[tc] Assuming control of GitHub organizations

Jeremy Stanley fungi at yuggoth.org
Sat Jun 29 12:37:06 UTC 2019

On 2019-06-29 07:04:00 -0500 (-0500), Sean McGinnis wrote:
> Seems fairly easy enough to even just create a githubadmin at openstack.org
> account and control access via that.

Which brings us all the way back around to what the Infra team ended
up doing... create a shared account backed by a second auth factor
of an OTP generator on its own access-controlled system with audit
logging. You could leverage it the same way to authorize and
deauthorize other accounts for short-term administrative access.

But at the end of the day, solutions like that are probably more of
a pain than if the handful of admins who want to have GH accounts
and also use GH for other reasons could just have two separate
accounts. (Not that I particularly have a horse in this race either
way, I'm just happy I can stop touching GH nearly so often.)
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190629/5126fd0d/attachment.sig>

More information about the openstack-discuss mailing list