So I’m a bit confused about GitLab Permissions here.
- Everyone can “Pull project code”. What constitutes Project Code? Does that include ALL files?
- Everyone except Guests can “Pull packages”. Could someone explain to me what a Project Package is?
- Only Developers, Maintainers and Owners can “Pull container images”. What are Container Images?
- Developers, Maintainers and Owners can Approve, Manage and Accept Merge Requests. This honestly troubles me a bit, and I’m curious if I can setup GitLab so only Maintainers and Admins can accept Merge Requests.
I’m part of a 50+ Development Team. Right now everyone is a Developer, except for Department Leads who I’ve setup as Maintainers (and myself and 1 other guy who as Owners, as we are Team Leaders and owners of the GitLab Server). I’m quite worried I’ve given too much permissions to some of our Developers, such as the Artists who have very little to no real technical knowledge and who should just have enough Permissions to Pull all the Project Files. I would also personally like it so Developers can send Merge Requests, but only a select few Maintainers could actually accept those Merge Requests. So …
- Are Guests and Reporters able to pull all the files in a GitLab Project? And if not, could I set it so they could? I would prefer to have my Artists, Sound Designers, etc, who have minimal technical knowledge, unable to make Pushes at all, much less Approve, Manage and Accept Merge Requests, but still able to Pull the Project. I don’t know if I’d even want them to be able to create Branches either.
- Could I set it so Developers cannot Approve, Manage and Accept Merge Requests? I would prefer to only allow a select few on my Team who truly understand Git to Approve, Manage and Accept Merge Requests. So Developers would make up the Coders on our Team, and I want them to be able to Push and make Merge Requests, but only the Maintainers (and Owners) could approve their requests.