search

rust-lang / team

Rust teams structure
Apache License 2.0
306 stars 285 forks source link

Add www.rust-lang.org repository under automation #1271

Open Kobzol opened 7 months ago

Kobzol commented 7 months ago

Repo: https://github.com/rust-lang/www.rust-lang.org

So, there are a few things going on here. I'm not sure about the rust-pontoon-trial and rust-lang-owner accounts. Also, I'm not sure how are the individual deploy and try branches used and what should be their branch protections.

CC @dtolnay @Manishearth

Extracted from GH:

org = "rust-lang"
name = "www.rust-lang.org"
description = "The home of the Rust website"
bots = []

[access.teams]
security = "pull"
website = "write"

[access.individuals]
rust-lang-owner = "admin"
rylev = "admin"
pietroalbini = "admin"
badboy = "admin"
rust-pontoon-trial = "write"
Manishearth = "write"
rustbot = "write"
jdno = "admin"
Mark-Simulacrum = "admin"

[[branch-protections]]
pattern = "master"
ci-checks = []
dismiss-stale-review = false
pr-required = false
review-required = false

[[branch-protections]]
pattern = "deploy"
ci-checks = []
dismiss-stale-review = false
pr-required = false
review-required = false

[[branch-protections]]
pattern = "try"
ci-checks = []
dismiss-stale-review = false
pr-required = false
review-required = false
Manishearth commented 7 months ago

I should probably have admin.

I think the pontoon accounts are still used but it's been a while since I've poked at that integration

Kobzol commented 7 months ago

I know that it is currently only you, but perhaps we should then make it website = "admin" to keep it general?

Manishearth commented 7 months ago

I'm planning on growing the team soon (I'd like to add @senekor and @Turbo87) once I have a discussion with council and I don't want team membership to imply admin, though probably eventually most team members will have admin.

Kobzol commented 7 months ago

Ok, changed. Just out of curiosity, why is admin needed on this repo?

rylev commented 7 months ago

Perhaps we should note why @Manishearth needs admin rights so we can review this in the future.

This also makes me think that it would be nice to have a tool that collects all individuals with individual access to repos and generates a report that automatically gets posted somewhere every 3ish months for review.

Kobzol commented 7 months ago

(Marking as draft now, since sync-team doesn't set push allowances by default, which would change the branch protection on this repo).

rylev commented 7 months ago

I don't want team membership to imply admin, though probably eventually most team members will have admin.

I think the way we prefer to handle this is by creating a new team as a subteam which reflects these permissions.

Manishearth commented 7 months ago

@rylev it's for things like Pontoon and Heroku setup. Third party integrations, especially experimenting with them, often needs admin to go smoothly.