[tc] Assuming control of GitHub organizations

Jim Rollenhagen jim at jimrollenhagen.com
Wed Jun 26 18:36:37 UTC 2019


The opendev team reached out to me about handing off administrative access
the "openstack" and related organizations on GitHub. They think it would be
best if the TC took control of that, or at least took control of delegating
that access. In general, the goal here is to support OpenStack's presence
visibility on GitHub.

Per Jim Blair:

> In the long run, this shouldn't entail a lot of work, generally creating
> repos on GitHub to accept mirroring from opendev systems, performing
> handling transfer requests when repos move out of the openstack namespace,
> setting and updating descriptions, and curating the list of pinned
> repositories.

In the short term, we have some archiving and moving to do.[0]

Do TC members want to manage this, or should we delegate?

One thing to figure out is how to grant that access. The opendev team uses a
shared account with two-factor authentication provided by a shared shell
account. This mitigates accidental pushes or settings changes when an admin
using their usual GitHub account. The TC (or its delegates) probably doesn't
have a shared shell account to do this with. Some options:

* each admin creates a second GitHub account for this purpose use a shared
* account without 2FA use a shared account with 2FA, share the one time
* with everyone to configure their own token generator use personal accounts
* but be very careful

Thoughts on these options?


// jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190626/51707e50/attachment.html>

More information about the openstack-discuss mailing list