Re: Gerrit Access Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 29, 2016 at 08:42:22PM +0200, Niels de Vos wrote:
> On Mon, Aug 29, 2016 at 09:18:05PM +0530, Pranith Kumar Karampuri wrote:
> > On Mon, Aug 29, 2016 at 12:25 PM, Nigel Babu <nigelb@xxxxxxxxxx> wrote:
> >
> > > Hello folks,
> > >
> > > We have not pruned our Gerrit maintainers list ever as far as I can see.
> > > We've
> > > only added people. For security reasons, I'd like to propose that we do the
> > > following:
> > >
> > > If you do not have a commit in the last 90 days, your membership from
> > > gluster-maintainers team on Gerrit will be revoked. This means you won't
> > > have
> > > permission to merge patches. This does not mean you're no longer
> > > maintainer.
> > > This is only a security measure. To gain access again, all you have to do
> > > is
> > > file a bug against gluster-infra and I'll grant you access immediately.
> > >
> >
> > Just need a clarification. Does a "commit in the last 90 days" means
> > merging a patch sent by someone else by maintainer or maintainer sending a
> > patch to be merged?
>

Your email needs to either be in Reviewed-By or Author in git log. So you
either need to send patches or review patches. Ideally, I'm looking for
activity on Gerrit and this is the easiest way to figure that out. Yes, I'm
checking across all active branches.

As an additional bonus, this will also give us a list of people who should be
on the maintainers team, but aren't.

> Interesting question. I was wondering about something similar as well.
> What about commits/permissions for the different repositories we host on
> Gerrit? Does each repository has its own maintainers, or is it one group
> of maintainers that has merge permissions for all repos?
>

Each repo on Gerrit seems to mostly have it's own permissions. That's
a sensible way to go about it. Some of them are unused a clean up is coming
along, but that's later.

> Niels
>
> >
> >
> > >
> > > When I remove someone's access, I'll send an invidual email about it.
> > > Again,
> > > your membership on gluster-maintainers has no say on your maintainer
> > > status.
> > > This is only for security reasons.
> > >
> > > Thoughts on implementing this policy?
> > >
> > > --
> > > nigelb
> > > _______________________________________________
> > > Gluster-devel mailing list
> > > Gluster-devel@xxxxxxxxxxx
> > > http://www.gluster.org/mailman/listinfo/gluster-devel
> > >
> >
> >
> >
> > --
> > Pranith
>
> > _______________________________________________
> > Gluster-devel mailing list
> > Gluster-devel@xxxxxxxxxxx
> > http://www.gluster.org/mailman/listinfo/gluster-devel
>



--
nigelb
_______________________________________________
Gluster-devel mailing list
Gluster-devel@xxxxxxxxxxx
http://www.gluster.org/mailman/listinfo/gluster-devel



[Index of Archives]     [Gluster Users]     [Ceph Users]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux