Magma Project Permissions #5784
hcgatewood
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Magma Project Permissions
As Magma development moves fully into the open, once-implicit permissions management now needs to be explicit. This document presents a set of norms for managing GitHub permissions in the project.
We're aiming to not hamper productivity, so if these changes end up reducing your capacity to do your job, please reach out with the explicit issues in
#governance-tsc-ama
and we can work on a solution, whether general or specific.Context
The goal of these norms is to protect the integrity of the project over time: from incidental account compromise, permissions inflation, and PRs merged without passing all checks.
The Magma org currently has 16 owners and an additional 8 repo admins. The goal is to cut this down to 1-2 owners per stakeholder and clear guidance on admin permissions.
Permisions
GitHub follows a two-tiered approach to permissions: org-level permissions and repo-level permissions. If an individual has stronger org-level permissions than repo-level, their org permissions override.
This document describes the org-level permissions for the
magma
org, and the repo-level permissions for themagma/magma
repository.Org-level permissions
There are 2 principal org-level roles
We propose the following norms for assigning an account to an org-level role
We propose the following list of org owners
Repo-level permissions
There are 4 principal repo-level roles
We propose the following norms for assigning an account to a repo-level role
We propose the following list of repo admins
Updating permissions
Some permissions changes will occur naturally as part of the codeowner update process.
Making someone an org Member or repo Write can be performed unilaterally.
Aside from those, the general process for updating repo permissions (e.g. org Owner or repo Admin) will be requesting the change in the
#governance-tsc-ama
channel. An informal majority agreement by TSC members will pass the motion. Existing org owners will make the change, as coordinated in the Slack thread.Beta Was this translation helpful? Give feedback.
All reactions