we want to be able to use the “clone project from github, bitbucket, etc” functionality, but need to restrict that capability to admins only. (ideally a new role, not admins, but thats another problem for another day) for now, admins. Is this possible?
Here’s the end result I want.
Developers can login with ldap and ldap only. I can’t stress that enough, LDAP only, no other option what-so-ever.
If a developer wants to play with OSS code, they file the ticket with our internal tech council. If our tech council approves the request, the request is forwarded to our Platform Build and Deploy team, who are the gitlab system admins. They then can clone the project into our gitlab system, grant appropriate permissions and close the ticket.
As an alternate, It would also work if I could enable the functionality and only allow it to happen thru the REST API. That way our tech council can add the new project in our automation system and our automation system hits the REST api and instructs GitLab to clone down the project. This is how I imagine we will keep the projects that are pulled down in sync with their parent github projects.
Either way, the developer must not have this capability. I would prefer it if they didn’t even know it was possible.
Can this be done?