<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 22, 2016 at 2:41 PM, Michael Scherer <span dir="ltr"><<a href="mailto:mscherer@redhat.com" target="_blank">mscherer@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">Le vendredi 22 janvier 2016 à 11:31 +0530, Ravishankar N a écrit :<br>
> On 01/14/2016 12:16 PM, Kaushal M wrote:<br>
> > On Thu, Jan 14, 2016 at 10:33 AM, Raghavendra Talur <<a href="mailto:rtalur@redhat.com">rtalur@redhat.com</a>> wrote:<br>
> >><br>
> >> On Thu, Jan 14, 2016 at 10:32 AM, Ravishankar N <<a href="mailto:ravishankar@redhat.com">ravishankar@redhat.com</a>><br>
> >> wrote:<br>
> >>> On 01/08/2016 12:03 PM, Raghavendra Talur wrote:<br>
> >>>> P.S: Stop using the "universal" jenkins account to trigger jenkins build<br>
> >>>> if you are not a maintainer.<br>
> >>>> If you are a maintainer and don't have your own jenkins account then get<br>
> >>>> one soon!<br>
> >>>><br>
> >>> I would request for a jenkins account for non-maintainers too, at least<br>
> >>> for the devs who are actively contributing code (as opposed to random<br>
> >>> one-off commits from persons). That way, if the regression failure is<br>
> >>> *definitely* not in my patch (or) is a spurious failure (or) is something<br>
> >>> that I need to take a netbsd slave offline to debug etc., I don't have to<br>
> >>> be blocked on the Maintainer. Since the accounts are anyway tied to an<br>
> >>> individual, it should be easy to spot if someone habitually re-trigger<br>
> >>> regressions without any initial debugging.<br>
> >>><br>
> >> +1<br>
> > We'd like to give everyone accounts. But the way we're providing<br>
> > accounts now gives admin accounts to all. This is not very secure.<br>
> ><br>
> > This was one of the reasons misc setup <a href="http://freeipa.gluster.org" rel="noreferrer" target="_blank">freeipa.gluster.org</a>, to provide<br>
> > controlled accounts for all. But it hasn't been used yet. We would<br>
> > need to integrate jenkins and the slaves with freeipa, which would<br>
> > give everyone easy access.<br>
><br>
> Hi Michael,<br>
> Do you think it is possible to have this integration soon so that all<br>
> contributors can re-trigger/initiate builds by themselves?<br>
<br>
</div></div>The thing that is missing is still the same, how do we consider that<br>
someone is a contributor. IE, do we want people just say "add me" and<br>
get root access to all our jenkins builder (because that's also what go<br>
with jenkins way of restarting a build for now) ?<br>
<br>
I did the technical stuff, but so far, no one did the organisational<br>
part of giving a criteria for who has access to what. Without clear<br>
process, I can't do much.<br></blockquote><div><br></div><div><br></div><div>+ndevos +vijay </div><div><br></div><div>Something like "should have contributed 10 patches to Gluster and be supported by at least 1 maintainer" would do?</div><div><br></div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<span class="HOEnZb"><font color="#888888">--<br>
Michael Scherer<br>
Sysadmin, Community Infrastructure and Platform, OSAS<br>
<br>
<br>
</font></span></blockquote></div><br></div></div>