On 06/02/2020 22:13, Till Maas wrote:
On Tue, Jan 21, 2020 at 04:34:37PM +0000, Leigh Griffin wrote:
On behalf of the CPE team I want to draw the communities attention to a
recent blog post which you may be impacted by:
https://communityblog.fedoraproject.org/git-forge-requirements/
We will be seeking input and requirements in an open and transparent manner
on the future of a git forge solution which will be run by the CPE team on
Aleksandra's comment made me aware that for dist-git, we do not really
need a git forge, it is just that the pagure git forge was used to
implement a lot of workflows that pkgdb provided in the past.
I tried to write the requirements as user stories to make them easier to
understand. What do you think?
- As a package maintainer, I can only commit to a dist-git repo, if I am
in the Fedora packager group.
- As a package maintainer, I can only commit to a dist-git repo, if I am
a maintainer of the branch.
- As a proven packager, I can commit to all dist-git repos that do not
have special restrictions set by FESCo or are retired.
- As a FESCO member, I can configure exceptions to disallow proven
packager access to a dist-git repo.
- As dist-git repo admin, I can easily add other maintainers to allow
commit or admin access for dist-git repo by using their FAS username
- As a dist-git repo admin, I cannot remove access to the repo from
Fedora infra, Releng or proven packagers without FESCo approval.
- As a package maintainer, I can easily orphan a dist-git repo or branch
to show that it is not maintained anymore.
- As a package maintainer, I can adopt any orphaned dist-git repo or
branch.
- As a package maintainer, I can easily unretire a retired dist-git repo
or branch.
- As a release engineer, I can easily approve unretire requests for a
dist-git repo or branch.
- As anybody, I can easily see the FAS usernames of maintainers for all
branches of a dist-git repo.
- As a non-releng member, I cannot remove any commits from any dist-git
repo that were used to build a Fedora package.
- As an external user, I can easily get a list of all orphaned or
retired dist-git repos and branches.
- As anybody, I can watch for issues (bugzillas) or PRs that are created
for a dist-git repository.
- As anybody, I can easily get a list of all dist-git repos that I am
watching.
- As anybody, I can easily get a list of all dist-git repos that a
specific Fedora account has admin/commit access to.
- As anybody, when looking at the dist-git repo it is clearly visible
which branches are still maintained.
- As anybody, when I look for a specific branch, EOL branches do not
clutter my view.
- As a package maintainer, I can easily request commit/admin access for
a specific branch or dist-git repo.
I add one more requirement based on my own workflow:
- As fedora user, I want to easily create pull requests to any dist-git
repo.
Michal
Also since dist-git is a critical part of our infrastructure, there
should probably also be some security-related requirements such as:
- As Fedora infra, I can easily audit that no git repo was accessed
without authorization.
- As Fedora infra/security response team, I have access to secure logs
to analyse the impact of unauthorized access to all dist-git repos.
- As anybody, the dist-git web page of a repo points me to Bugzilla to
report issues for a repository.
I did not manage to read all other replies, so there might be some
duplicates but it also seems to me that many of these items were not
mentioned.
Kind regards
Till
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
--
Role: Fedora CPE Team - Software Engineer
IRC: mkonecny
FAS: zlopez
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
