For a long time, people have asked that Gitorious support a fine-grained permissions system where repositories can be made private and access granted only to select users/groups. We have decided to develop this feature for Gitorious, and we need your help.
Some of you may know of the infamous merge request #115. This partially solves the problem at hand, but unfortunately not in a way that we can accept responsibility for. However, the discussion around this merge request spawned the idea of a fund-raiser, and that’s how we are going to do this.
How, what and when
On top of this system we will implement role-based authorisation that extends to pushing and pulling git repositories, as well as scoping all user generated data on the web site (project information, repository activity, events of various kinds).
We will put as much authorization logic as possible in the generic layer already in place in Gitorious so that it can easily be utilized regardless of whether you are using database backed logins, LDAP or the upcoming Atlassian Crowd SSO support. This means you can use LDAP groups to manage access to Gitorious content.
We are ready to start this work early 2012, given proper funding. We have estimated this feature to roughly 4 weeks of work. Using our reduced hourly rate offered to Local Install customers, this comes out to $24000.
Private repositories will be developed and shipped as part of Gitorious mainline. It will not be offered as a free service on gitorious.org. This means we will ship some sort of configuration switch controlling whether or not this system is available in a given installation.
Is your company interested in using this feature? How about helping funding it? Get in touch, let us know the amount you would like to contribute, and if you have any specific features you would want us to account for. You can help fund this project anonymously if you so wish, but we recommend you allow us to tell the world what a great company you are for helping a free software project becoming even better!
Any contribution is appreciated. Email email@example.com if you are interested. I will keep you guys updated on the donation progress here on the blog.