edx / open-source-process-wg

Issues and tasks for the Open Source Process working group
2 stars 0 forks source link

Reduce admin access to openedx repos #129

Open nedbat opened 1 year ago

nedbat commented 1 year ago

From Ed Zarecor:

A topic for our open source process group.

We regularly get requests from 2U teams for admin access to repositories. That level of access is problematic. For example, it allows folks to change who has access to a repo, or delete it.

Axim is on the hook for ensuring the CLA is enforced, so this represents risk for us.

I'd like to have a brief statement that we'll share when such requests are made. Here's my proposal:

https://docs.google.com/document/d/1mwDJ-F51s9KqY6ssifBBN9hbpRj-eXvDtphUNQqiULc/edit

In auditing current admin access I was surprised by how many 2U folks have it. 90 folks have admin on at least one repository.

Previously we had discussed the need for BOM to retain access for routine maintenance and emergencies. What would prevent us from reducing admin access to just the BOM teams immediately?

For non emergency changes, we would continue to use issues in the Axim Engineering project.

Looking forward to discussing.

nedbat commented 1 year ago

Just for clarity: "BOM teams" means arch-bom, arbi-bom and fed-bom?

robrap commented 1 year ago

On a related note, as a member of arch-bom, I had to work across a variety of repos and could not merge in at least two repos due to the following issues:

What are the resolutions for this?