Re: Salsa group role for DDs; bulk update needed

To: "Michael R. Crusoe" <crusoe@debian.org>
Cc: Debian Science List <debian-science@lists.debian.org>
Subject: Re: Salsa group role for DDs; bulk update needed
From: Anton Gladky <gladk@debian.org>
Date: Fri, 18 Oct 2024 11:21:28 +0200
Message-id: <[🔎] CALF6qJks+L1tw3Jyi2a1Aeaahy7o=wDz4Wokrp+BfODpGRYU-Q@mail.gmail.com>
In-reply-to: <[🔎] dfaff14d-7e1b-4c06-bb82-942037ebc08a@debian.org>
References: <[🔎] dfaff14d-7e1b-4c06-bb82-942037ebc08a@debian.org>

Hi Michael,

thanks a lot for raising this! I totally agree with the proposal.
The only problem is that gitlab API gives the email address which
we can use to determine, whether the user is DD or not, is available
only for payed version of gitlab [1]. If there are some other ways
to get this information, please let me know.

Otherwise, I am also OK to give all members the status maintainer.

[1] https://docs.gitlab.com/ee/api/members.html

Regards

Anton

Am Fr., 18. Okt. 2024 um 10:12 Uhr schrieb Michael R. Crusoe
<crusoe@debian.org>:
>
> TL;DR: request for a script/tool to audit & fix Salsa team roles; request for one of the Science team owners to run that script/tool.
>
> Hello,
>
> While helping out[0] a fellow Debian Developer (DD), I noticed that they had the wrong role in the "science-team" Salsa group.
>
> According to the Debian Science Team policy, "all Debian Developers [should] have at least Maintainer level of access".
>
> https://science-team.pages.debian.net/policy/#idm145
>
> It would be great if the following script/tool existed:
>
> 1. Grab the list of members of the Debian Science team from Salsa.
> 2. Confirm which of these Salsa users are Debian Developers.
> 3. For each Salsa user (member of the "science-team" Salsa group) who is a confirmed Debian Developer, ensure that they have the GitLab group role of "Maintainer" or higher.
> 4. All other members of the "science-team" Salsa group (corresponding to Salsa users who are Debian Maintainers, or who are without formal membership in Debian) should have the GitLab role of "Developer".
>
> If someone can write or assemble that script/tool, they we can ask one of the Science team "owners" to run the script/tool to do a bulk fix of permissions
>
> List of owners of the "science-team" Salsa group: https://salsa.debian.org/groups/science-team/-/group_members?max_role=static-50
>
> [0] The DD had made a team upload, but they were unable to push their changes to the corresponding Package Repository as the "debian" branch was protected and limited to team members in the "Maintainers" role only. Personally I would be fine with allowing all Debian Maintainers to also push, but I don't know if that maps well to the GitLab roles. Currently the Debian Science Team policy is silent on the topic of protected branches beyond the statement that "[a]ll group members [should] have write access to all Package Repositories".
>
> Cheers
>
> --
> Michael R. Crusoe

Reply to:

References:
- Salsa group role for DDs; bulk update needed
  - From: "Michael R. Crusoe" <crusoe@debian.org>

Prev by Date: Salsa group role for DDs; bulk update needed
Next by Date: Re: Sponsor needed for alberta package with soversion bump
Previous by thread: Salsa group role for DDs; bulk update needed
Index(es):
- Date
- Thread