Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bot deployment, access, & permission #23

Closed
williamkapke opened this issue Apr 12, 2016 · 8 comments
Closed

Bot deployment, access, & permission #23

williamkapke opened this issue Apr 12, 2016 · 8 comments

Comments

@williamkapke
Copy link
Contributor

ATM, the bot is deployed manually by @phillipj to his dokku account while we get it started.

The bot account needs significant org permissions to perform some of it's actions. This access means PRs needs to be carefully reviewed and scrutinized for security before deployment.

We will probably want to:

  • Move this repo to the nodejs org
  • Give commit rights to a restricted set of people in the Node.js Org
  • Determine an owner. Build WG? CTC? TSC? Something new?
  • Determine a deployment strategy. (Automatic? Always Manual? By whom?)

/cc @mikeal

@jbergstroem
Copy link
Member

Since the build group runs and maintains most infra for Node.js I think this would be a good fit. Ultimately, I'd like to see an automatic deployment strategy if the active contributors in here deem it stable enough.

Edit: the benefit of having the build group managing it is also that there is an established trust for things like secrets and access.

@Fishrock123
Copy link
Contributor

We could probably have this just deploy like the website, where master automatically gets picked up by a webhook.

@Fishrock123
Copy link
Contributor

The bot account needs significant org permissions to perform some of it's actions.

Oh true, because of write perms for labels.

I don't actually think it's the hugest deal. All the repos are git, anything you could do is pretty easily recoverable (besides deleting user comments strangely enough).

If we want it to be secure: we should make it check gpg keys for signed git tag(s).

@jbergstroem
Copy link
Member

Also likely needs elevated access to jenkins.

@Fishrock123
Copy link
Contributor

Hmmm, #29 would need owner GitHub org access.

Perhaps it would be better to do that bit though a separate proxy or something so that we don't need to be as worried?

@phillipj
Copy link
Member

Perhaps it would be better to do that bit though a separate proxy or something so that we don't need to be as worried?

@Fishrock123 could you elaborate on what a separate proxy means in detail/what it would do in practice, and why that would make it safer than just providing this bot with GH org access?

@phillipj
Copy link
Member

phillipj commented Aug 5, 2016

I just moved the bot repo to the org 👯

edit: gave access to everyone in the build WG for now

@williamkapke
Copy link
Contributor Author

All of the tasks listed have been completed! 🎉
Approving & assigning elevated permissions should be discussed in new issues (and are).

Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants