1 |
>>> I'd like to hire a freelancer to work on my website. I don't want to |
2 |
>>> provide access to all of my code, but instead only the particular file |
3 |
>>> or files being worked on. Does anyone know of a development framework |
4 |
>>> that would help facilitate that sort of thing? Would no shell access |
5 |
>>> along with restricted SFTP access be the simplest, safest, most |
6 |
>>> effective way to go? |
7 |
>> |
8 |
>> Why not just send him the stuff he should be working on? He can run his |
9 |
>> own Apache/PHP/whatever on his development machine. When he's done, he |
10 |
>> can send you a tarball of the site files and maybe a SQL dump if you're |
11 |
>> using a database. |
12 |
> |
13 |
> The problem with that is he will need to test his code in the working |
14 |
> system. I need a way for him to be able to read/write to a certain |
15 |
> file or files within the working system, but have no read/write access |
16 |
> to any other files in the system. |
17 |
> |
18 |
> Is SFTP perhaps the way to go for this? |
19 |
> |
20 |
> - Grant |
21 |
|
22 |
For some reason I thought SFTP would provide access control but now |
23 |
I'm thinking it's just like SSH in that access control is based on |
24 |
file ownership and permissions? If that's the case, can anyone think |
25 |
of a better way to control remote access to my files than chmod/chown? |
26 |
I think it would be nice if the access control were built into the |
27 |
transport mechanism, version control system, or something else already |
28 |
in use, but it doesn't sound like that's going to happen. |
29 |
|
30 |
- Grant |
31 |
|
32 |
|
33 |
>> That's the easiest one-off solution. If you're looking for something |
34 |
>> more permanent, another idea is to have a "public" git repo somewhere |
35 |
>> while the developers all work on their own workstations. SQL changes can |
36 |
>> be made via numbered migrations, e.g., |
37 |
>> |
38 |
>> 001-create_users_table.sql |
39 |
>> 002-create_nodes_table.sql |
40 |
>> 003-disregard_that_drop_users_table.sql |
41 |
>> |
42 |
>> and devs can push everything to the git repo, as long as it's a |
43 |
>> fast-forward (so they can't trash the repo history). |
44 |
>> |
45 |
>> Once you're ready to move something live, an admin logs in to the |
46 |
>> production box, does a `git pull`, and then runs the migrations or makefile. |