Access to source control providers can be restricted at the team level to improve security and streamline the experience when using source control in Gearset.

There are two primary scenarios this was designed to mitigate:

  1. Team members connecting to source control providers that are unrelated to their day-to-day job.

  2. Team members being able to deploy to and from their own personal repositories using Gearset.

We will use Bitbucket as an example throughout, but the same thing applies to all source control providers.

Restricting to allowed source control providers

Initially, source control providers are unrestricted in Gearset. This means that:

  • Team members can connect any supported source control providers to their account

  • Team members can see all repositories they have access to in repository listings, including their personal repositories.

You can configure your team’s source control provider restrictions on the Source control account settings page.

The Source control providers section acts as an "allow" list. This means:

  • If the list is empty, all source control providers are unrestricted.

  • If the list contains any source control providers, then only those listed providers can be connected to

As an example, if your team only needs to access Bitbucket repositories, it's possible to add Bitbucket to your allow list:

With that restriction in place, there are a few effects throughout Gearset:

  • The only visible source control provider on the Source control and services table is Bitbucket

    • Note, connections set up prior to the restriction will remain with an error

  • Source control provider selections / drop downs will only show Bitbucket

Restricting to only allowed repositories

Ordinarily, all repositories that the team member has access to on the source control provider will be shown in Gearset’s repository listings.

When configuring your allowed source control providers, you can specify a list of allowed repository URL patterns, which will be used to filter the repository listings throughout Gearset. The URL should be the clone URL.

By doing this, you help to solve the problem of personal and unrelated repositories appearing in Gearset’s repository listings.

In the example above, all repositories in the workspace ‘TeamWorkspace’ will be listed. All others will be filtered out. You can use full URLs as well as ? and * wildcards. You can have up to 100 URLs or patterns.

Did this answer your question?