Adjust org owners/admins (#202)

* Update libp2p.yml - reduce org owners/admins * Update libp2p.yml - rearrange fixes * fix@7875325257 [skip fix] * Update libp2p.yml - more rearrange fixes * fix@7875352051 [skip fix] * Update libp2p.yml - rearrange fixes * Update libp2p.yml - cleanup github-mgmt stewards team * Further reducing libp2p org owner permissions * Update libp2p.yml * Update libp2p.yml --------- Co-authored-by: BigLep <[email protected]> Co-authored-by: libp2p-mgmt-read-write[bot] <104492852+libp2p-mgmt-read-write[bot]@users.noreply.github.com>
libp2p · Feb 16, 2024 · af2d053 · af2d053
1 parent b7f8975
commit af2d053
Showing 1 changed file with 54 additions and 20 deletions.
diff --git a/github/libp2p.yml b/github/libp2p.yml
@@ -1,18 +1,23 @@
 # yaml-language-server: $schema=.schema.json
 
 members:
+  # Admin permissions map to "org owner" permissions listed in 
+  # https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-rolesare 
+  # These permissions are very broad, and thus the list of people is intentionally minimal.
+  # Day-to-day administrating is done by those in the "github-mgmt Stewards" team (see team below).  
+  # "github-mgmt Stewards" team can still escalate into org owner permissions if/when needed.  
+  # This minimal owner set plus supporting rationale was documented and discussed in https://github.com/ipfs/ipfs/issues/511 .
   admin:
+    # Why @andyschwab-admin?
+    # 1. leader of [Sodal](https://sodal.io/)
+    # 2. has close access to [sead](https://www.sead.ai/), which is charged with sysadmin for critical systems within the wider Protocol Labs Network
+    # 3. general long-standing sysadmin for these organizations with his past roles at PL Inc
+    # 4. This isn't andyschwab's day-to-day GitHub account
     - andyschwab-admin
-    - aschmahmann
-    - daviddias
+    # Why @galargh?
+    # 1. co-founder of [IPDX](https://ipdx.co), and IPDX is contracted to look after GitHub for this organization.
+    # 2. Multiple years of experience managing GitHub organizations of open source projects, including this org.
     - galargh
-    - jacobheun
-    - jbenet
-    - marten-seemann
-    - momack2
-    - raulk
-    - Stebalien
-    - whyrusleeping
   member:
     - 2color
     - aamnv
@@ -31,11 +36,13 @@ members:
     - anorth
     - arajasek
     - art-gor
+    - aschmahmann
     - autonome
     - BigLep
     - bigs
     - cemozerr
     - ChihChengLiang
+    - daviddias
     - dennis-tra
     - dharmapunk82
     - dhuseby
@@ -65,6 +72,8 @@ members:
     - iceseer
     - igor-egorov
     - ipfsbot
+    - jacobheun
+    - jbenet
     - jbenetsafer
     - jchris
     - JGAntunes
@@ -86,6 +95,7 @@ members:
     - locotorp
     - magik6k
     - MarcoPolo
+    - marten-seemann
     - maschad
     - masih
     - mbaxter
@@ -95,6 +105,7 @@ members:
     - miyazono
     - mkalinin
     - mkg20001
+    - momack2
     - mpetrunic
     - mvid
     - mxinden
@@ -109,6 +120,7 @@ members:
     - pipermerriam
     - protolambda
     - ralexstokes
+    - raulk
     - RichardLitt
     - richardschneider
     - robzajac
@@ -117,6 +129,7 @@ members:
     - salmad3
     - SgtPooki
     - snazha-blkio
+    - Stebalien
     - stongo
     - stuckinaboot
     - sukunrt
@@ -136,6 +149,7 @@ members:
     - web3-bot
     - wemeetagain
     - whizzzkid
+    - whyrusleeping
     - willscott
     - xDimon
     - yiannisbot
@@ -8162,25 +8176,45 @@ teams:
         - salmad3
     privacy: closed
   github-mgmt stewards:
-    # NOTE: created to capture users with push+ access to github-mgmt repository
-    #  using a team instead of direct collaborators because we want to reference it in the CODEOWNERS file
+    # Notes: 
+    # 1. These members have push+ access to the github-mgmt repository (in addition to the ipdx team and the org owners listed in "members.admin" above).
+    # 2. This team also has the org-level "moderator" and "security manager" role.
+    #    This is configured through the GitHub UI, not in GitHub management.
+    #    (Org-level role documentation: https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)
+    # 3. Having a team instead of direct collaborators on the github-mgmt repository also enables easy reference in the github-mgmt CODEOWNERS file.
+    # 4. Leaning on "github-mgmt stewards" for day-to-day admin over true org owners was done
+    #    as part of the effort to reduce org owners in https://github.com/ipfs/ipfs/issues/511
     description: Users that are effectively org admins
     members:
-      # WARN: membership here should be treated exactly as cautiosly as having an org admin role
+      # WARN: membership here should be treated as cautiously as having an "org owner" role,
+      # since one can escalate their privileges accordingly.
       # ATTN: members are expected to:
       #  - be familiar with GitHub Management
       #  - be ready to triage/review org configuration change request in github-mgmt
-      maintainer:
-        - aschmahmann
-        - BigLep
-        - dhuseby
-        - marten-seemann
-        - mxinden
+      # INFO: Intentionally don't have any "maintainers" so that additional membership is done through github-mgmt rather than the GitHub UI.
+      # INFO: There are others who could certainly qualify to be members of this team.  
+      # There is a balance to be had to ensure there are enough knowledgeable people available to support the needs/requests of the github org,
+      # and reducing risk by not having too many with the escalation path that this role affords.
       member:
+        # Why @achingbrain?
+        # 1. Long-time and active libp2p maintainer, especially to js-libp2p.
+        # 2. JS leader at IP Shipyard, which is an organization receiving significant grant funding for libp2p development and maintenance.
         - achingbrain
-        - MarcoPolo
+        # Why @dhuseby?
+        # 1. Project community leader interfacing with multiple implementation teams.
+        - dhuseby
+        # Why p-shahi?
+        # 1. TPM for libp2p implementations like go-libp2p and js-libp2p as part of IP Shipyard and cross-implementation technical work.
+        # 2. Active and experienced with github-mgmt in helping engineering teams the last year.
         - p-shahi
-        - willscott
+        # Why @raulk?
+        # 1. Lots of previous libp2p project leadership experience.
+        # 2. Taking active leadership role in 2024 libp2p Foundation.
+        - raulk
+        # Why @Stebalien?
+        # 1. Not involved in the libp2p day-to-day currently, but has a lot of historical knowledge.  Provides an informed outside perspective.
+        # 2. Familiar with github-mgmt responsibilities in other orgs.
+        - Stebalien
     privacy: closed
   go-libp2p Maintainers:
     description: Trusted reviewers for merging into go-libp2p repositories.