--- tags: CNC --- # Maintainer Journey (what do they see / do) 1. Manage permissions via OWNERS file in repository. Make sure repo? contains an OWNERS file. This will be used for determining WHO has permission to chat w the bot. 2. File PR - starts process. Used to create account on CNCF master account. Requirements : (1) Provide Technical Support resource (2) Provide an SLA 3. CNC will monitor for consumption of credits and automatically issue credits. Business rules around consumption apply. “After getting set up with CNCF, projects can access these credits via a curated self-service portal, managed by CNCF.” # cncf.ci WG/TAG? CNCF Continuously Integrating everything-everyone-cloudnative An Ecosystem Wide CI Tooling / Policy / Flow team? Should we have a public place where we publish and invite CNCF projects to learn and get direct support from this team to setup and cross polinate CI? # CNCF Bot (Underlying Tech) The bot enables maintainers by providing for automation. HH ==> Chris A has granted permission for us to create a bot which has the necessary admin level perms across all orgs. Also [see this](https://docs.google.com/document/d/1aH3oYM69clPeGS-DfRuveBEOmUtjXjGK7CYOwR_fbEg/edit?usp=sharing) **What does the bot need to look like, permission-wise?** Apply principle of least-priviledge. WHERE? Hidden in a special, high-priviledge, cluster where access would be limited to folks like Chris A and Ihor. ## OWNERS file, Goals - Get confirmation on WHO they are. - ==OWNERS file for determining who lists people who have permission to chat w the bot. e.g. K8s steering committee.== Enables [CNCF Infra](https://github.com/cncf-infra) # Tooling ## Kubernetes style [OWNERS files](https://www.kubernetes.dev/docs/guide/owners/) Inspired by [Chromium OWNERS files](https://chromium.googlesource.com/chromium/src/+/master/docs/code_reviews.md) but adds labels (required and must-be-absent to merge), and when combined with tide, supports automatic merging. [Code Engineered blog on k8s OWNERS files](https://codeengineered.com/blog/2017/kubernetes-owners-files/) - labels: a list of GitHub labels to automatically apply to a PR - blunderbuss to assign - reviewers: a list of GitHub usernames or aliases that are good candidates to /lgtm a PR - approvers: a list of GitHub usernames or aliases that can /approve a PR [Code Review using OWNERS files](https://www.kubernetes.dev/docs/guide/owners/#code-review-using-owners-files) - @cncf-ci requests / assigned reviewers and approvers - @cncf-ci applies github labels - any human reviewers interact with bot via `/lgtm` - @cncf-ci adds **lgtm** label - human approvers (in OWNERS) interact with bot via `/approve` - @cncf-ci adds **approved** label once required approvals given ## [Prow plugins](https://www.kubernetes.dev/docs/guide/owners/#prowhttpsgitk8siotest-infraprow) - [tide](https://github.com/kubernetes/test-infra/tree/master/prow/cmd/tide#readme) will merge all current PRs if: - required labels are present - **lgtm**, **approve** - unwanted labels are absent - **needs-cla**, **missing-tests** ## Github style [OWNERS files](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners) Provided by github, inspired by k8s OWNERS. - limited to notifying OWNERS - optionally requiring approval for merge.