Review GitHub organization teams & permission

[larsbergstrom]

Right now, as a holdover from the VERY old days of GitHub, nearly all Servo reviewers plus some random others have Admin permissions. There are also two security groups. I'd like to:

• Get us down to one, much smaller, group with Write
• Use Protected Branches (https://github.com/blog/2137-protected-branches-improvements) to make it so that only Organization Admins & bors-servo can push to master on our repositories
• Make sure the set of Organization (and thus Repo) Admins is very, very small.
• Document what the permissions should be when a new repository is moved to or forked in the Servo GH Organization

cc @edunham

[edunham]

@larsbergstrom Good idea! If you provide me with a list of the only people who need Admin perms, I'll do the permissions changes.

Current members of the "Developers" team with legacy admin perms:

• asajeffrey Alan Jeffrey
• bholley Bobby Holley
• dzbarsky David Zbarsky
• eefriedman
• emilio Emilio Cobos Álvarez
• frewsxcv Corey Farwell
• KiChjang Keith Yeung
• kmcallister Keegan McAllister
• Manishearth Manish Goregaokar
• michaelwu Michael Wu
• Ms2ger
• nox Anthony Ramine
• paulrouget Paul Rouget
• saneyuki Tetsuharu OHZEKI
• SimonSapin Simon Sapin
• Wafflespeanut Ravi Shankar

Current members of the Core team, with legacy admin perms:

• alexcrichton Alex Crichton
• andreasgal Andreas Gal
• bors-servo
• BrendanEich Brendan Eich
• brson Brian Anderson
• edunham E. Dunham
• glennw Glenn Watson
• jdm Josh Matthews
• jgraham
• larsbergstrom Lars Bergstrom
• mbrubeck Matt Brubeck
• metajack Jack Moffitt
• mrobinson Martin Robinson
• Ms2ger
• nnethercote Nicholas Nethercote
• pcwalton Patrick Walton
• SimonSapin Simon Sapin

[Ms2ger]

Move me to the Write group, please.

[tetsuharuohzeki]

I'd like to edit Assignee and Labels of issues. Could you permit me to edit them?

[larsbergstrom]

@edunham

Admin perms should be:
larsbergstrom
metajack
edunham
Manishearth
jdm
mbrubeck

Everybody else should just have Write (which I believe gives the ability to change assignee & labels).

[larsbergstrom]

Related to this is the list of owners at https://github.com/orgs/servo/people, which I think should be just:
larsbergstrom
metajack
edunham

For convenience, https://help.github.com/articles/repository-permission-levels-for-an-organization/ is the repo permission levels, which does indicate that Write is sufficient for changing assignee & labels.

[edunham]

Added a "check the repo's permissions" section to https://github.com/servo/servo/wiki/Adding-a-repo-to-Homu documenting a guess at the correct perms to hand out when setting up new stuff, based on how Servo/Servo is.

[edunham]

The last remaining thing is "set up branch protection". Branch protecting every repo in the org is not feasible right now because Homu is not working on all repos. Additionally, it's unclear whether we want to add Homu to every repo that's ever been forked to the org. Superseding this with #17626 for next steps.

Please re-open if there's additional tasks here not captured by #17626.