add process doc for migrating reviewer permissions to owners files

[dhellmann]

No description provided.

[metal3-io-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dhellmann

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dhellmann]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[dhellmann]

Announced via https://groups.google.com/forum/#!topic/metal3-dev/iVf9sHCJV0g

[russellb]

and if all else fails, the github org owners can manually push changes

[russellb]

In general I'm +0 on this. It's more fine grained control (good), but more overhead (not so good).

Since merging code requires approved + lgtm and we already carefully managed approved access, I don't have a problem being very generous with lgtm access.

If we go this route, I can handle the prow config side when the time comes. I havn't found a config example, but I can see it in this part of the code where it handles skipCollaborators: https://github.com/kubernetes/test-infra/blob/master/prow/plugins/lgtm/lgtm.go#L265-L307

[maelk]

looks good to me! This would give more fine-tuning possibilities if needed, per repo or even more fine-grained if needed. Maybe we could already draft a process for adding reviewers, so that we engage into this change with a picture of the end goal.

[russellb]

looks good to me! This would give more fine-tuning possibilities if needed, per repo or even more fine-grained if needed. Maybe we could already draft a process for adding reviewers, so that we engage into this change with a picture of the end goal.

For a process, how about just sign-off from 2 existing approvers? That's already to get the PR merged, so just make that the procedure? It should be a relatively low bar to get added to reviewers.

[maelk]

agreed, 2 approvers signing on the PR to add the reviewer sounds good to me!

[dhellmann]

agreed, 2 approvers signing on the PR to add the reviewer sounds good to me!

See #94

[dhellmann]

I propose that we use lazy consensus rules to approve this by 12 June. That's a couple of days after our next community meeting, which gives us plenty of time to discuss it here as well as synchronously.

[dhellmann]

Today I created PRs for all repositories where the reviewer list would have new members based on the policy described here and the command

hub api repos/metal3-io/$(basename $(pwd))/stats/contributors | jq -r '.[] | if .total >=10 then " - " + .author.login else "" end'

[dhellmann]

Today I created PRs for all repositories where the reviewer list would have new members based on the policy described here and the command

hub api repos/metal3-io/$(basename $(pwd))/stats/contributors | jq -r '.[] | if .total >=10 then " - " + .author.login else "" end'

At least one PR is reporting an error because OWNERS mentions someone who is not a member of the org. So I think we're going to have to change the Prow settings, then invite people, then add them to OWNERS.

[jan-est]

This is a good starting point to get enough reviewers to each repo.

[jan-est]

I am +1 with these non-goals as long as a process of adding the new reviewers is quick. I am only bit concern how we will give reviewers rights, /approve and /lgtm rights in the future. I totally agree that our growing projects needs some sort of gatekeeping, but how and when should we define the process for approving reviewers and promotion of members to have /lgtm for example?

[maelk]

this was defined in #94

[jan-est]

Thanks @maelk everything was well defined on #94

[russellb]

/lgtm