chore(codeowners): change ownership of CircleCI config #3378
Conversation
github-actions
bot
added
the
ci
|
Thanks |
|
Thanks for accepting and merging this Pull Request. Today, we opened a new pull request on the CircleCI Schema file (#3417). As code owners, we were hoping to review and merge these changes ourselves. Unfortunately, we are not fully code owners yet. 
According to the errors report on the CODEOWNERS file:
According to GitHub docs
We've ensured that our team @CircleCI-Public/developer-experience is publicly visible, all that is missing now is write permissions to the SchemaStore repo. Would it be possible to be granted write permissions to this repo? Using the CODEOWNERS file and branch protection rules, it should be possible to limit our contributions to only the files related to CircleCI. I understand this is quite the ask, and that multiplying users with write permissions may not be secure. Let us know if this is possible. |
|
Good with me, but it would really be up to @madskristensen (ping) |
|
Another option, especially if we get multiple requests, is to use a bot like code-owner-self-merge. That would alleviate the security concerns while allowing autonomy. |
|
I like the code-owner-self-merge option the best. seems like it would solve the problem in a more scalable way |
|
Sounds great, I'll be able to work on that sometime tomorrow |
|
@loderunner @jvincent42 Users from the |
|
It looks like the bot's message does not ping the group, and there are no reviewers to the PR, so that might need to be fixed 🤔 |
|
While investigating, I stumbled across OSS-Docs-Tools/code-owner-self-merge#13, which mentions that support for organization teams is not implemented yet. This seems to be a requirement since const users = await octokit.paginate('GET /orgs/{org}/teams/{team_slug}/members', {
org: 'bash-bastion',
team_slug: 'cool-team'
})The code needs to determine which people are members of the team, so it knows whether or not a commenter who says "LGTM" is authorized to merge the PR. Debugging this, when I use the API on the command line, I also get inconsistent results. Quering my test team: $ gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /orgs/bash-bastion/teams/cool-team/members
[
{
"login": "hyperupcall",
"id": 24364012,
"node_id": "MDQ6VXNlcjI0MzY0MDEy",
...
}
]But, using CircleCI's: $ gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /orgs/CircleCI-Public/teams/developer-experience/members
{
gh: Not Found (HTTP 404)
"message": "Not Found",
"documentation_url": "https://docs.github.com/rest/teams/members#list-team-members"
}This seems to suggest that
Is this the case for the |
We are the Developer Experience team at CircleCI, and we develop the CircleCI VS Code extension and the CircleCI YAML language server.
Our users often use our software in conjunction with the Red Hat YAML extension for VS Code. This extension provides schema validation for many YAML file formats, based on the schemas in SchemaStore.
As a consequence, many of our users report errors to us errors with the schema in SchemaStore, whether it be mistakes in the schema, or simply our product deprecating or changing certain features, believing that the error comes from our extension.
When this happens, we often contribute to SchemaStore to provide our users with a smooth experience across products. However, the work cycle is less than optimal, as we need our contributions to go through a fork and a pull request.
Today, we wish to go one step further. We would like to share our updates to the SchemaStore community faster and in a more proactive manner. We wish to take ownership of the schema for CircleCI config files in the SchemaStore in order to ensure continuous updates and avoid desynchronization between our product and SchemaStore.
If this seems like a valid arrangement, could you please approve and merge this PR, and grant write privileges to the CircleCI-Public/developer-experience team?
Thank you!