Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating TUF root repo codeowners #394

Merged
merged 1 commit into from
Feb 8, 2024
Merged

Updating TUF root repo codeowners #394

merged 1 commit into from
Feb 8, 2024

Conversation

haydentherapper
Copy link
Contributor

@haydentherapper haydentherapper commented Jan 29, 2024
edited

Summary

Adding one of the Sigstore TUF maintainers, and removing another who is not active on the project.

Release Note

Documentation

@haydentherapper
Updating TUF root repo codeowners
704020e 
Signed-off-by: Hayden B <hblauzvern@google.com>
@haydentherapper haydentherapper requested a review from a team as a code owner January 29, 2024 23:29
@haydentherapper
Copy link
Contributor Author

FYI @jku

@github-actions GitHub Actions
Copy link

🍹 preview on sigstore-github-sync/sigstore/github-prod

Pulumi report 
Previewing update (sigstore/github-prod)

View Live: https://app.pulumi.com/sigstore/sigstore-github-sync/github-prod/previews/f4b30f9d-8acd-4e47-b28b-f88b626c4878

@ Previewing update.....
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:github-prod::sigstore-github-sync::pulumi:pulumi:Stack::sigstore-github-sync-github-prod]
~ github:index/repository:Repository: (update) 🔒
    [id=architecture-docs]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::architecture-docs]
    allowAutoMerge          : true
    allowMergeCommit        : false
    allowRebaseMerge        : true
    allowSquashMerge        : true
    archived                : false
    autoInit                : false
    deleteBranchOnMerge     : true
    description             : "Specification of sigstore's architecture in an IETF internet-draft format"
    hasDiscussions          : true
    hasDownloads            : true
    hasIssues               : true
    hasProjects             : true
    hasWiki                 : true
    isTemplate              : false
    mergeCommitMessage      : "PR_TITLE"
    mergeCommitTitle        : "MERGE_MESSAGE"
    name                    : "architecture-docs"
    pages                   : {
        buildType : "legacy"
        source    : {
            branch    : "gh-pages"
            path      : "/"
        }
    }
    squashMergeCommitMessage: "COMMIT_MESSAGES"
    squashMergeCommitTitle  : "COMMIT_OR_PR_TITLE"
    visibility              : "public"
    vulnerabilityAlerts     : true
  ~ webCommitSignoffRequired: false => true
~ github:index/repository:Repository: (update) 🔒
    [id=.github]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::.github]
    allowAutoMerge          : false
    allowMergeCommit        : true
    allowRebaseMerge        : true
    allowSquashMerge        : true
    archived                : false
    autoInit                : false
    deleteBranchOnMerge     : false
    description             : "Default community health files for the Sigstore organization."
    hasDiscussions          : false
    hasDownloads            : true
    hasIssues               : true
    hasProjects             : true
    hasWiki                 : true
    isTemplate              : false
    mergeCommitMessage      : "PR_TITLE"
    mergeCommitTitle        : "MERGE_MESSAGE"
    name                    : ".github"
    squashMergeCommitMessage: "COMMIT_MESSAGES"
    squashMergeCommitTitle  : "COMMIT_OR_PR_TITLE"
    visibility              : "public"
    vulnerabilityAlerts     : false
  ~ webCommitSignoffRequired: false => true
+ github:index/teamMembership:TeamMembership: (create)
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamMembership:TeamMembership::jku-tuf-root-signing-codeowners]
    role      : "member"
    teamId    : "6378909"
    username  : "jku"
~ github:index/repository:Repository: (update) 🔒
    [id=TSC]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::TSC]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=community]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::community]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=cosign]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::cosign]
  ~ webCommitSignoffRequired: false => true
~ github:index/repository:Repository: (update) 🔒
    [id=cosign-installer]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::cosign-installer]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=cosign-gatekeeper-provider]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::cosign-gatekeeper-provider]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=docs]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::docs]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=dex]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::dex]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=fulcio]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::fulcio]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=friends]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::friends]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=fish-food]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::fish-food]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=github-sync]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::github-sync]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=gitsign]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::gitsign]
  + webCommitSignoffRequired: true
+ github:index/teamRepository:TeamRepository: (create)
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamRepository:TeamRepository::github-sync-sigstore-oncall]
    permission: "maintain"
    repository: "github-sync"
    teamId    : "6693572"
~ github:index/repository:Repository: (update) 🔒
    [id=gh-action-sigstore-python]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::gh-action-sigstore-python]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=helm-charts]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::helm-charts]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=helm-sigstore]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::helm-sigstore]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=k8s-manifest-sigstore]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::k8s-manifest-sigstore]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=homebrew-tap]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::homebrew-tap]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=protobuf-specs]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::protobuf-specs]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=landscape]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::landscape]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=policy-controller]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::policy-controller]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=public-good-instance]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::public-good-instance]
  ~ deleteBranchOnMerge     : false => true
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=rekor]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::rekor]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=rekor-monitor]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::rekor-monitor]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=rekor-search-ui]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::rekor-search-ui]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=root-signing]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::root-signing]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=root-signing-staging]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::root-signing-staging]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=ruby-sigstore]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::ruby-sigstore]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=scaffolding]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::scaffolding]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-blog]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-blog]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-conformance]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-conformance]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-devops-tools]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-devops-tools]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-go]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-go]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-installer]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-installer]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-java]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-java]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-js]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-js]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-maven-plugin]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-maven-plugin]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-maven]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-maven]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-probers]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-probers]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-project-template]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-project-template]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-python]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-python]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-rs]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-rs]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sig-clients]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sig-clients]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sig-public-good-operations]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sig-public-good-operations]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=sigstore-website]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::sigstore-website]
  + webCommitSignoffRequired: true
~ github:index/repository:Repository: (update) 🔒
    [id=timestamp-authority]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/repository:Repository::timestamp-authority]
  + webCommitSignoffRequired: true
- github:index/teamMembership:TeamMembership: (delete)
    [id=6378909:asraa]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamMembership:TeamMembership::asraa-tuf-root-signing-codeowners]
    role      : "member"
    teamId    : "6378909"
    username  : "asraa"
- github:index/teamMembership:TeamMembership: (delete)
    [id=6840584:asraa]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamMembership:TeamMembership::asraa-protobuf-specs-codeowners]
    role      : "member"
    teamId    : "6840584"
    username  : "asraa"
- github:index/teamMembership:TeamMembership: (delete)
    [id=6735686:asraa]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamMembership:TeamMembership::asraa-timestamp-codeowners]
    role      : "member"
    teamId    : "6735686"
    username  : "asraa"
- github:index/teamMembership:TeamMembership: (delete)
    [id=6189278:asraa]
    [urn=urn:pulumi:github-prod::sigstore-github-sync::github:index/teamMembership:TeamMembership::asraa-architecture-doc-team]
    role      : "member"
    teamId    : "6189278"
    username  : "asraa"
Resources:
+ 2 to create
~ 48 to update
- 4 to delete
54 changes. 522 unchanged

@haydentherapper
Copy link
Contributor Author

Cc @bobcallaway for merge

cc @kommendorkapten for +1 to add a maintainer to root signing

@bobcallaway
Copy link
Member

@sigstore/core-team FYI

@cpanato cpanato merged commit be7d49b into sigstore:main Feb 8, 2024
3 checks passed
@cpanato
Copy link
Member

cpanato commented Feb 8, 2024

@bobcallaway @haydentherapper getting this error when applying

 err?: Error: Command failed with exit code 255: pulumi up --yes --skip-preview --diff --exec-agent pulumi/actions@v5 --color auto --exec-kind auto.local --stack sigstore/github-prod --non-interactive
  [resource plugin github-5.26.0] installing
  error: PUT https://api.github.com/repos/sigstore/root-signing-staging/collaborators/sigstore-bot: 422 Role `write-with-bypass` is not available for the sigstore/root-signing-staging repository. []
  error: update failed
  Updating (sigstore/github-prod)
  View Live: https://app.pulumi.com/sigstore/sigstore-github-sync/github-prod/updates/632

@jku
Copy link
Member

jku commented Feb 8, 2024

this is from #395 -- I must have made a mistake there.

I'll open an issue and do a partial revert if I don't see a solution

@jku jku mentioned this pull request Feb 8, 2024
Merged
@haydentherapper haydentherapper deleted the patch-3 branch February 8, 2024 16:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku approved these changes

@bobcallaway bobcallaway bobcallaway approved these changes

@cpanato cpanato cpanato approved these changes

@kommendorkapten kommendorkapten kommendorkapten approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@haydentherapper @bobcallaway @cpanato @jku @kommendorkapten