Review third-party application access to llvm github organization and create guidelines for granting access

[tstellar]

We have the following third-party applications approved to access the llvm organization:

• Sourcerer
• Buildkite
• LLVM Buildbot
• LLVM Staging Buildbot
• LLVM Buildbot

https://github.com/organizations/llvm/settings/oauth_application_policy

We should review this and decide what are still needed and create guidelines for granting access.

[lazyparser]

FYI I do not have read permission for this link (and I think it is right).

The github has two level permission model (org, repo) and people can be organized as teams. Buildbots should not have write/push permission for modifying repo.

[joker-eph]

Is the "build status" on GitHub commits requiring some level of write permissions?

[ChristianKuehnel]

For the CI systems, I suppose they send the build results back to GitHub to be displayed in the commit history: UI, API

The documentation says, users need push access to be able to set these status.

[ChristianKuehnel]

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

[tstellar]

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

Yes, that's it.

[ChristianKuehnel]

My proposal:

• Keep the CI systems (Buildkite, LLVM Buildbot, LLVM Staging Buildbot), as they report build results back to GitHub. I see a clear value in having an overview of all build results.
• Remove Sourcerer.io as I do not understand why they need access to our repository. If they want to index the data, they can do that anyway.

For the policy I would propose:

• We should define a body within LLVM who reviews and takes these decisions (board? iwg?).
• The decisions should be documented. The features of each application must clearly outweigh the security/safety/privacy concerns.
• The decision should be sent out to the community for review, feedback shall be reviewed and discussed with in 2 weeks and the decision shall be revisited then.
• Once a year the body shall go through the entire list and check if they are still needed.

Footnote: Sourcerer.io seems to be collecting user data without user consent. I am not sure if this is in line with GDPR.

[ChristianKuehnel]

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

Yes, that's it.

Here's an example page of a user profile on sourcerer.io (found via Google search): https://sourcerer.io/josh-payne

[asl]

FYI: I added integration to LLVM buildbots, so they will report the status of revisions there.

[tstellar]

I've removed sourcerer.io from the list of third-party apps, so now all that are left are buildbot and buildkite, which are fine.

[ChristianKuehnel]

How do you want to proceed with the general guidelines for this? Where do you want to document them?

[ChristianKuehnel]

next step: @ChristianKuehnel create a proposal for a document in the llvm-project, send it to mailing list for review.

[ChristianKuehnel]

stale effort, removing from our backlog

[ChristianKuehnel]

I created a proposal for such a policy: https://reviews.llvm.org/D111723