Review third-party application access to llvm github organization and create guidelines for granting access

Question

Review third-party application access to llvm github organization and create guidelines for granting access

tstellar opened this issue 4 years ago · 13 comments

tstellar commented 4 years ago

We have the following third-party applications approved to access the llvm organization:

Sourcerer
Buildkite
LLVM Buildbot
LLVM Staging Buildbot
LLVM Buildbot

https://github.com/organizations/llvm/settings/oauth_application_policy

We should review this and decide what are still needed and create guidelines for granting access.

Answer 1 · 2021-05-09T12:30:40.000Z

FYI I do not have read permission for this link (and I think it is right).

The github has two level permission model (org, repo) and people can be organized as teams. Buildbots should not have write/push permission for modifying repo.

Answer 2 · 2021-05-09T16:28:29.000Z

Is the "build status" on GitHub commits requiring some level of write permissions?

Answer 3 · 2021-05-10T10:12:31.000Z

For the CI systems, I suppose they send the build results back to GitHub to be displayed in the commit history:
UI, API

The documentation says, users need push access to be able to set these status.

Answer 4 · 2021-05-10T10:14:43.000Z

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

Answer 5 · 2021-05-10T21:29:23.000Z

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

Yes, that's it.

Answer 6 · 2021-05-11T07:36:48.000Z

My proposal:

Keep the CI systems (Buildkite, LLVM Buildbot, LLVM Staging Buildbot), as they report build results back to GitHub. I see a clear value in having an overview of all build results.
Remove Sourcerer.io as I do not understand why they need access to our repository. If they want to index the data, they can do that anyway.

For the policy I would propose:

We should define a body within LLVM who reviews and takes these decisions (board? iwg?).
The decisions should be documented. The features of each application must clearly outweigh the security/safety/privacy concerns.
The decision should be sent out to the community for review, feedback shall be reviewed and discussed with in 2 weeks and the decision shall be revisited then.
Once a year the body shall go through the entire list and check if they are still needed.

Footnote:
Sourcerer.io seems to be collecting user data without user consent. I am not sure if this is in line with GDPR.

Answer 7 · 2021-05-11T07:39:12.000Z

@tstellar what is "Sourcerer"? Is it https://sourcerer.io/ ?

Yes, that's it.

Here's an example page of a user profile on sourcerer.io (found via Google search):
https://sourcerer.io/josh-payne

Answer 8 · 2021-06-22T15:42:48.000Z

FYI: I added integration to LLVM buildbots, so they will report the status of revisions there.

Answer 9 · 2021-06-30T05:30:33.000Z

I've removed sourcerer.io from the list of third-party apps, so now all that are left are buildbot and buildkite, which are fine.

Answer 10 · 2021-06-30T06:41:40.000Z

How do you want to proceed with the general guidelines for this? Where do you want to document them?

Answer 11 · 2021-08-17T15:11:51.000Z

next step: @ChristianKuehnel create a proposal for a document in the llvm-project, send it to mailing list for review.

Answer 12 · 2021-10-12T13:41:31.000Z

stale effort, removing from our backlog

Answer 13 · 2021-10-13T15:16:31.000Z

I created a proposal for such a policy:
https://reviews.llvm.org/D111723