concourse / governance Goto Github PK
View Code? Open in Web Editor NEWDocumentation and automation for the Concourse project governance model.
License: Apache License 2.0
Documentation and automation for the Concourse project governance model.
License: Apache License 2.0
The daily terraform action disables discussion of concourse/concourse. We need to find out where and make sure it to not do that anymore.
concourse/concourse discussion is not disabled
refer to concourse/concourse#8715
No response
terraform apply
go test
to verify the integrity of the state in GitHubWill need to securely configure a GitHub token with effectively org admin permissions.
Though there is an obvious temptation to use Concourse for this, it's probably worth considering GitHub Actions just to keep the scope of this narrow.
Admin permissions are needed for configuring a repo's deploy keys. The governance model only grants maintain permissions, and this is a pretty common need for maintainers, so we'll need a way to do this through Terraform.
We can use the github_repository_deploy_key
resource and add a deploy_keys
section to the repo config listing public keys to authorize. The importer should also be updated to import these, and all existing deploy keys should be configured in the repo. This would also be a good method of auditing repo access; deploy keys should only be set up through this repo.
Because we ship Concourse directly to VMware customers, we have to set up some internal infrastructure to make sure what we ship comes from something VMware controls.
This can be done by setting up an internal mirror that we sync to every time we ship Concourse. We can then develop internal pipelines to build from this repo instead.
master
on the Concourse repo to master
in the mirrormaintainers.yml
It currently says to send reports to [email protected]
, which isn't great.
email:
field to community team members (optional)CODE_OF_CONDUCT.md
with new email
The aequasi/discord
provider seems the best one (it has docs).
This will likely involve creating a Discord Application, Bot, and Team which should probably have the @concourse/infrastructure team as members (admins).
We have a Mailgun account now. wat do?
https://documentation.mailgun.com/en/latest/user_manual.html#mailing-lists
Not sure how to automate this yet!
Currently security issue reports are sent to [email protected]
, an address accessed exclusively by VMware team members. This email address is also used for various VMware-controlled accounts, so it's a bit of a mess. We should make this more neutral, and probably get a more trustworthy-looking address.
email:
field to contributors (optional)[email protected]
email which forwards emails to team members
SECURITY.md
+ docs website with new email
CONTRIBUTING.md
Things to mention:
Thoughts on adding a new team that can triage things under the resource-type and reusable task repositories?:
https://github.com/concourse/governance/blob/master/teams/maintainers.yml#L51-L76
Looks like there may have been initial thought that it could be beneficial given the above file comments. I'd like to help with triaging on resources/tasks but right now it's only maintainers.
14643ffc update release checklist
(thanks taylor!)45c87fec update boarding pass URL
(โฐ๏ธ, but probably easily restored)196aa75d Merge pull request #15 from concourse/update-deploy-hh
(โฐ๏ธ)There's already a test suite; just need to run it in Actions. The suite tests not only that the desired state matches the actual state, but that insidious things like outside/individual collaborators haven't been configured on any repos. The suite doesn't run yet because there's some cleanup to be done before it will pass.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.