In GitLab, the following is how you set permissions for a repo.
Groups
You can divide your team or organisation into groups and subgroups. For example, you could have a group called weyland-yutani, with subgroups weyland-yutani/marketing and weyland-yutani/external.
This works as follows:
- If you invite a subgroup to a project, access to that project is extended to members in the subgroup and the parent group.
- If you add a member to a subgroup, they gain access to projects assigned to the subgroup, but not to projects assigned only the parent group.
- Why not create more groups instead of subgroups? Firstly because groups are GitLab-wide. You cannot use group names which another organisation uses. Secondly, you wouldn’t be able to inherit members from the parent group, you’d have to manage those members separately.
If you want to give access to one or more people:
Giving access to a repo
For each individual:
- Go to Groups
- Select the group or subgroup for editing (cog icon)
- Go to Members
- Ensure you’re on the Invite member tab and:
- Enter their GitLab username, GitHub username, or email address
- Choose the appropriate permission role (roles explained below)
- Hit Invite
If you only added people to the main group, they’ve already been added to each project in the space, in which case the following steps are not needed.
For each project:
- Go to Projects -> Your projects
- Go to the project (hit the linked project name)
- Go to Settings -> Members
- Go to the Invite group tab and:
- Select the group or subgroup
- Select the maximum permission role they should have (roles explained below)
- Hit Invite
Roles
Summary:
Role | Can | Cannot |
---|---|---|
Guest | View basic project details | Leave comments or create issues on private projects |
Reporter | Create issues, manage labels, see merge requests | Create branches or push to branches. |
Developer | Create branches, create merge requests, cancel and retry jobs | Push to a protected branch |
Maintainer | Can push to a protected branch, can add members, can manage CI/CD | Transfer/remove projects |
Owner | Transfer/remove projects | Fly, become invisible, stop time |
More detail can be found in the Permissions section of the GitLab Docs.