Need to add permissions based on user for a GitHub repo

Hello:

I have my repo under Intel Sandbox · GitHub. I like to add new sections ( maybe using submodules and subtrees) which have read/edit permissions based on user, for example an internal vs external worker in the team. Not sure if possible.

Also, I was reading that the total data size of the repo cannot exceed 5GB. Does that limit include the submodules and subtrees?

Basically trying to put several projects under one repo, but have user restrictions on who can access each section or directory or subtree.

Any tips appreciated.

1 Like

Hi @Doran59 :wave:

I like to add new sections ( maybe using submodules and subtrees) which have read/edit permissions based on user, for example an internal vs external worker in the team. Not sure if possible.

I appreciate that you’re looking for ways to control access to contents of the shared repository. While you probably could achieve this through submodules, that approach relies heavily on admins to orchestrate, and it’s likely to break things for users.

It may help to compare the shared Git repository to a shared folder on a file server. File servers support access control lists (ACLs) that ensure only authorized users can create or modify files.

A shared Git repository does not support such ACLs. Instead, GitHub provides codeownership and branch protection. Repository administrators use these two features to ensure only authorized changes are pushed to protected branches.

Basically trying to put several projects under one repo, but have user restrictions on who can access each section or directory or subtree.

What you’re describing can be called a “monorepo”. You’ll be unable to restrict user access to sections or directories of a Git repository because users will clone the repository and access it locally - where server-side controls may not be enforced.

However, codeownership and branch protection work the same way for a monorepo as they do for smaller, single-project repositories.

If you’d like to maintain your projects in a monorepo, please read through Maintaining a Monorepo. It describes considerations and problems common to monorepos and advises how to deal with them.

Also, I was reading that the total data size of the repo cannot exceed 5GB. Does that limit include the submodules and subtrees?

The size of the repository includes the contents of the repository itself. If a user pushes submodule or subtree contents to the shared repository on GitHub then they will become contents of the repository itself.

The reference I find to a 5GB limit is in Repository size limits:

“We recommend repositories remain small, ideally less than 1 GB, and less than 5 GB is strongly recommended.”

1 Like

Thanks for all the information! We decided to create separate repos based on data type and restrict them accordingly to each user.

~WRD0000.jpg