Open ludopaquet opened 5 months ago
This is a great idea! Makes sense from the security perspective. There is always mechanisms like CODEOWNERS in GitHub, but its a bit of a blunt instrument for this kind of control. Only really helps with adding review to making changes.
Using namespaces makes total sense too, in order to not require a change to the API as we need a way to address one repository source from another. Similarly, you could imagine this extending to the other declarative sources too (i.e. object (different buckets), OCI (different registry/repositories) and local (different directories)).
Needs a bit of thought as to how we might iterate there. Off the top of my head:
Problem
Today, one single repository is used for storing configuration files. Even if you could split them across folders, different teams would need to manage them with the same rights.
Ideal Solution
It could be nice to define in a repository a list of namespaces and git urls. Thus each namespace could be populated by one git project. Consequently, we could share the responsability of managing a namespace easily across teams.
Search
Additional Context
ref : https://community.flipt.io/t/gitops-with-multiple-repositories/15/3