This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Neels Hofmeyr nhofmeyr at sysmocom.deHi all, I have just changed the access configuration of gerrit.osmocom.org: * added a group of "known users" * allow create+push to refs/heads/users/* to this group * disallow access to refs/users/* (except to admins for cleanup) * added a sysmocom group * allow create+push to refs/heads/sysmocom/* to this group Questions: * allow global namespace access to "known users"? * or move old user branches to users/? Causality: Previously, gerrit granted create+push access to refs/users/* (note: no "heads") to anybody. However, branches pushed there were not being replicated to git.osmocom.org. IMHO we should not have this fragmentation of repositories. Instead, we could allow create+push to refs/heads/users/* (note: "heads") to any registered user. The refs/heads/users/* namespace will replicate to git.osmocom.org repositories automatically. But: Before gerrit, anyone would be able to push to any branch. We relied on trust that we wouldn't mess with other devs' branches or push to master without review. That worked out pretty well. But, before gerrit, we would actively enable users we trust. With gerrit, ANYONE can register without any project member even noticing, and start pushing right away. Thus we should rather limit the push access, e.g. to refs/heads/users/* When granting push access to the users/* namespace to ANYONE, one problem remains: any troll could commit any amount of completely unrelated data, and we would readily replicate it to our "upstream" git.osmocom.org repositories. So, actually, instead of allowing push access to users/* to anyone, I have added a group "known users" to gerrit, which should typically contain anyone we trust not to be a troll. I have added all gerrit users I know to this group. Anyone who wishes to push to a users/* branch must request to be added to the "known users" group. The threshold to join this group should be low. (The ability to push patches for review is not affected.) Since certain subgroups like to collaborate on given branches (e.g. fairwaves, sysmocom, ...), we can add specific namespaces for these groups. I have so far added a refs/heads/sysmocom/* namespace and a "sysmocom group access" gerrit group. I can add more groups on request. The only advantage here is that you can drop the "users/" path element. Any "known users" member can collaborate on users/* branches already, e.g. refs/heads/users/sysmocom/topic. To make this less config prone, we could go one step further and allow global push access to the group of known users, going back to the model of trust that users take care not to push nonsense. That would include access to master. We also still have various branches in git.osmocom.org that don't have the 'users' path element. If we grant global namespace access to known users, these would continue to be useful. If not, we could rename these to users/ to allow further access. Opinions welcome! ~Neels -- - Neels Hofmeyr <nhofmeyr at sysmocom.de> http://www.sysmocom.de/ ======================================================================= * sysmocom - systems for mobile communications GmbH * Alt-Moabit 93 * 10559 Berlin, Germany * Sitz / Registered office: Berlin, HRB 134158 B * Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://lists.osmocom.org/pipermail/openbsc/attachments/20160525/ef9cb926/attachment.bin>