Le vendredi 29 juin 2018 à 14:40 +0200, Michael Scherer a écrit : > Hi, > > So, after Gentoo hack, I started to look at all our teams on github, > and what access does everybody have, etc, etc > > And I have a few issues: > - we have old repositories that are no longer used > - we have team without description > - we have people without 2FA who are admins of some team > - github make this kind of audit really difficult without scripting > (and the API is not stable yet for teams) > > So I would propose the following rules, and apply them in 1 or 2 > weeks > time. > > For projects: > > - archives all old projects, aka, ones that got no commit since 2 > years, unless people give a reason for the project to stay > unarchived. > Being archived do not remove it, it just hide it by default and set > it > readonly. It can be reverted without trouble. > > See https://help.github.com/articles/archiving-a-github-repository/ > > - remove project who never started ("vagrant" is one example, there > is > only one readme file). > > For teams: > - if you are admin of a team, you have to turn on 2FA on your > account. > - if you are admin of the github org, you have to turn 2FA. > > - if a team no longer have a purpose (for example, all repos got > archived or removed), it will be removed. > > - add a description in every team, that tell what kind of access does > it give. > > > This would permit to get a bit more clarity and security. So to get some perspective after writing a script to get the information, the repos I propose to archive: Older than 3 years, we have: - gmc-target - gmc - swiftkrbauth - devstack-plugins - forge - glupy - glusterfs-rackspace-regression-tester - jenkins-ssh-slaves-plugin - glusterfsiostat Older than 2 years, we have: - nagios-server-addons - gluster-nagios-common - gluster-nagios-addons - mod_proxy_gluster - gluster-tutorial - gerrit-hooks - distaf - libgfapi-java-io And to remove, because empty: - vagrant - bigdata - gluster-manila Once they are archived, I will take care of the code for finding teams to remove. -- Michael Scherer Sysadmin, Community Infrastructure and Platform, OSAS
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://lists.gluster.org/mailman/listinfo/gluster-devel