Inactive users to be deleted #801
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
I want to refute my revocation. I contributed the cc @beyhan |
|
Hi,
I would like to refute my revocation. I work on compliance aspect of
bosh-linux-stemcell-builder
<https://github.com/cloudfoundry/bosh-linux-stemcell-builder/tree/be6d676e3ab9b2105bb6bf2539d49d92c126210e>
Thanks,
Nitin
…On Sun, Mar 31, 2024 at 8:19 PM github-actions[bot] < ***@***.***> wrote:
According to the rules for inactivity defined in RFC-0025
<https://github.com/cloudfoundry/community/blob/main/toc/rfc/rfc-0025-define-criteria-and-removal-process-for-inactive-members.md>
following users will be deleted:
@xtreme-nitin-ravindran <https://github.com/xtreme-nitin-ravindran>
@joefitzgerald <https://github.com/joefitzgerald>
@staylor14 <https://github.com/staylor14>
@PureMunky <https://github.com/PureMunky>
According to the revocation policy in the RFC
<https://github.com/cloudfoundry/community/blob/main/toc/rfc/rfc-0025-define-criteria-and-removal-process-for-inactive-members.md#remove-the-membership-to-the-cloud-foundry-github-organization>,
users have two weeks to refute this revocation, if they wish.
------------------------------
You can view, comment on, or merge this pull request online at:
#801
Commit Summary
- bf3140a
<bf3140a>
Delete inactive users
File Changes
(1 file <https://github.com/cloudfoundry/community/pull/801/files>)
- *M* org/contributors.yml
<https://github.com/cloudfoundry/community/pull/801/files#diff-848893d2d3da8db8604783c9b8e8bdbcf4967fda3b970f116265994f66e3aff6>
(4)
Patch Links:
- https://github.com/cloudfoundry/community/pull/801.patch
- https://github.com/cloudfoundry/community/pull/801.diff
—
Reply to this email directly, view it on GitHub
<#801>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABIT6LIT7AR5BVW3DLHMCPTY3CRXZAVCNFSM6AAAAABFQ2F3W6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGIYTOMRWGY3DAOA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.
|
beyhan
requested review from
a team,
rkoster,
beyhan,
stephanme,
ameowlia and
ChrisMcGowan
and removed request for
a team
|
Hi @joefitzgerald, hi @xtreme-nitin-ravindran, at the moment you both have the contributor role which makes you just a member of the cloudfoundry org and gives you read access to all repositories. That means you can't merge any PRs. If you would like to keep this role please make a pr like this when this one is merged and the TOC will make sure to merge it and also the inactive user automation won't suggest your user for removal for the next one year. The other alternative is to apply for a role in the working groups you are active by making a pr like this but this depends to the working group. |
|
This is a confusing response. I am a contributor, I have contributed a library that is used by many cloud foundry related tools, but I am being removed as a contributor and must make a PR to add myself back as a contributor, and must do this every year. What is the utility of this policy? The likely result is you will drive the few remaining community contributors out of the project; it's certainly off putting to me and makes me regret moving my library from the |
|
Hi @joefitzgerald, Thank you for your honest feedback. I think in your case it makes more sense to become an approver for the
We don't want to make things more complicated as they should be. We want to keep the contributors list up to date and introduced the inactive user automation because of this issue where we evaluated to use github enterprise. The github enterprise licence type costs are based on github org members count. |
|
I was not even aware I had lost access to merge PRs in I think the most appropriate course of action is transferring the repo back to the I regret agreeing to transfer it to the |
|
Hi @joefitzgerald, It is unfortunate that you want to go this way but in this situation it is helpful to know that there was an incident with the The TOC invested a lot to implement a transparent and fully automated user and repository management for the cloudfoundry org. This is seen as benefit most of the time (at least my impression is such). If you have any concrete feedback about what should improved it is more then welcome. In case you decide otherwise I prepared a draft commit, which implements my suggestion. |
|
Thanks for that additional context. I see that there is good intention behind the actions thus far. However, if library owners who contribute their library to the
... then the process is broken. My expectations are really simple: please restore my admin access to the library so that I can effectively maintain it, or let me move it elsewhere (perhaps I need a new org) where I can restore my admin access. I also contributed significantly to the |
|
I can't agree with any of the statements above:
Were you involved in the discussion to move the |
|
I second @beyhan statement. I believe the only oversight I can see is that as part of #706 some more due diligence could have been performed to figure out if other recent contributors to the go-uaa repo would want to retain their approver roles as part of the move. This could be a good amendment to our process for moving over repo's (for example get approval from all authors who made a commit to the repo in the prior year before moving a repo over). |
I don't recall this move being discussed with me, and I certainly don't recall being notified that I would lose access (either admin or maintainer access) to the repo I maintain. I worked over the years to get the UAA team to step up and maintain the repo more. With the organizational changes over the years, there was a lot of transition, so I remained the backstop.
@rkoster Imagine you had spent lots of time creating and maintaining a repo over the years. Then, someone else moved the repo to another org, didn't discuss it with you, and asked you to justify your maintainer role. I imagine it is easy to empathize with someone upset by this. This whole conversation almost feels like gaslighting because here I am justifying my rights to the repo that I thought I had rights to in the first place because it was me who created it, as an organization owner! I now realize that the repo transfer to this org caused me to lose my ability to merge PRs, which is why I stopped being able to "contribute," which led to me being included in this PR to remove me as a contributor. This is quite frustrating. The unwritten contract (other issues notwithstanding) in the
Which I think is the intent of your "[...] the only oversight [...]" comment. But it didn't happen. So how are we going to make it right?
I am not against the repo being in the |
|
@joefitzgerald could you create a PR to move the go-uaa library into its own area within the Foundational Infrastructure working group drawing inspiration from this example. I would suggest to at least also include @strehle (UAA maintainer from SAP) as an approver in this working group area. With regards to Admin permissions there have been cases in the past where people needed admin rights to manage github action secrets, this is actually one of the main drivers behind this whole org clean-up, because we want to reduce only have active contributors in the Cloud Foundry org so that we can switch to an enterprise plan so that we can use custom roles. This would eliminate the need for admin rights on repo's. |
Per the instructions in cloudfoundry#801 (comment), this splits go-uaa from the rest of the UAA repos so that I can continue to merge PRs as the original author and maintainer of the library. Signed-off-by: Joe Fitzgerald <[email protected]>
@joefitzgerald is active in the go-uaa repository and applied for an approver status with #810
|
With 2d6b465 I re-added @joefitzgerald because he is active in the |
According to the rules for inactivity defined in RFC-0025 following users will be deleted:
@xtreme-nitin-ravindran
@joefitzgerald
@staylor14
@PureMunky
According to the revocation policy in the RFC, users have two weeks to refute this revocation, if they wish.