This repository contains all the information for administrators to manage Django Commons packages.
- Review new issues/application at https://github.com/django-commons/membership/issues/
- If they are not a real human or not reasonably trustworthy, close the issue, asking for more information they are a human and not a spambot. You can explain that by being a member, they can impact repositories immediately.
- Add the user's GitHub username to the
memberscollection in theterraform/production/org.tfvarsfile.members = [ # ... "new_user" ]
- If they requested to be on specific repository team(s), in
the
terraform/production/repositories.tfvarsfile, add them to thememberscollection.repositories = { "[REPOSITORY]" = { # ... members = [ # ... "new_user" ] } }
- Create a pull-request to
mainbranch. This will trigger terraform to plan the changes in the organization to be executed. Review the changes and make sure they align with the request. - Merge the pull request. This will trigger terraform to apply the changes in the organization.
- If they are not a real human or not reasonably trustworthy, close the issue, asking for more information if they are a human and not a spambot. You can explain that by being a member, they can impact repositories immediately.
- For the requested repository's team(s), in
the
terraform/production/repositories.tfvarsfile, add them to thememberscollection.repositories = { "[REPOSITORY]" = { # ... members = [ # ... "new_user" ] } }
- Create a pull-request to
mainbranch. This will trigger terraform to plan the changes in the organization to be executed. Review the changes and make sure they align with the request. - Merge the pull request. This will trigger terraform to apply the changes in the organization.
- Confirm with all existing admins that they approve changes to the repository admins or committers.
- If there's disagreement, close the issue and ask for the admins to come to a consensus
- For the requested repository's team(s), in
the
terraform/production/repositories.tfvarsfile, for the repository's key underrepositories, add them to theadminscollection for the correct team. There will be two privileged teams for each repository,*-adminsand*-committers, the user should be added to the requested team.repositories = { "[REPOSITORY]" = { # ... admins = [ # ... "new_user" ] } }
- Create a pull-request to
mainbranch. This will trigger terraform to plan the changes in the organization to be executed. Review the changes and make sure they align with the request. - Merge the pull request. This will trigger terraform to apply the changes in the organization.
- Check if repository meets inbound requirements.
- Confirm who will be the admins and maintainers for the repository
- PyPI project owner must add you (Django Commons admin) as owner in PyPI
- (TODO: Determine how this works with transferring out of an org and into the Django Commons org)
- Add repository owner to Django Commons as member (they'll be added to a team later)
- Share link (https://docs.github.com/en/repositories/creating-and-managing-repositories/transferring-a-repository) with repo owner to transfer repo
- Wait for repository transferred in
- Make Terraform changes to add new project
- Configure environments pypi and testpypi in the repository to enable publishing packages via GitHub Actions
- For pypi environment, add Deployment protection rule with reviewers as [repo]-admins and enable "Allow administrators to bypass configured protection rules"
- Under Actions > General > "Fork pull request workflows from outside collaborators", set "Require approval for first-time contributors"
- Set a calendar event or reminder for 30 days in the future to remove previous repository owner from team
Assuming repository name is repo-name:
- In
terraform/production/respositories.tfvars, add the new repository to therepositoriessection:
repositories = {
# ...
"repo-name" = {
description = "repo description"
allow_auto_merge = false # optional, default is false
allow_merge_commit = false # optional, default is false
allow_rebase_merge = false # optional, default is false
allow_squash_merge = false # optional, default is false
allow_update_branch = false # optional, default is false
enable_branch_protection = true # optional, default is true
has_discussions = true # optional, default is true
has_downloads = true # optional, default is true
has_wiki = false # optional, default is false
is_template = false # optional, default is false
push_allowances = []
required_status_checks_contexts = [] # optional, default is []
template = "" # optional, default is ""
topics = []
visibility = "public" # optional, default is "public"
skip_team_creation = false # Optional, default is false => create 3 teams for the repository
admins = [] # Members of the repository's admin and repository teams. Have admin permissions
committers = [] # Members of the repository's committers and repository teams. Have write permissions
members = [] # Members of the repository team. Have triage permissions
}
}- Confirm there's agreement amongst current project maintainers to move project out of Django Commons
- Add new Owner(s) to project in PyPI
- Transfer GitHub repo to new owner or Org
- Wait for repository to be transferred out.
- Remove all Django Commons members from PyPI project (except any that are staying on from step 2)
- (TODO: Determine how to handle transferring a PyPI project out of an organization)
- Remove the repository from the
repositoriessection interraform/production/respositories.tfvars - Remove the parent team and child teams for the repository from the
teams_repositoriesandteams_repositories_privilegedsections interraform/production/teams.tfvars - Create a pull-request to
mainbranch. This will trigger terraform to plan the changes in the organization to be executed. Review the changes and make sure they align with the request. - Merge the pull request. This will trigger terraform to apply the changes in the organization.