Home > Back-end >  Github mono repo member access
Github mono repo member access

Time:12-14

we have a UI mono repo using NX workspace , we are sharing code with multiple teams.Is there a way

  1. To allow access to Team members only the modules they own?
  2. To create PR which can be viewed and approved by module owners (Team only)?

CodePudding user response:

  1. No, read access = entire repo. If you're using a mono repo, then read access to all or no access. See: Information about Managing Teams

  2. Read access for PRs is same as above, but you can require certain groups of approvers for PRs that include certain paths when merging to particular branches. See Information about Code Owners and Protected Branches

CodePudding user response:

No, there is no way to restrict access to only part of a repository. The Git documentation is very clear that anyone who can read or write to a repository can access all of the contents of that repository. From the gitnamespaces(7) manual page:

The fetch and push protocols are not designed to prevent one side from stealing data from the other repository that was not intended to be shared. If you have private data that you need to protect from a malicious peer, your best option is to store it in another repository. This applies to both clients and servers.

If you need granular permissions, you need multiple repositories. I generally recommend against monorepos because they usually end up growing very large and then performing poorly (well after it's too late to fix), but this is also another reason why they're a bad idea.

As for PRs which can be approved by module owners, it depends on the platform. GitHub has the CODEOWNERS file, which can be used to mandate that files owned by certain teams require a review from that team.

  • Related