Test-infra: override: allow top-level OWNERS to override contexts

Created on 5 Sep 2019  路  6Comments  路  Source: kubernetes/test-infra

Today the override plugin uses GitHub access control (repository admin) to determine if a user can use /override. The rest of Prow and the SIG in general wants to move away from using these access controls and having workflows that require more than read access, so we should use some other means of detecting this. For instance, we could use the top-level OWNERS files for a list of people who can /override.

/area hook
/cc @cblecker @nikhita @cjwagner @fejta

kinfeature
Source
picture stevekuznetsov

Most helpful comment

All three sounds good :)

picture stevekuznetsov on 6 Sep 2019
🎉2

All 6 comments

/cc @tnozicka

stevekuznetsov picture stevekuznetsov on 5 Sep 2019

Either that, or a GitHub team (that isn't necessarily tied to permissions).

Not 100% sure which is a better approach

cblecker picture cblecker on 5 Sep 2019

GitHub team might be a nice option but does not scale, implicit OWNERS will be less friction.

stevekuznetsov picture stevekuznetsov on 6 Sep 2019

Why not both :upside_down_face:

We can have config options like allow_top_level_owners _and_ github_teams (containing info about team id and name) and the repo maintainers can decide which ones they'd like to use.

nikhita picture nikhita on 6 Sep 2019
👍1

And repo admins would have power to override implicitly too (existing behaviour)

nikhita picture nikhita on 6 Sep 2019

All three sounds good :)

stevekuznetsov picture stevekuznetsov on 6 Sep 2019
🎉2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

benmoss picture benmoss  路  3Comments
zacharysarah picture zacharysarah  路  3Comments
cblecker picture cblecker  路  4Comments
cjwagner picture cjwagner  路  3Comments
BenTheElder picture BenTheElder  路  4Comments