Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

implementing #10 #77

Merged
merged 13 commits into from
Sep 26, 2024
Merged

implementing #10 #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
5ba3472
implementing #10
baentsch Sep 10, 2024
4142084
change formatting
baentsch Sep 10, 2024
f6b174f
add code owners
baentsch Sep 10, 2024
c541b25
Update .github/pull_request_template.md
baentsch Sep 10, 2024
9c19405
first try to implement community rules
baentsch Sep 19, 2024
c0077ae
removing admin approval need as per TSC agreement
baentsch Sep 19, 2024
c6cf754
one more fix to let CI check what's still wrong....
baentsch Sep 19, 2024
3941292
Rewrite config file, adding sources of truth where applicable
SWilson4 Sep 24, 2024
23398e4
Fix config error
SWilson4 Sep 24, 2024
e4e0da2
Fix further config errors
SWilson4 Sep 24, 2024
b5ced25
Use release managers teams for language wrappers
SWilson4 Sep 24, 2024
a464dbb
Add thelinuxfoundation account explicitly as an org owner
ryjones Sep 25, 2024
236ba1c
Separate CODEOWNERS into separate teams to better enforce least privi…
SWilson4 Sep 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions .github/pull_request_template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<!-- Please give a brief explanation of the purpose of this pull request. -->

<!-- Does this PR resolve any issue? If so, please reference it using automatic-closing keywords like "Fixes #123." -->

<!-- As changes to the file `config.yaml` are particularly sensitive because they change GH permissions throughout the project, the following rules apply to PRs affecting this file -->

Unconditionally, changes to `config.yaml` must
- [ ] be approved by 2 members of the OQS TSC
- [ ] not violate permissions documented in GOVERNANCE.md files for sub projects where such files exist

The following goals apply to changes to the file `config.yaml` with exceptions possible, as long as the rationale for the exception is documented by comments in the file:
- [ ] all sub projects should be treated identically wrt roles & responsibilities as per the detailed list below
- [ ] teams/team designations are to be used wherever possible; using personal GH handles should only be used in team definitions
- [ ] Admin changes to the file must be documented by comments as to the rationale of the change

All the following conditions hold for permissions set in `config.yaml`:
- sub project maintainers have admin rights on the sub projects
- OQS and sub project release managers have maintainer rights on the sub projects but can themselves set/reset branch protection rules limiting write access to sensitive branches
- sub project committers have write rights on all branches of the sub projects but can request branch protection rules limiting this
- sub project contributors (incl. code owners) have write rights on all branches except main on those sub projects
- OQS and sub project triage actors have triage rights on all branches of the sub projects
- OQS maintainers and LF admins have admin rights on the organization (e.g., org-wide secret management) as well as maintenance rights on the team configurations

2 changes: 1 addition & 1 deletion CODEOWNERS
View file
Open in desktop
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1 +1 @@
config.yaml @ryjones @open-quantum-safe/tsc
config.yaml @open-quantum-safe/tsc
Loading