www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Nalley (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-10134) github integration for Pull/review requests
Date Mon, 24 Aug 2015 15:38:46 GMT

    [ https://issues.apache.org/jira/browse/INFRA-10134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709465#comment-14709465

David Nalley commented on INFRA-10134:

Hi Rajani -

Forgive the copypasta - this is a frequent request: 

This (and related issues with pull requests) are a frequent request
from projects. So we have a number of things going on right now with
regards to github that will be of interest, but won't solve this
problem for you (at least yet).

So today, the permissions for Github are pretty coarse, there are
essentially three levels: read, write, and admin.

Unfortunately to do anything much more than comment on a review, you
need write level. Currently we don't have anyone with write level
access because the repos are mirrors only. (A subset of the root@
infrastructure team has admin access to the Apache organization.)

Earlier this year we began exploring the possibility of making Github
our canonical repository (meaning committers would get write access)
and while most of the issues we found were solvable, the current
blocker on that Github doesn't expose push logs to us. They feel they
have a duty to protect their users privacy. We feel that we need to
see push logs for provenance purposes. You can see that decision in
the April Legal Affairs board report. [1]. We are continuing the
conversation with Github, and have even talked as recently as this
week about the situation as we continue to try and sort it out.

Separately from that, Github is just now starting early access to
improved org permissions that features greatly enhanced granularity of
permissions[2], including granting permissions to manipulate pull
requests and issues separate from write access to the repositories.
We've asked, and been told we'll be included in the early access
program, but as of yet, that hasn't yet begun; though we hope it will
come to fruition in the coming weeks and we'll start working on
deploying that.

Completely separately from those two - IF the improved org permissions
doesn't come about in a timely manner, or if it doesn't meet our
needs, we have some code that authenticates and authorizes based on
the ASF's LDAP service, and then proxies requests to Github using one
of service accounts at Github. We don't want to stand this up service
if it's going to be obviated by Github in a matter of days or weeks.

> github integration for Pull/review requests
> -------------------------------------------
>                 Key: INFRA-10134
>                 URL: https://issues.apache.org/jira/browse/INFRA-10134
>             Project: Infrastructure
>          Issue Type: Bug
>            Reporter: Rajani Karuturi
> We(cloudstack) replaced review board with github PRs for the review requests due to the
ease of use and familiarity. But, since github/apache/cloudsatck is a readonly clone, we are
limited in functionality. 
> Here are a list of things which would make using github PRs even more effective. 
> 1. ability to force close a PR with no activity (right now the only way to close a PR
with no activity from the author is to make a dummy commit with 'This close #xxx' message
> 2. marking the PR as discarded(probably by using labels) to differentiate accepted vs.
rejected PRs.
> 3. ability to add assignee(s) to a PR 
> 4. information on who merged the PR (it says asfgit merged the pr)

This message was sent by Atlassian JIRA

View raw message