Allen Wittenauer wrote: >> On Dec 14, 2018, at 3:57 AM, Zoran Regvart <[email protected]> wrote: >> And, probably the best one, is to have a ASF wide GitHub account that >> builds can use. > > I do think because of how Github works, an ASF-wide one is probably too > dangerous. But I can’t see why private@project accounts couldn’t be added so > long as folks don’t do dumb things like auto-push code. There has to be a > level of trust here unfortunately though which is why it may not come to > fruition. :( > > Side-rant: > > I think part of the basic problem here is that Github’s view of permissions > is really awful. It is super super dumb that accounts have to have > admin-level privileges for repos to use the API to do some basic things that > can otherwise be gleaned by just scraping the user-facing website. If anyone > from Github is here, I’d love to have a chat. ;)
FYI I've previously been told we can't use addons to GitHub to improve the issue management workflow (like https://waffle.io/) precisely because GitHub's permissions model is so poor, allowing an external tool to move tickets around requires giving it effectively commit access, which is forbidden to third parties. Very annoying, because our project staff fully endorsed moving off of JIRA (because they hated the interface) onto GitHub Issues, but now we are somewhat impoverished by the minimalist approach GH takes towards project management. Waffle would solve basically all of those problems for us. -Joan
