Stephen are you saying that we can't trust ASF Members? That we have to fear
that at least one ASF member will not be able to resist the urge to leverage
the RoyalePMC account for evil?
I'm sure we can find some other way to distribute credentials if that's true,
but I would think there are juicier targets for a rogue ASF member, like
leveraging Jenkins.
My 2 cents,
-Alex
On 1/10/19, 2:11 AM, "stephen.alan.connolly@" <gmail.com
stephen.alan.conno...@gmail.com> wrote:
On 2019/01/10 08:45:19, Alex Harui <aha...@adobe.com.INVALID> wrote:
>
>
> On 1/9/19, 7:35 PM, "Roman Shaposhnik" <ro...@shaposhnik.org> wrote:
>
> On Wed, Jan 9, 2019 at 11:38 AM Alex Harui <aha...@adobe.com.invalid>
wrote:
> >
> > Hi Greg,
> >
> > You may have missed some other infra-technical questions upthread
that might help us fashion a solution. I'll repeat them here:
> >
> > 1) What is the state of Git->SVN and SVN->Git integration? Could
our job clone git to SVN, have the bot make changes in SVN with the additional
restrictions as you said SVN could do, then sync back up to Git (including tags
as well)?
> > 2) What would be the impact of infra creating a "RoyalePMC"
committer account?
>
> That is definitely not allowed. PMC members are expected to be human
> beings with ICLAs on file with ASF.
>
> The only allowed users of the RoyalePMC account would be human PMC
members (technically, anyone with access to private@royale
That's quite a lot of people:
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.apache.org%2Ffoundation%2Fmembers.html&data=02%7C01%7Caharui%40adobe.com%7C33f7cbec128f4660474e08d676e3fe7b%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C636827118935854043&sdata=gqZuG0b6LJIw2%2BoH6AB0v9ejpr4OSeIyJubN48%2F6ux0%3D&reserved=0
Or had you forgotten that all members of the ASF implicitly have access to
all TLP's private@ mailing lists?
Now you might be able to put stuff in the project's private section of
Subversion... but IIRC all commits there are notified back to private@ so that
wouldn't deter somebody else.
> ). Commits from RoyalePMC would therefore have somebody's ICLA behind it.
Yes, but they may not be the people the board has tasked with ensuring that
all released source code has been +1'd by at least three PMC members.
>
> In fact, I would go as far as to say that any PMC member willingly
> disseminating his or her credentials for *others* to use is likely to
> be considered for a an action from the board.
>
> I would agree that PMC members should not share their credentials with
others, hence the idea of having a RoyalePMC account, so no human has to share
or transfer credentials to the build machine. Is it important to know exactly
which individual committed something or just that somebody with an ICLA
committed something, and why?
>
> Thanks,
> -Alex
>
>
