> On 11. Feb 2020, at 08:11, Tim Jacomb <timjaco...@gmail.com> wrote:
>
> I feel like we can work something out for the security project, possibly
> there’s a better tool for it...
>
> I don’t think it’ll work easily in the cloud version either
Since it seems like we've managed to finally really derail this thread, I'll
follow up:
The major obstacle as I see it is the mapping of users. This applies to every
alternative not backed by our LDAP.
We need something that every maintainer inherently has access to, ideally even
used before; and a tamper-proof & complete mapping between those accounts and
the accounts in permission YAML files (which we use as reference to determine
who even is a maintainer) that does not require any actions by hundreds of
current maintainers.
Right now, we get all of this for free: LDAP account creation creates Jira
account; plugin hosting requests and most plugins' issues are tracked in Jira;
both systems share the same user name.
We already have trouble with some Jira accounts having outdated notification
email addresses in Jira, and need to go some lengths to contact these
maintainers, and doing it via email typically means I am then the SPOF for any
direct email responses. Doing something similar for every issue simply won't
scale.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/66B4FB4F-9BDF-4C87-9E01-14C1F6A0804E%40beckweb.net.
