Return-Path: 
 <infrastructure-dev-return-2783-apmail-infrastructure-dev-archive=apache.org@apache.org>
X-Original-To: apmail-infrastructure-dev-archive@minotaur.apache.org
Delivered-To: apmail-infrastructure-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 771B310667
	for <apmail-infrastructure-dev-archive@minotaur.apache.org>;
 Wed, 21 Jan 2015 09:54:24 +0000 (UTC)
Received: (qmail 93326 invoked by uid 500); 21 Jan 2015 09:54:24 -0000
Delivered-To: apmail-infrastructure-dev-archive@apache.org
Received: (qmail 93173 invoked by uid 500); 21 Jan 2015 09:54:24 -0000
Mailing-List: contact infrastructure-dev-help@apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:infrastructure-dev-help@apache.org>
List-Unsubscribe: <mailto:infrastructure-dev-unsubscribe@apache.org>
List-Post: <mailto:infrastructure-dev@apache.org>
List-Id: <infrastructure-dev.apache.org>
Reply-To: infrastructure-dev@apache.org
Delivered-To: mailing list infrastructure-dev@apache.org
Received: (qmail 93161 invoked by uid 99); 21 Jan 2015 09:54:24 -0000
Received: from mail-relay.apache.org (HELO mail-relay.apache.org)
 (140.211.11.15)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Jan 2015 09:54:24 +0000
Received: from [192.168.1.38] (2804ds5-soeb.0.fullrate.dk [90.184.204.23])
	by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with
 ESMTPSA id 6CEE91A0041
	for <infrastructure-dev@apache.org>; Wed, 21 Jan 2015 09:54:22 +0000 (UTC)
Message-ID: <54BF775B.4040305@apache.org>
Date: Wed, 21 Jan 2015 10:54:35 +0100
From: Daniel Gruno <humbedooh@apache.org>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: infrastructure-dev@apache.org
Subject: Re: Brooklyn not in
 http://people.apache.org/committers-by-project.html
References: <4E0AE711-6F64-434C-86C9-A9811FC729D6@toolazydogs.com>
	<CAKprHVb9ar+rVHOb5=rG=6SOoceDkJHJ11S+abA=CH9T9OxtVA@mail.gmail.com>
	<45FDAEE3-8701-4BA3-B3C3-57A7A7DDE6E1@toolazydogs.com>
	<CAKprHVbre4Eco6fqgbFB5Zp5if2o+5repSBzEdyetz-9XOQL8w@mail.gmail.com>
	<933D3493-8B77-44F3-A76F-C7C80328DFAB@toolazydogs.com>
	<CAKprHVb7kk8AhxTJ9NjEr7MRT8STcnWUoOwWuBDQmSvqwTRfsg@mail.gmail.com>
	<F520B75B-9663-452E-A344-09CE54270434@toolazydogs.com>
	<CAOGo0VYmKmHwEqVv=J4J5ba+EveF9+mqOLho2qi37awG95U6+g@mail.gmail.com>
	<CAK2iWdTSB0KiC4VZ=BtACNUU=kWMDDXRn-dw4i3UZ-w9m9QE6g@mail.gmail.com>
	<CAOGo0VbO0xYyHa5XvAURn+K1ptXFL-zyiHwAdn0iYhXDCnAVpQ@mail.gmail.com>
	<CAK2iWdQ0JWEp7HCg2Hn+pvgwobidwrD3+VBYH0nhhkVjrwzFGw@mail.gmail.com>
	<CAOGo0VbFqvJUXMwkOTLoBt0t==6QoM9mfM0A0-FQYgcARUjMJQ@mail.gmail.com>
	<CAAS6=7jWf6OsmEZJvuRKDvOp6EHxmyx96mYLTvAqHPnN7bN=Rw@mail.gmail.com>
	<07AECD11-CA8F-42AB-8D3D-70B0D6764720@toolazydogs.com>
 <CAK2iWdTzvsobM8ZKtKNo6ynqL9Ucdba15U-ns3Pm8BMkWZLwiQ@mail.gmail.com>
In-Reply-To: 
 <CAK2iWdTzvsobM8ZKtKNo6ynqL9Ucdba15U-ns3Pm8BMkWZLwiQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit


On 2015-01-21 09:47, jan i wrote:
>
>> Can we all agree that we need to put this into LDAP?
>
> I agree with you  that LDAP is the right place for such information, and I
> do not see so many podlings fail that it should be a major concern. However
> I think a discussion on general@i.a.o is needed.
>
> If PPMC/committers maintenance of a podling is moved to LDAP, the mentors
> and/or PPMC will no longer be able to maintain it them self. The script to
> update LDAP is only available to officers (chairs) and infra, meaning we
> move a task and the incubator chair needs to agree to that.
>
> If incubator agrees on this approach then I assume David (v.p. infra) will
> be relatively easy to convince.
>
> rgds
> jan i
Podlings are experiments, not actual projects, in as much as a podling 
is no more than a sub project much like mod_ftp or the Nth commons 
sub-project. Are you suggesting we add LDAP groups for all sub projects? 
We have LDAP (UNIX) groups for committers for the sake of maintaining a 
working authorization/authenication scheme, which is a moot point for 
incubator where we exercise universal commit bit.

As I understand it, the sentiment seems to be "let's put it in LDAP 
instead of tracking it in a file".

Let's list some pros and cons for this LDAP idea as opposed to using the 
auth file for tracking:

Pros:
  - it's in LDAP instead of a text file.
  - it may (or may not) be easier to get a list of project members

Cons:
- Our current setup would be invalidated
- We'd have to change our account and podling request processes
- We'd have to change the graduation process significantly
- The Incubator chair would have to manage all this or we would have to 
rework how LDAP works
- We'd have to create a new OU for this, which would mean yet more work 
on all auth schemes
- There would/could be disputes over what is canonical at graduation if 
a resolution conflicts with LDAP
- We would have to import all the previously established podlings into 
LDAP (this would be no small task)
- We would likely create precedence for all sub-projects to have their 
own LDAP group (yet another OU?)
- Unless someone from the Infra PMC steps up to do this voluntarily, it 
would have an added cost of $N to do.
- The auth file would have to have all its current podling auth entries 
changed to LDAP.

If the only reason for moving to LDAP is "I won't have to change a text 
file", then I really fail to see the reason to do this.

What is the actual gain here? It certainly won't make anything easier 
for infra.
How does it in any way compare to the cost of doing such a move?

With regards,
Daniel.
>> I’m happy to scrape this information together and, if given the privs,
>> complete the work.
>>
>>
>> Regards,
>> Alan
>>
>>