We are a public sector institution self-hosting a public GitLab instance, where we share our open source projects with the rest of the world!
We have an interesting situations/question and I wonder if anyone here has faced something similar but first a bit of a background info: we have disabled user registration on the GitLab platform and allow only access through SAML from our authentication tool. Anyone, also outside of our organisation, can register an account with our authentication tool.
We can only allow our personnel to create group/projects. We have done this by disabling group and project creation for every user. When there is someone from our organisation who needs to create a project, then they can contact us and we will give her/him rights to create a group and projects - this manual work is not an issue for us!
However, in the spirit of open source, we would like to allow anyone (users from outside of our organization) to contribute to the projects and therefore they should be able to fork the projects. My understanding is that GitLab treats project creation and forking as the same activity so there only way to allow forking is to allow a user to create projects as well (the latter we can’t allow).
So here are the 2 questions:
- is there a way to allow users to fork the projects but to not let them create new projects?
- as a public sector organization, we have to be careful that someone creates a fork and then changes everything in the fork (name, codebase, etc.) and puts malicious, proprietary, you name it, code that could make us run into problems as a public organization. Is there a way to avoid such situations?
Thanks for any thoughts on this!