Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a Prow command to create branches #15779

Closed
zacharysarah opened this issue Jan 6, 2020 · 13 comments
Closed

Add a Prow command to create branches #15779

zacharysarah opened this issue Jan 6, 2020 · 13 comments
Labels
area/prow Issues or PRs related to prow kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/docs Categorizes an issue or PR as relevant to SIG Docs.

Comments

@zacharysarah
Copy link

zacharysarah commented Jan 6, 2020
edited
Loading

What to add

Consider adding a Prow command to create new branches.

Why it matters

SIG Docs handles localizations for Kubernetes docs.

When SIG Docs adds a new localization, we add the team's leaders to a repo team with write permissions so that leaders can create long-running branches for team collaboration.

As the number of localizations increases, the number of people with write access to k/website also increases. This poses a security risk that worsens at scale. We've already seen two incidents in the past two months of contributors using write permissions to bypass Prow:

We need to minimize the number of people with write permissions to k/website while preserving the ability of localization teams to work on collaborative branches.

Thanks in advance for your consideration!

Additional context

#sig-docs Slack

cc @jimangel @kbarnard10 @cblecker
@zacharysarah zacharysarah added the kind/feature Categorizes issue or PR as related to a new feature. label Jan 6, 2020
@zacharysarah
Copy link
Author

/sig docs

@k8s-ci-robot k8s-ci-robot added the sig/docs Categorizes an issue or PR as relevant to SIG Docs. label Jan 6, 2020
@justaugustus
Copy link
Member

@zacharysarah -- This is timely! Releng is discussing possibilities here: kubernetes/release#857

cc: @kubernetes/release-engineering

@justaugustus justaugustus mentioned this issue Jan 7, 2020
Closed
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 6, 2020
@zacharysarah
Copy link
Author

This is still important.

/remove-lifecycle stale
/lifecycle frozen
/priority important-longterm

@k8s-ci-robot k8s-ci-robot added priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Apr 6, 2020
@cblecker
Copy link
Member

/remove-lifecycle frozen

We haven't decided if/how we would do this, so it doesn't really qualify for frozen.

I'm not sure what the workflow would even look like for this.. we don't really do repo-scoped commands. They are all issue or PR scoped.

@k8s-ci-robot k8s-ci-robot removed the lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. label May 24, 2020
@stevekuznetsov
Copy link
Contributor

If we implement branch creation as a plugin, we can just enable the plugin on a single repo.

@cblecker
Copy link
Member

@stevekuznetsov That's not what I mean. I mean where would you issue the command to create a branch?

@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 23, 2020
@jimangel
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 23, 2020
@BenTheElder BenTheElder added the area/prow Issues or PRs related to prow label Aug 28, 2020
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 26, 2020
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Dec 26, 2020
@fejta-bot
Copy link

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

@k8s-ci-robot
Copy link
Contributor

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/prow Issues or PRs related to prow kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. sig/docs Categorizes an issue or PR as relevant to SIG Docs.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@justaugustus @BenTheElder @cblecker @zacharysarah @jimangel @stevekuznetsov @k8s-ci-robot @fejta-bot