On Tue, Jun 2, 2015 at 4:09 AM, Konstantin Boudnik <[email protected]> wrote:
> On Tue, Jun 02, 2015 at 11:59AM, Branko Čibej wrote: > > On 01.06.2015 20:55, Dmitriy Setrakyan wrote: > > > Hi, > > > > > > We need to setup readme.io to automatically commit to our GIT repo > when > > > documentation is changed. Do we have a GIT user we could reuse for this > > > purpose or should we setup a new user through INFRA? > > > > Definitely a new user with very specific access rights. But have you > > considered the security aspects involved here? Who controls the > > credentials for this user? How do you guarantee that someone who hacks > > readme.io won't suddenly have commit access to ASF repositories? > > > > IMO, it's better to create a separate repository for the readme.io user > > to commit to (doesn't even have to be hosted by the ASF), then someone > > from this community can carefully review each change and merge it into > > the ASF master repo. > > Very strong +1 on _not_ having an account in ASF git for a non-committer > entity: it potentially might have a number of funny implications, legal and > otherwise. > > Can we have a github fork that will be sending PRs for documentation > changes? > This will clearly satisfy what Brane has suggested about the reviews, etc. > Until we figure out the right approach, I have setup a separate GIT repository for Ignite documentation and provided readme.io team with credentials: https://github.com/apacheignite/documentation We can mirror this repository to Ignite going forward. > Cos >
