I have an application which relies on other modules to work properly. Those modules are on my Gitlab server. These are pulled via composer.json to the client’s server. How the client gets the permission to do so is via “Deployment keys”. I take the client’s public key and add it to the module’s deployment keys section in the settings.
The problem with this approach is that the client can open composer.json and simply pull any branch they desire as long as they know the branch name. However, I’d like for the client to be able to pull only one specific branch. So when I setup the client’s server, I know for certain that they can only get what I want them to and not the whole repository.
Is there a way to set Gitlab in such a way to only allow access to a certain branch and not the whole repository?
Gitlab version is 9. Help would be appreciated.