Hi,
I would not like to see non-committers with root access to our infrastructure
(if we had any).
These people would have access to credentials for technical users that again
have privileged access to other ASF services.
If you asked me, I would opt for people having to be at least PMC to get that
level of access.
And yes … everyone can contribute to Infra via puppet scripts and pull
requests.
Chris
Am 13.02.17, 23:13 schrieb "Justin Mclean" <jus...@classsoftware.com>:
Hi,
> I forgot to mention that, besides the community tax, there might be
> another bill from the ASF for services we use such as email, release
> distribution storage, and assistance from the financial folks for handling
> the accounting of the money. The ASF receives bills for the same already,
> we would just be a micro-version of the same.
I’m not sure that would scale well (across the entire ASF) without the ASF
adding other paid stuff to manage this.
> 1) If we self-host, would we require someone be a committer first via the
> usual ways, or would contributing to keeping the VM safe and running be a
> valid way to earn committer rights?
All contributions are considered equal so I don't see why not.
> That would require trusting someone to work on the VM before being
trusted enough to be a committer.
Believe infra do this via PR to their puppet scripts? ie all the config for
the server is in the open but you don't need access to be able to suggest
changes.
However I don't see how we could give non committer or perhaps even non PMC
members full access to VMs that run our critical infrastructure, given the risk
and possibly sensitive into on them.
Thanks,
Justin
