OK, so the flow would be:
- Our IRC bot would put users into the "pre-approved" team, which by
itself doesn't grant access to any repositories, but is used to keep
track of who can add/remove themselves to other repositories.
- We'll improve http://jenkins-ci.org/account to allow people in the
"pre-approved" team to add/remove themselves to "Everyone" team
(which grants access to all the repos) and all the individual plugin
repos independently.
So if you are like me who wants to maintain access to all the repos
I can, but if you only want to work on a small number of repositories
you can do it that way, too.
This has a benefit of not getting bombarded by notification e-mails
for repositories you don't care.
I think this is actually tangential to the commit loss prevention, as I
can make the same mistake Luca did and mass update all the remote refs,
so we still need a measure to protect us from that.
On 11/13/2013 11:55 PM, Luca Milanesio wrote:
Yes, it would be nice to be able to allow the people to auto-remove himself
from push permissions to the repos he does not use.
For instance I normally push to no more than 5-6 repos, I should then be able
to auto-restrict myself to those ones only.
Luca.
On 13 Nov 2013, at 19:00, Kohsuke Kawaguchi <[email protected]> wrote:
OK, that's a fair point.
I do recall writing a daemon that cleans up access control on repositories
(among other things like disabling issue tracker), but I'm not too sure if we
are running it regularly or not.
Maybe we can extend https://jenkins-ci.org/account so that people can
add/remove access to repositories by themselves? But then that means we will
get rid of the need to ask in the mailing list.
On 11/12/2013 02:05 AM, Christopher Orr wrote:
On 12/11/13 07:25, Kohsuke Kawaguchi wrote:
I still feel strongly that we maintain the open commit access policy.
This is how we've been operating for the longest time, and it's also
because otherwise adding/removing developers to repositories would be
prohibitively tedious.
I agree that the policy of allowing everyone to have a repo and to
commit relatively freely remains a good idea, but having the option to
give new developers push access to 1100 repositories due to how GitHub
teams and our IRC bot work is an issue that has been been raised before:
https://groups.google.com/d/msg/jenkinsci-dev/-Yk0UFfSPZc/GzOu5b1AP7QJ
Would it be reasonable to suggest that we remove the option to add
people to the "Everyone" team from IRC and, if GitHub still adds
newly-forked repos to every team by default, that we have some sort of
process to automatically clean up the teams, as mentioned in that thread?
Regards,
Chris
--
Kohsuke Kawaguchi | CloudBees, Inc. | http://cloudbees.com/
Try Jenkins Enterprise, our professional version of Jenkins
--
You received this message because you are subscribed to the Google Groups "Jenkins
Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
Kohsuke Kawaguchi http://kohsuke.org/
--
You received this message because you are subscribed to the Google Groups "Jenkins
Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
