project wide changes to maintainer ACLs

Brad Bishop bradleyb at fuzziesquirrel.com
Thu Nov 3 01:27:54 AEDT 2022 

On Tue, Nov 01, 2022 at 01:53:25PM -0500, Patrick Williams wrote:
>On Mon, Oct 31, 2022 at 07:05:52PM -0400, Brad Bishop wrote:
>> OpenBMC maintainers
>>
>> This coming Sunday, November 6th, absent any feedback here I am planning
>> on:
>>
>> 1 - Removing admin repository access by <xyz>-maintainers groups from
>> all projects on Github that use the OpenBMC Gerrit instance for peer
>> review (no change for projects that do not use the Gerrit instance like
>> the kernel, u-boot, or qemu).
>> 2 - Copying the submit prolog rules from the openbmc/openbmc Gerrit
>> project to the openbmc-all-repos Gerrit project.
>>
>> Impacts to maintainers are:
>>
>> 1 - Members of <xyz-maintainers> groups will no longer have any special
>> access to the GitHub repository (such as push, force-push).  If anyone
>> requires such access, please respond to this email.
>>
>> 2 - You may now delegate the Gerrit OWNER role via the OWNERS file in
>> your project, as supported by the OWNERS plugin documented here:
>> https://gerrit.googlesource.com/plugins/owners/+/refs/heads/master/config.md
>
>In order to accomplish #2, I thought previously investigations yielded
>that everyone needed to be added to have +2 (even thought it was
>meaningless unless also confirmed by the OWNER plugin).  Has this been
>resolved?  Are we going to move everyone to have this?  

I think if everyone can give a +2, it will cause mild confusion.  People 
doing reviews will wonder why they can give a +1 or a +2 and wonder 
which one to pick.  Granted that in the end it doesn't matter what they 
pick, but avoiding the confusion provides a better experience with our 
project and that seems worthwhile.

Personally I would prefer the same simplicity for maintainers, but I 
don't maintain much code anymore so my opinion doesn't have to matter 
too much.

>Or are we going to have a global "maintainers group" with +2 abilities?

Let's do this.  I'll re-purpose the existing all-maintainers group.
That means any maintainer can give a +2 on any project.  I am hopeful 
noone gives a +2 on a project they aren't an owner on and cause more 
confusion for the patch submitter (does this mean my patch is approved?  
Why can't I submit it?) ...

There won't be any need for the per-repository maintainer groups 
anymore, so I will probably remove those at some point.  Any issues 
there?

I want to re-iterate that existing maintainers will lose some abilities 
with this transition; namely, any elevated access to the GitHub project 
and any elevated access to the Gerrit project other than the ability to 
approve a change (so no pushing, tagging, etc).  Anything beyond 
approving changes will require a Gerrit admin or GitHub organization 
owner).  If anyone thinks they need these permissions, please reply.

thanks,
brad

More information about the openbmc mailing list