Mailinglist Archive: opensuse-buildservice (88 mails)

< Previous Next >
Re: [opensuse-buildservice] CI rights management
  • From: Jos Poortvliet <jos@xxxxxxxxxxxx>
  • Date: Fri, 28 Feb 2014 15:58:06 +0100
  • Message-id: <1814154.Ip1fph1YiZ@jos-desktop>
On Monday 24 February 2014 09:37:52 Sascha Peilicke wrote:
On Sunday 23 February 2014 16:06:26 Jos Poortvliet wrote:
On Feb 19, 2014 5:32 PM, "Sascha Peilicke" <speilicke@xxxxxxxx> wrote:
Hi guys,

since more and more openSUSE projects start to make use of our CI
infrastructure, we have to organize who's allowed to do what. In the
past

we

just added more and more people with rights to organize everything. So
I

tried

to reduce the global list of users with admin rights. Instead, we now

have a

per-project (translates to Jenkins job) ACL matrix where each project
can
organize stuff themselves. In simple words, you now can configure per
job
who's allowed to change things. There should be no need to bug me again
:
:-)
:
That said, the list of ci.o.o admins now is:
coolo, jdsn, bmwiedemann and saschpe (me).

The following openSUSE projects currently use ci.opensuse.org:
- Open Build Service / osc
- OpenStack
- Yast / libyui

The first two projects have per-job based access rules set already. If
you
have a ci.o.o job and want to grant somebody the right to modify it,
just
check "Enable project-based security" and add the (already registered)

user in

question.

And if you want to add your openSUSE-related project to our CI, please

get in

touch with any of the guys mentioned above. That's it.

I am guessing there is a wiki page where this is documented, perhaps it
would be possible to link to that page from http://ci.openSUSE.org?

I have to admin that ci.opensuse.org is slightly under-documented. However,
I'd like to avoid creating huge wiki pages that run out of sync. Instead,
the CI boys already agreed to add/extend Jenkins job descriptions and
similar things so that this is more obvious. I guess having a small wiki
page about "how to get your stuff tested" wouldn't hurt...

Yeah, I'm not a big fan of huge wiki pages either... More than something
like:
---
If you have a ci.o.o job and want to grant somebody the right to modify it,
just check "Enable project-based security" and add the (already registered)
user in question.

And if you want to add your openSUSE-related project to our CI, please get in
touch on openSUSE=packaging (?).
---

is probably not needed... Might even fit on the jenkins page.
< Previous Next >
This Thread