how to limit write permissions to streams
Steffen Kriese (38●19●21)
| asked Dec 09 '13, 4:30 a.m.
retagged Dec 10 '13, 11:11 a.m. by David Lafreniere (4.8k●7)
to support our process I need to implement some kind of cherry picking for change sets.
The cherry picking implementation looks like this: The developer will deliver change sets to a so called delivery stream. From this stream the release engineer can selectively accept changes sets to an integration workspace and build the binaries. If the binaries are successfully tested the change sets are moved to the integration stream and a snap shot will be created. To make sure a developer can't deliver change sets to the integration workspace or the integration stream by mistake I need make the integration workspace and the integration stream read only for developers. The release engineer has read / write access to the integration workspace or the integration stream . Is there a best practice how to configure this in RTC? |
4 answers
Hi Steffen,
Please find the link below. https://jazz.net/library/article/1075#com.ibm.team.process.definitions.server.componentPermissions Regards, Arun. |
Hello,
many thanks for the help. The proposed solution works fine for the integration stream. I have added 2 team areas to the project area one for the developers and a second one for the release engineers. The release engines are members of both team areas. The delivery stream is owned by the developers team area and the integration stream stream is owned by the release engineer team area. I added a new role which has privileges to do code changes and removed the source code privileges from all other roles. The new role is not assigned on project area level only in the team areas. Quite a complex setup, but it allows to limit the developers write permissions to the delivery stream. From a stream point of view this is what I was looking for. However the integration workspace is still writable for a developer. The problem here is I can't specify a team area as owner for a workspace. I could make the workspace private but then only one release engineer could see this workspace but we need to share the workspace with all release engineers. As a circumvention I replaced the integration workspace with an "integration build stream". This solves the write access problem. But I get a warning on the build definition complaining a Steam should not be used for a build. Any Idea how to solve this? Kind Regards, Steffen |
Hi Steffan,
Since the Stream is just a logical separation of the stream, you cant set the stream in place of Repository workspace in build definition. Please create a separate RWS on the stream with right permission and set the same RWS in Build defnition. Regards, Arun |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.