-
Notifications
You must be signed in to change notification settings - Fork 363
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update governance #2197
Update governance #2197
Conversation
9711038
to
ba372fc
Compare
I am hoping that Github changes the permission model for Github actions in the near future, and that we can reduce permission level for members from "Write" to "Triage". |
Codecov Report
@@ Coverage Diff @@
## main #2197 +/- ##
==========================================
- Coverage 41.31% 41.28% -0.03%
==========================================
Files 139 139
Lines 17225 17225
==========================================
- Hits 7117 7112 -5
- Misses 9484 9487 +3
- Partials 624 626 +2
Flags with carried forward coverage won't be shown. Click here to find out more.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update. A minor comment.
ba372fc
to
96813af
Compare
/skip-all |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
GOVERNANCE.md
Outdated
duration of 12 months (no contribution of any kind), they may be removed from | ||
the antrea-io Github organization. In case of privilege abuse (members receive | ||
write access to the organization), any maintainer can decide to remove the | ||
member. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would suggest a minor change to require always a consensus of at least 2 maintainers before removing write access rights. This in order avoid situations where misunderstandings can lead maintainers to take actions that might be perceived incorrectly as it happened in a recent incident in the Linux kernel community.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a bit conflicted. I see your point and I did think about this originally. But my intent was to enable a maintainer to act swiftly, since write privileges can be abused in a somewhat disruptive way I think, even with branch protection.
Maybe I should rephrase it along these lines:
In case of privilege abuse (members receive write access to the organization), any maintainer can decide to disable write access temporarily for the member. Within the next 2 weeks, the maintainer must either restore the member's privileges, or remove the member from the organization. The latter requires approval from at least one other maintainer, which must be obtained publicly either on Github or Slack.
What do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks great!
* switch to cncf-antrea-maintainers@lists.cncf.io as the maintainers mailing list * use the CNCF code of conduct * define antrea-io Github org membership and how to become a member * clarify PR merging process Signed-off-by: Antonin Bas <abas@vmware.com>
Signed-off-by: Antonin Bas <abas@vmware.com>
96813af
to
980aba5
Compare
/skip-all |
mailing list