We've just been having a spirited discussion in IRC on how admin rights on github/collective should work, I'd appreciate you weighing in with your opinions. As you probably know, there is a script administered by Rok that automates many of the tedious tasks involved in GitHub organisations, this is contingency planning, not replacing that.
The ideas are:
1) Status quo, only Rok has access.
2) Rok + plone_foundation GH account have access
3) Rok + 4-5 other Plone devs have access
I'm advocating 2+3, i.e. Rok, plone_foundation, SteveM, davisagli, optilude, etc (Would say Hanno, but we're not cool enough for him).
The argument against 3 is that everything should be done by the script. The argument against 2 is that using an account with shared credentials for disaster recovery and no other time is like going on a business trip to an alien planet in a red shirt, Murphy's law will kick in.
I don't want to see us locked out of the collective because the bus factor gets Rok and nobody can remember the credentials for the foundation account, am I worrying too much?
Matt
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Plone-developers mailing list
Plone-de...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/plone-developers
On Jan 23, 2012, at 7:15 AM, Matthew Wilkes wrote:
> Hi all,
>
> We've just been having a spirited discussion in IRC on how admin rights on github/collective should work, I'd appreciate you weighing in with your opinions. As you probably know, there is a script administered by Rok that automates many of the tedious tasks involved in GitHub organisations, this is contingency planning, not replacing that.
>
> The ideas are:
>
> 1) Status quo, only Rok has access.
> 2) Rok + plone_foundation GH account have access
> 3) Rok + 4-5 other Plone devs have access
>
> I'm advocating 2+3, i.e. Rok, plone_foundation, SteveM, davisagli, optilude, etc (Would say Hanno, but we're not cool enough for him).
+1. Limiting access is a recipe for nothing to get done.
Liz
Not exactly, from the IRC conv you mentioned (in #plone.org):
09:50 < aclark> garbas: i think we have a fundamental
misunderstanding going here ;-)
09:50 < garbas> probably :P
09:51 < aclark> garbas: i understand or at least perceive your
trying to limit "org admins" ?
09:52 < garbas> no … organization owners
09:52 < aclark> right
09:52 < aclark> why?
09:52 < aclark> to let the script do everything, is what i assume
09:53 < garbas> yes … otherwise we will hit github's limit of
5000req/day
09:53 < aclark> garbas: we have two POVs in #plone at the moment.
mwilkes pushing for "redundancy" and me just wondering why i
can't clickie :-)
09:53 < aclark> garbas: i don't understand that bit, what's TTW got
to do w/5000 req per day?
09:54 < garbas> aclark: it syncs every 10min, which means i would
be doing <number-of-repos> requests + 1 every 10 minutes
…
09:55 < garbas> aclark: this way i only do this once and store
results
09:56 < garbas> aclark: but i need to be sure that nobody
changes things manually otherwise script can "blow"
09:56 < aclark> garbas: OOOO
09:56 < aclark> garbas: ok yeah
09:56 < aclark> well that's all you had to say :-)
09:57 < aclark> garbas: so just add that one redundant user to make
mwilkes happy
09:57 < aclark> don't add me, because i would click stuff ;-)
09:57 < garbas> aclark:i added plone-foundation
09:57 < garbas> i think hanno set it up for same purpose for
github.com/plone
09:58 < aclark> cool
So the issue is more about (option 3) adding a bunch of people, then
having to tell them all "no, seriously, don't click on anything" vs.
(option 2) which would allow martior, the AI team, and the PF to handle
any bus factor scenario.
+1 for option 2,
Alex
> The argument against 2 is that using an account with shared credentials for disaster recovery and no other time is like going on a business trip to an alien planet in a red shirt, Murphy's law will kick in.
>
> I don't want to see us locked out of the collective because the bus factor gets Rok and nobody can remember the credentials for the foundation account, am I worrying too much?
>
> Matt
> ------------------------------------------------------------------------------
> Try before you buy = See our experts in action!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-dev2
--
Alex Clark · http://pythonpackages.com
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d