Add concourse github org to org automation#1545
Conversation
- concourse wg definition taken from #1540
|
@taylorsilva : Can you install the github app "CF Foundation Community Automation" (https://github.com/apps/cf-foundation-community-automation) into your concourse org and grant it the following permissions to all repos (these are the permissions granted in the cloudfoundry org):
This should enable the CFF org automation to manage the concourse org. I would test it then by running the Dump Github Organization Settings workflow. |
|
I've installed the app into the Concourse org. I think because I'm not part of the CF org here yet I can't run the workflow though. Can you kick it off and I'll check the output. Feel free to ping me here again. |
- copied from org dump #1557
|
Result of concourse org dump: #1557 (note that it just the concourse org). I copied the repos part over into orgs.yaml of this PR. Resulting orgs.out.yml is attached. This is the input for peribolos and describes how the concourse org will look like after the org automation did its job. Please review carefully. |
| - name: Ivan Chalukov | ||
| github: IvanChalukov | ||
| - name: Kump3r | ||
| github: Kump3r |
There was a problem hiding this comment.
Ivan and Kalin should be under the approvers section now since the following PR's were approved and merged:
| concourse: | ||
| repos: {} |
There was a problem hiding this comment.
If this is left blank, as-is, what happens to all the rules we currently have in place across our repos? Will the automation force some defaults onto all of our repo's?
There was a problem hiding this comment.
Looking at branchprotection.out.yml from your comment, it looks like defaults are applied. Looking at just one repo as an example:
concourse:
allow_deletions: false
allow_disabled_policies: true
allow_force_pushes: false
enforce_admins: true
include:
- ^master$
- ^v[0-9]*$
protect: true
required_pull_request_reviews:
bypass_pull_request_allowances:
teams:
- wg-concourse-bots
dismiss_stale_reviews: true
require_code_owner_reviews: true
required_approving_review_count: 1It's missing protecting our release/* branches, and the required status checks we have set in that repo too for PRs. Is it also possible to protect tags as well in this list?
It seems that we should populate this field with all of our custom rules across our repos. How should we collaborate on this? Should I update it and paste the file here?
Concourse wg definition taken from #1540
TODOs: