0

I have the following problem. I am managing a main Git repository, and we are starting to add sub-projects/libraries as git submodules. Some of those submodules are public, and anyone is allowed to pull/clone. But other submodules require to be authorised for pulling.

How can I do so that the people that have no rights to clone/pull a particular submodule can clone/pull the full project with the public submodules or other submodules s/he might have access to?

git clone --single-branch --branch master git.ssh.address/project.git --recurse-submodules

I need to provide users with a simple one-line command that allows them to clone my repo with all the submodules they have the access to, preventing errors from submodules where they do not have access.

I would expect a kind of --ignore-errors?

Daemon Painter
  • 3,208
  • 3
  • 29
  • 44
Javier Galan
  • 19
  • 2
  • 5

1 Answers1

0

The issue I see is that the script must fetch the user permissions, and probably the easier way is to try and do the clone, seeing where it fails. Otherwise, the script should fetch a manifesto of user permissions somehow.

Since the URL in the .gitmodules file is what other people will first try to clone/fetch from, make sure to use a URL that they can access if possible. For example, if you use a different URL to push to than others would to pull from, use the one that others have access to. You can overwrite this value locally with git config submodule.DbConnector.url PRIVATE_URL for your own use. When applicable, a relative URL can be helpful. source

The problem with your architecture is that everybody sees everything, and thus is supposed to have access to everything. Instead, add as submodules the smallest subset of public submodules to your superproject, and create a script that polls the private submodules as post-clone hook, if access is granted, adds them as submodules and pulls them.

Daemon Painter
  • 3,208
  • 3
  • 29
  • 44