El vie, 24-03-2017 a las 19:37 +0100, Pierre-Yves Chibon escribió: > Hi everyone, > > As I am working on bringing pagure as a front-end to our dist-git, a > question is > troubling me. > > Currently ACLs are stored in pkgdb, it allows having a per-branch ACL > model, > which in itself is quite cool, but I wonder: is it that useful? > > I know pkgdb brings us other things too and I am explicitely ignoring > them here > because I think we can find solutions for them, which may even have > benefits > over our current processes. One of the things we get from pkgdb is the owner sync process, given that notifications come from FMN the owner in koji is really irrelevant. and I have had more emails from doing builds in koji than from being listed as the owner of something. but it does make me wonder how we will handle who to send notifications to on different actions. bugzilla syncing and ownership also raise concerns for me. > So, does per-branch ACLs make sense to you? Have you had cases where > you thought > it was good/bad? More importantly, have you had cases where you would > want to give > someone access to just one branch and really really do *not* want > them to have > access to the other branches? The only times its been really useful wasin giving a new packager access to rawhide where any mistake could be more easily and quickly dealt with and the impact smaller. but I do not see that as a concern going forward. > Of course, EPEL vs Fedora comes to mind here, but I wonder: if the > EPEL maintainer > has also commit on the Fedora branches, is it really that much of a > big deal? > And vice-versa? If we wanted to making it easier for people to come from the CentOS community and contribute to epel. I can see a desire to keep EPEL and Fedora separate. > Before I investigate what it would take to drop pkgdb entirely and > let pagure > handle the ACLs, I wanted to hear from you if you think this is a > terrible idea > or worth investigating. > I think its worth investigating. It will take more information in order to judge if its the right thing, to me the biggest concerns is how we deal with the non repo acl needs and the peripheral tasks that are run with data from pkgdb. Bonus points would be how we could unify the view of the packager experience so that we only have one place to go to do and request things. Dennis
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
