to `git clone` and run things locally; git is designed to be used in a distributed fashion and trying to centralize something like this seems like the wrong battle. – larsks Feb 25 '15 at 03:06

1 Answers1

0

Use Gitolite instead of Gitosis (which is stale since 2009).

That way, you benefit from gitolite commands which allows to perform various operations without having to ssh to the server.
You can define your own "non-core" commands which will allow you to perform any operation you want (while respecting the ACL you have defined, which means you won't be able to perform those commands on repos you don't have access to, as defined in the gitolite.conf file)

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250