[Owasp-leaders] Access management on GitHub

johanna curiel curiel johanna.curiel at owasp.org
Tue Jan 3 09:55:44 UTC 2017


+Bjoern, I agree on this.
If our technical staff also agrees, I think this clean up is surely
necessary

@Matt: If you also agree or have another suggestions from the technical
point of view, please let us know so Bjorn can continue with the proposed
changes

On Wed, Dec 28, 2016 at 3:35 PM, Bjoern Kimminich <
bjoern.kimminich at owasp.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi all,
>
> I noticed that the access rights on our GitHub organization are a mess at
> the moment. Most repositories have a "team" defined representing the
> project team - which is good, especially if a project has multiple repos,
> where manually adding individuals to each stops being fun.
>
> The bad news: Most of these "teams" have been deleted at some point in
> time. GitHub unfortunately does not remove those from assigned repos
> automatically. So we now have a several zombie teams on GitHub that show a
> 404 when trying to view them.
>
> Then there is this "Owner" team where ~17 people are in, and an "Admin"
> team where only I am in, for unknown reason. Neither team membership gives
> full access to the org settings, so no idea what they are good for.
>
> Is there a secret concept behind this? If not, I vote for tabula rasa:
>
> 1. Delete all teams
> 2. Remove all (zombie) teams from all repos
> 3. Create a dedicated team per OWASP project that has repos in the org and
> assign their members
> 4. Assign teams to their repos as "Writer" or "Admin" (depending how
> project prefers)
> 5. Give at least project leader individual "Admin" prefs on repos of
> his/her projects
> (6. Create one admin team and assign it as "Admin" to all repos)
>
> Better ideas? I suggest doing this *after* clearing the trash/empty
> repositories to avoid useless effort.
>
> Cheers,
> Bjoern
> -----BEGIN PGP SIGNATURE-----
>
> iQFfBAEBCgBJQhxCasO2cm4gS2ltbWluaWNoIChQcml2YXRlIEVtYWlsYWRyZXNz
> ZSkgPGJqb2Vybi5raW1taW5pY2hAZ214LmRlPgUCWGPNngAKCRAGKoWoy/vc2qtI
> B/9qLzlJN8WtFlSvfHZVKBAfo+uFAKAz53WNqnRvmJvn/zEhPgbsT7hMgfbwnoLV
> UcM01uvOBsVZRZIsyBP1fpcy+1mtPsD6FnYhGZBhglQm2UTuHK3iyrLCEnYX/Glc
> i8wVeIUIAcQUac+Jwj4MAuvh64naNKHqQyg9z3pPM1cMEpAmtWFyytUT9eUrVlnn
> HElvBxPB8b3oMcj22bpY75WtJDY0uHLs2ylFTNTISSKYVad2NBMLZPGnIZ5AONkq
> 3ydSDAoJxnVJx1CIK6kP0beFxm3QyAaGvwlu9pWr19SlWG9btW7soM/Z8flkY+ji
> DCm6qOptWAgnW8PzsjmO/TRv
> =P6AH
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>



-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170103/9063dfe4/attachment.html>


More information about the OWASP-Leaders mailing list