I made my membership public and now the phrase works. (page: https://github.com/orgs/apache/people?query=udim)
On Fri, Jul 24, 2020 at 1:04 PM Kenneth Knowles <k...@apache.org> wrote: > > > On Thu, Jul 23, 2020 at 1:11 PM Damian Gadomski < > damian.gadom...@polidea.com> wrote: > >> Yes, I thought that whitelisting apache organization will do the trick, >> but apparently, it doesn't. Actually, it makes sense as we want to allow >> only beam committers and not all apache committers. I don't know the >> implications of membership in the apache github organization, but you for >> instance are not there :) Neither is Ahmet. >> > > This may have to do with registering alternative email addresses and > GitHub accounts via whimsy.apache.org. If you are able to commit, then > you are set up via gitbox.apache.org. > > Kenn > > >> Therefore there's nothing wrong with the Ghprb plugin, it correctly >> forbade triggering. From my investigation, the "beam-committers" GitHub >> team (which is under the apache org) is the list of people that should be >> allowed. But firstly, you cant whitelist a team with Ghprb. There's a >> ticket for that, open for 5 years >> <https://github.com/jenkinsci/ghprb-plugin/issues/160>. I could >> implement that but, secondly, the team is secret. I can't even see it. Even >> asfbot doesn't have permission to see it. >> >> You may ask, how it worked before, because on the builds.apache.org >> somehow only committers were allowed to trigger PR builds. It appeared that >> Infra created a webhook relay. It's configured here >> <https://github.com/apache/infrastructure-puppet/blob/deployment/modules/gitbox/files/conf/relay.yaml> >> and >> it filters out all the non-committers events. I wish I had known that >> before as it was also the reason for different issues during the migration. >> Anyway, it would be hard to use that mechanism in our case as we want to >> configure it depending on the job. >> >> >> There's a publicly available source of committers list - it's LDAP. I've >> tested it and it allows anonymous connection and provides the list of the >> committers as well as the github usernames. My current idea is to read this >> from LDAP as a part of the seed job and configure the jobs with the apache >> committers present on the ghprb whitelist. >> >> >> Hope that I didn't miss anything ;) It isn't that easy to investigate >> that kind of issues with my poor privileges ;) >> >> >> Regards, >> >> Damian >> >> >> On Thu, Jul 23, 2020 at 6:52 PM Udi Meiri <eh...@google.com> wrote: >> >>> Thanks Damian! I saw that the config also has this: >>> orgWhitelist(['apache']) >>> Shouldn't that be enough to allow all Apache committers? >>> >>> I traced the code for the membership check here: >>> >>> https://github.com/jenkinsci/ghprb-plugin/blob/4e86ed47a96a01eeaa51a479ff604252109635f6/src/main/java/org/jenkinsci/plugins/ghprb/GhprbGitHub.java#L27 >>> Is there a way to see these logs? >>> >>> >>> On Thu, Jul 23, 2020 at 7:08 AM Damian Gadomski < >>> damian.gadom...@polidea.com> wrote: >>> >>>> Hi, >>>> >>>> You are right, the current behavior is wrong, I'm currently working to >>>> fix it asap. Our intention was to disable that only for non-committers. >>>> >>>> As a workaround, as a committer, you could manually add yourself (your >>>> GitHub username) to the whitelist of the SeedJob configuration: >>>> https://ci-beam.apache.org/job/beam_SeedJob/configure >>>> Then, your comment "Run Seed Job" will trigger the build. I've already >>>> manually triggered it for you that way. >>>> >>>> Of course, it will only work until the seed job gets executed - it will >>>> then override the whitelist with an empty one. >>>> >>>> [image: Selection_408.png] >>>> >>>> As a target solution, I'm planning to fetch the list of beam committers >>>> from LDAP and automatically add them to the whitelist above as a part of >>>> the seed job. I'll keep you updated about the progress. >>>> >>>> Regards, >>>> Damian >>>> >>>> >>>> On Wed, Jul 22, 2020 at 11:03 PM Ahmet Altay <al...@google.com> wrote: >>>> >>>>> +Damian Gadomski <damian.gadom...@polidea.com>, it might be related >>>>> to this change: https://github.com/apache/beam/pull/12319. >>>>> >>>>> /cc +Tyson Hamilton <tyso...@google.com> >>>>> >>>>> On Wed, Jul 22, 2020 at 1:17 PM Udi Meiri <eh...@google.com> wrote: >>>>> >>>>>> HI, >>>>>> I'm trying to test a groovy change but I can't seem to trigger the >>>>>> seed job. It worked yesterday so I'm not sure what changed. >>>>>> >>>>>> https://github.com/apache/beam/pull/12326 >>>>>> >>>>>>
smime.p7s
Description: S/MIME Cryptographic Signature
