The Contributor License Agreement (CLA) service of the Linux Foundation lets project contributors read, sign, and submit contributor license agreements easily.
Currently in the PCC under EasyCLA section private repositories with previous EasyCLA information are being listed. Also it seems when a repository is EasyCLA enforced while public, if the repository is marked as private, the repo remains with EasyCLA enabled.
We shouldn't list private repositories in the PCC. Or if there were previous EasyCLA records for the repository, while private, we shouldn't allow the repository to be enforced with EasyCLA.
2. Enforce EasyCLA on private repositories:
This needs to be tested, if a private repository is listed in the EasyCLA section in PCC, will the system allow enforcing EasyCLA?.
We shouldn't allow enforcing EasyCLA on private repositories.
3. Keep EasyCLA enforced on private repositories:
If EasyCLA is enforced on a public repository, then this repository is marked as private, the following should happen:
1- The repository should be marked as enabled = false in the cla-prod-repositories table.
2- The repository should disappear from the repository listing in the EasyCLA section in PCC.
This seem to be enhancement or gray area of this product. This logic to disable EasyCLA after repo is made private is currently not implemented and supported.
Reporter
Name: Juansebastian Arias Username: jsarias Email: sarias@contractor.linuxfoundation.org
Summary
Currently in the PCC under EasyCLA section private repositories with previous EasyCLA information are being listed. Also it seems when a repository is EasyCLA enforced while public, if the repository is marked as private, the repo remains with EasyCLA enabled.
Scenarios
1. Listing private repositories: EasyCLA section in PCC it seems that is listing private repositories. Example with FINOS organization (https://v1.projectadmin.lfx.linuxfoundation.org/project/lf5qXfCPsXk2PDlwmn/tools/easycla/repositories/lf5qXfCPsXk2PDlwmn#70492e16-e760-425c-8ba5-8fb0b722ad2c), the repository https://github.com/finos/common-cloud-controls is visible and this repository is currently private:
We shouldn't list private repositories in the PCC. Or if there were previous EasyCLA records for the repository, while private, we shouldn't allow the repository to be enforced with EasyCLA.
2. Enforce EasyCLA on private repositories: This needs to be tested, if a private repository is listed in the EasyCLA section in PCC, will the system allow enforcing EasyCLA?.
We shouldn't allow enforcing EasyCLA on private repositories.
3. Keep EasyCLA enforced on private repositories: If EasyCLA is enforced on a public repository, then this repository is marked as private, the following should happen: 1- The repository should be marked as enabled = false in the cla-prod-repositories table. 2- The repository should disappear from the repository listing in the EasyCLA section in PCC.
We have confirmation on this scenario, the repository remains active like for https://github.com/finos/common-cloud-controls and it keeps listed in the PCC.
Environment
Please complete the following information: