Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal to update the CODEOWNERS file and add MAINTAINERS file #224

Closed
toddysm opened this issue Jan 26, 2023 · 8 comments
Closed

Proposal to update the CODEOWNERS file and add MAINTAINERS file #224

toddysm opened this issue Jan 26, 2023 · 8 comments

Comments

@toddysm
Copy link
Contributor

toddysm commented Jan 26, 2023

What is the areas you would like to add the new feature to?

Notaryproject (Specification)

Is your feature request related to a problem?

The current content of the CODEOWERS file does not list the actual owners and points to a Team on GitHub. This does not provide enough visibility who the owners are.

What solution do you propose?

The proposal is to create a seed list of maintainers for each repository (aka considered sub-project) under the Notary Project organization and update the CODEOWNERS and MAINTAINERS files for each repository with that list. As per the current governance document:

Potential new maintainers should be ongoing active participants in the project

Hence, I propose that repo maintainers are proposed from the list of currently active participants in the Notary community by selecting them from the list of code contributors for the last 3-6 months or meeting participants as per the meeting notes.

I also propose to nominate individual maintainers in separate issues and put for a vote by the active participants' community.

What alternatives have you considered?

None

Any additional context?

No response

@SteveLasker
Copy link
Contributor

👍

@mattfarina
Copy link

Folks, there is a maintainers file that deals with Notary org and sub-project maintainers already.

Should that file be updated? If not, how does it's existing content and structure get pulled into the new file?

Note, the CNCF and the community needs to have a place to look to track these things. For the CNCF the list is used to manage who is on the maintainers mailing list, etc.

@SteveLasker
Copy link
Contributor

Thanks @mattfarina,
The existing maintainers file file does capture the org and sub-project maintainers. The recent motion has been to move from this single file to CODEOWNERS, MAINTAINERS and a even a new sub-project maintainers file to create a single location in each repo.

Many projects, including Notary, have a set of org maintainers, and sub-project maintainers that are not necessarily tied to a single repo. The sub-project maintainers are the day-to-day operators of the project and would need access to Zoom 2FA emails, the ability to open service desk requests, etc.

Is there some guidance, a template, an example, or even an article from CNCF for how to structure projects, CODEOWNERS, MAINTAINERS, GitHub Teams permissions, and even suggestions on branch protection rules?

@mattfarina
Copy link

One other quick note, per the Notary governance...

New maintainers can be added to a subproject by a super-majority vote of the existing subproject maintainers

So, voting to approve someone as a maintainer needs to follow that for the listed sub-project maintainers here.

Many projects, including Notary, have a set of org maintainers, and sub-project maintainers that are not necessarily tied to a single repo.

@SteveLasker to address your latest comment...

For projects that have org and sub-project maintainers you'll find it's often just the org maintainers or steering committee that's counted by the CNCF as maintainers on their mailing list, who get service desk access, and who can vote. Notary is currently setup to all org and sub-project maintainers are seen by the CNCF.

Where does the CNCF go to see the single list of people they need to account for? Will it just be the org maintainers?

@SteveLasker
Copy link
Contributor

Thanks @mattfarina,
Folks were trying to aggregate all the sub-project maintainers to have a single place to provide CNCF for access.
What I'm hearing you request is not having a single aggregation of all sub-project maintainers, but rather have a core set of org/steering committee members for CNCF voting and tools access.

@mattfarina
Copy link

What I'm hearing you request is not having a single aggregation of all sub-project maintainers, but rather have a core set of org/steering committee members for CNCF voting and tools access.

Do all maintainer get associated with the CNCF (which needs to be documented in some place) or are the org maintainers the only ones is a project level decision. I'm not suggesting one way or the other.

I'm still a little confused around the organizational structure for Notary. There are the org maintainers that oversee the project as a whole. Then there is Notary (the primary project) where we have a v1. Then there is a spec for the v2. Who are the maintainers of the spec? Then there is notation which is an implementation of the spec. How these things relate and which groups are responsible for which part isn't clear.

@yizha1
Copy link
Contributor

yizha1 commented Mar 20, 2023

Can we close this issue as PRs have been merged? @toddysm

@toddysm
Copy link
Contributor Author

toddysm commented Mar 20, 2023

This is addressed by #240

@toddysm toddysm closed this as completed Mar 20, 2023
@github-project-automation github-project-automation bot moved this from In Progress to Done in Notary Project Planning Board Mar 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment