Page MenuHomePhabricator

Requesting access for paladox to be added to the Repo Admins group
Closed, DeclinedPublic

Description

Hi could I be given permission to edit and add uri's on repos.

The uris I will be adding are mirrors.

I guess the only way for doing this is to request access to be a Repo Admin.

Event Timeline

This permission is given by becoming a member of the Diffusion-Repository-Administrators group.

Right now, I think it'd be best for these things to continue to be done by the current membership of Diffusion-Repository-Administrators.

Maybe this could be changed into adding me to repository-admins group please. Since I doint think we can manually add a new type of permission the easy way.

@mmodell ^^

greg renamed this task from Permission to edit and add uri's on repos to Permission for Paladox to edit and add uri's on repos.Jul 7 2016, 10:36 PM
Paladox renamed this task from Permission for Paladox to edit and add uri's on repos to Requesting access for paladox to be added to the Repo Admins group.Aug 4 2016, 9:36 PM
Paladox updated the task description. (Show Details)

Right now, I think it'd be best for these things to continue to be done by the current membership of Diffusion-Repository-Administrators.

I don't want to give my opinion about adding paladox to the group or not, but it would be interesting, why you think it'd be best to keep the memberships of this group like they're now (just for interest) :)

@Florian I only want to be able to add the GitHub mirror, I tryed creating a patch that would allow us to have a separate group for adding url but that failed.

To say the unsaid: I was (and still am in some ways) uncomfortable with giving all of the rights associated with Diffusion-Repository-Administrators to Paladox.

I don't think it is appropriate to state reasons publicly right now. See also: production access requests there is a separate private sub-task for opsen to reply with "-1" to a specific access request in private.

@greg: ah ok, sorry, I thought you don't want to give the membership to anyone in general. It seems that was a misunderstanding from my side :) Thanks for the clarification!

Also, for the record, @Paladox is doing a ton of great work in CI/Phabricator/Gerrit and I think my concerns will be alleviated soon.

@greg hi, thanks, would you be able to pm your concerns please so that I can see what I need to do to change please?

One issue is that it's not necessarily wise to fiddle with the diffusion urls without server access that might be needed to diagnose problems. Diffusion UI is still rather rough around the edges and there are failure conditions which aren't obvious until you see them in the daemons.log on the server.

I don't think it is appropriate to state reasons publicly right now. See also: production access requests there is a separate private sub-task for opsen to reply with "-1" to a specific access request in private.

Can you please link it as a sub/parent task, so people with access can see the relationship of the tasks (in the future) if needed.

Can you please link it as a sub/parent task, so people with access can see the relationship of the tasks (in the future) if needed.

I think you misunderstood. There is not one in this case, but they are in practice for SRE-Access-Requests . My apologies if conflating "production" with "ops access requests" confused you/others (of course, Phabricator is in production, but Diffusion-Repository-Administrators does not follow the SRE-Access-Requests process).

AFAIK the ops-access-request subtask functionality has been removed because it was rarely-to-never used and the maintenance burden was deemed too high for such an obscure feature.

(offtopic: they also have a weekly all ops meeting where they have a time to discuss those access requests that had that subtask, so, they are covered that way)

Given Mukunda's comment (that working with those URLs would necessarily need server/shell/production access to debug) and also given that I am working with Paladox privately to address any concerns, I will decline this task for now and any future requests can be filed at the appropriate time.

I've talked with Paladox about this and he agrees with this course of action.