Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add crates.io-index repository under automation #1306

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Add crates.io-index repository under automation #1306

wants to merge 2 commits into from

Conversation

Kobzol
Copy link
Contributor

@Kobzol Kobzol commented Jan 28, 2024

Repo: https://github.com/rust-lang/crates.io-index

I'm pretty sure that this isn't correct yet. This repo should most probably not require PRs. Should I add bors to it? It's not managed by homu, but the bors GH account pushes to the repo regularly (even though it seems like it didn't have access?!), this is quite weird.

Extracted from GH:

org = "rust-lang"
name = "crates.io-index"
description = "Registry index for crates.io"
bots = []

[access.teams]
crates-io = "write"
crates-io-on-call = "write"
security = "pull"

[access.individuals]
skade = "write"
Turbo87 = "write"
tshepang = "write"
carols10cents = "write"
pietroalbini = "admin"
LawnGnome = "write"
hi-rustin = "write"
mdtro = "write"
badboy = "admin"
rust-lang-owner = "admin"
Xylakant = "write"
rylev = "admin"
jdno = "admin"
JohnTitor = "write"
Mark-Simulacrum = "admin"
justahero = "write"
jtgeibel = "write"
listochkin = "write"

[[branch-protections]]
pattern = "master"
required-approvals = 0
pr-required = false

@Kobzol @ehuss
Add homepage
770231a 
Co-authored-by: Eric Huss <eric@huss.org>
@Turbo87
Copy link
Member

Turbo87 commented Feb 27, 2024

This repo should most probably not require PRs

it usually doesn't, but there have been cases where the crates.io team has opened a PR to manually fix something

@Turbo87
Copy link
Member

Turbo87 commented Feb 27, 2024

Should I add bors to it? It's not managed by homu, but the bors GH account pushes to the repo regularly (even though it seems like it didn't have access?!), this is quite weird.

I totally agree that it is weird, and IMHO we should change it eventually. The crates.io backend is pushing to the repository with a deploy SSH key (AFAIK) and uses git author information (i.e. email) to associate the commits to the bors GH account. those are not signed commits though, so anyone basically can create commits like that, just not necessarily in this repo.

to answer the initial question: no, bors does not need access to this repository.

Turbo87
Turbo87 reviewed Feb 27, 2024
View reviewed changes
repos/rust-lang/crates.io-index.toml
Comment on lines +11 to +13
[[branch-protections]]
pattern = "master"
required-approvals = 0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

unless I'm missing something, the pr-required = false from the PR text seems quite important here, since the crates.io backend is pushing directly to the master branch

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed. The issue is that pr-required is not implemented yet 😆

@Kobzol Kobzol mentioned this pull request Feb 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehuss ehuss ehuss left review comments

@Turbo87 Turbo87 Turbo87 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Kobzol @Turbo87 @ehuss