TL;DR: request for a script/tool to audit & fix Salsa team roles; request for one of the Science team owners to run that script/tool. Hello, While helping out[0] a fellow Debian Developer (DD), I noticed that they had the wrong role in the "science-team" Salsa group. According to the Debian Science Team policy, "all Debian Developers [should] have at least Maintainer level of access". https://science-team.pages.debian.net/policy/#idm145 It would be great if the following script/tool existed: 1. Grab the list of members of the Debian Science team from Salsa. 2. Confirm which of these Salsa users are Debian Developers. 3. For each Salsa user (member of the "science-team" Salsa group) who is a confirmed Debian Developer, ensure that they have the GitLab group role of "Maintainer" or higher. 4. All other members of the "science-team" Salsa group (corresponding to Salsa users who are Debian Maintainers, or who are without formal membership in Debian) should have the GitLab role of "Developer". If someone can write or assemble that script/tool, they we can ask one of the Science team "owners" to run the script/tool to do a bulk fix of permissions List of owners of the "science-team" Salsa group: https://salsa.debian.org/groups/science-team/-/group_members?max_role=static-50 [0] The DD had made a team upload, but they were unable to push their changes to the corresponding Package Repository as the "debian" branch was protected and limited to team members in the "Maintainers" role only. Personally I would be fine with allowing all Debian Maintainers to also push, but I don't know if that maps well to the GitLab roles. Currently the Debian Science Team policy is silent on the topic of protected branches beyond the statement that "[a]ll group members [should] have write access to all Package Repositories". Cheers -- Michael R. Crusoe
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature