Quarterly Audit of Github Users

[github-actions[bot]]

It is time to perform the quartely audit of GitHub users in the openedx org. The playbook for performing the audit can be found here.

[sarina]

I ran this command and got a decently long list, that I think I can split into a few types of users

USERS w/ WRITE ACCESS & NO CLA: Done!

ekangedx - in legacy mobile: found onboarding thread, reduced access to Triage as originally requested
ericanwoga - in legacy push/pull/all: no longer at 2U, no offboarding ticket created by 2U IT; removed from GH org
mrazadar - in legacy push/pull/all: Was not properly offboarded by us. Removed from GH org
Daniel-hershel - legacy push/pull/all, Aurora: found onboarding ticket, corrected their Salesforce record

BOTS Should these be in the CLA database somehow?: In-Progress

edx-github-actions-runner
edx-netlify
open-craft-grove
openedx-codecov
openedx-semantic-release-bot
pactflow-github

Triage Access - I'm asking Legal if we need to have a CLA for Triage-only users

DonatoBD: Triage only
GwynSCC - Conference organizer
RyanRad-BSG: Docs writer
chris1tapia: PM, eN
czhang0912 - Triage, product manager (no add'l access)
davidw-sa - Conference organizer
jyliugithub - Marketing WG
lizc577 - Triage
mahendra0401 - Triage
mariiamoskalenko - Project manager RG
parttechdev - Conference organizer
santiagosuarezedunext - Product manager, eN
sdaitzman - UX dev Schema

Test accounts/duplicate accounts Accounts that we use to test, that belong to one of us - asking Legal how to handle a GH username that belongs to someone who already is under a CLA.

sarina-test

Whatever the result is, the playbooks need to be updated.

[sarina]

Moving to blocked - outstanding questions for Legal & the team

[sarina]

We do not need a CLA for Triage-only users. One person can have multiple GH usernames, but they need to be associated correctly. Waiting on Ed to figure out best way to do it.