sbp opened a new pull request, #1271: URL: https://github.com/apache/tooling-trusted-releases/pull/1271
@alitheg This is a draft, really, but I'd appreciate a review anyway! This PR sends out warnings if a release has been inactive for 80 days. When it reaches 90 days, it deletes it. It makes an exception on the first go round: it warns everybody about the new policy on their old releases, but then the counter starts from 0. In other words they have 180 days, or however old the release is now (90 days or more) plus another 90 days. This added quite a lot complexity, but I think is worth doing. There are all sorts of challenging race conditions and so on, and the net result is that releases should be deleted, so we should be careful to ensure that this works, and probably do a rollout only on dev. I'm publishing this to `altera` so that it _doesn't_ automatically deploy to the dev container, which comes from the `sbp` branch. As another safety measure, the actual deletions are protected behind a boolean. In other words, this PR won't actually delete anything anyway, but to do so all we have to do is change one flag. There are lots of inelegant things about this PR that I dislike. One of the main ones is that I had to duplicate a lot of code to the foundation admin role in the storage interface, because the system caller needs it. Review tools _very strongly_ recommended adding yet another new class in the role hierarchy for system calls. I did add something similar to that just recently, allowing system calls to say "I have this ASF UID and I'm acting on behalf of it, but I don't want you to authenticate anything about that ASF UID as I vouch for it myself". That's fairly easy in comparison, however, because it uses the existing roles in the hierarchy. I've also just added participant release managers as a new role, which is the first new role since the storage interface was created, and am not keen on adding another one already. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
