Re: Git Forge Requirements: Please see the Community Blog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/02/2020 22:13, Till Maas wrote:

On Tue, Jan 21, 2020 at 04:34:37PM +0000, Leigh Griffin wrote:


On behalf of the CPE team I want to draw the communities attention to a
recent blog post which you may be impacted by:
  https://communityblog.fedoraproject.org/git-forge-requirements/

We will be seeking input and requirements in an open and transparent manner
on the future of a git forge solution which will be run by the CPE team on

Aleksandra's comment made me aware that for dist-git, we do not really
need a git forge, it is just that the pagure git forge was used to
implement a lot of workflows that pkgdb provided in the past.

I tried to write the requirements as user stories to make them easier to
understand. What do you think?

- As a package maintainer, I can only commit to a dist-git repo, if I am
   in the Fedora packager group.
- As a package maintainer, I can only commit to a dist-git repo, if I am
   a maintainer of the branch.
- As a proven packager, I can commit to all dist-git repos that do not
   have special restrictions set by FESCo or are retired.
- As a FESCO member, I can configure exceptions to disallow proven
   packager access to a dist-git repo.
- As dist-git repo admin, I can easily add other maintainers to allow
   commit or admin access for dist-git repo by using their FAS username
- As a dist-git repo admin, I cannot remove access to the repo from
   Fedora infra, Releng or proven packagers without FESCo approval.
- As a package maintainer, I can easily orphan a dist-git repo or branch
   to show that it is not maintained anymore.
- As a package maintainer, I can adopt any orphaned dist-git repo or
   branch.
- As a package maintainer, I can easily unretire a retired dist-git repo
   or branch.
- As a release engineer, I can easily approve unretire requests for a
   dist-git repo or branch.
- As anybody, I can easily see the FAS usernames of maintainers for all
   branches of a dist-git repo.
- As a non-releng member, I cannot remove any commits from any dist-git
   repo that were used to build a Fedora package.
- As an external user, I can easily get a list of all orphaned or
   retired dist-git repos and branches.
- As anybody, I can watch for issues (bugzillas) or PRs that are created
   for a dist-git repository.
- As anybody, I can easily get a list of all dist-git repos that I am
   watching.
- As anybody, I can easily get a list of all dist-git repos that a
   specific Fedora account has admin/commit access to.
- As anybody, when looking at the dist-git repo it is clearly visible
   which branches are still maintained.
- As anybody, when I look for a specific branch, EOL branches do not
   clutter my view.
- As a package maintainer, I can easily request commit/admin access for
   a specific branch or dist-git repo.

I add one more requirement based on my own workflow:
- As fedora user, I want to easily create pull requests to any dist-git repo. 

Michal


Also since dist-git is a critical part of our infrastructure, there
should probably also be some security-related requirements such as:

- As Fedora infra, I can easily audit that no git repo was accessed
   without authorization.
- As Fedora infra/security response team, I have access to secure logs
   to analyse the impact of unauthorized access to all dist-git repos.
- As anybody, the dist-git web page of a repo points me to Bugzilla to
   report issues for a repository.

I did not manage to read all other replies, so there might be some
duplicates but it also seems to me that many of these items were not
mentioned.

Kind regards
Till
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx


--
Role: Fedora CPE Team - Software Engineer
IRC: mkonecny
FAS: zlopez
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux