Re: Alioth → Salsa
On Mon, Jan 29, 2018 at 06:08:47PM +0100, gregor herrmann wrote:
> Sharing
> =======
>
> I wanted to make the repos accessible for all DDs, like we did on
> Alioth. It seems that the term for that is "sharing with group
> 'Debian'". And it seems that it's not possible to share a (sub)group
> but only individual projects, aka repositories.
> Or did I miss something?
>
> This is of course painful to do for all future 3500 repos, and then
> for new repos, etc. And the API doesn't make it better:
> - sharing and unsharing is terribly slow (several seconds before the
> call returns), in the back of my head I saw busy tiny persons
> running through a PostgreSQL database and adding/removing all the
> IDs ...
> - sharing/unsharing also has a delay, I had to wait for about a
> minute until project_users showed the correct output
> - sharing/unsharing are not idempotent, i.e. sharing fails when the
> project is already shared, unsharing fails if the project is not
> shared. That's not insane per se, but there doesn't seem to be a
> method to list current shares. In dpt-salsa I now check if the user
> with id 1 (that's the salsa administrator) is a project user
> *cough*
>
> Unless I missed something, that's all a bit tedious. Maybe we should
> just forget about this sharing business?
Yeah, I don't think it's a bad thing to ask people to introduce themselves
on the list first anyway, even if they are DDs.
> Permissions
> ===========
>
> AFAICS, access level "manager" is needed in a subgroup to allow the
> members to add new projects, i.e. push new repos, which is what we
> want. -- This seems to have the interesting side effect that all those
> "managers" get all "join requests" (in the To: header) :/ It sounds a
> bit unfortunate to send them to (in the future) 100 people.
> Did I miss something here?
Why not disable requests entirely and ask people to ask on the list
(which we already do, really).
> Join requests
> =============
>
> I turned off the possibility to ask for membership on the top-level
> "debian-team" group and pointed to the "debian-team / modules"
> subgroup in the description.
>
> Given the issue mentioned above (recipients) and the unhelpful mails
> generated by GitLab (user can't add a message to their request; no
> info who actually requests access in From or Subject; no possibility
> to reply or to find out user's email address; broken signature
> delimiter -- ok, that's just aesthetic), I'm wondering if we should
> turn off the join request feature and just point to the mailing list
> and/or homepage (like other teams already do).
Snap :)
Cheers,
Dominic
Reply to: