On 24/10/17 09:45, Fabian Arrotin wrote: > Here are some notes taken from the CERN pre-dojo meeting from last week : > > <paste> > Allow SIGs to have separate accounts for build bots > - separate user accounts from "bot" accounts for security reasons > - [proposal] have an email alias (not list) per sig for the bots, like > sig-<bla>@centos.org pointing to the SIG's chair > - [proposal] SIG chair must request or approve email alias requests/ > ACO account creation sent to CentOS Board chairman > </paste> > > So, (as also discussed yesterday in the CBS meeting - > https://www.centos.org/minutes/2017/October/centos-devel.2017-10-23-14.01.log.html) > > The proposal would be to create a @centosproject.org (or @centos.org) > email alias, that would go to SIG chair, and that would be used to > create an account on https://accounts.centos.org > While we can manually generate x509 cert with longer validity period, we > discussed the fact that using centos-cert just takes 2 seconds every 6 > months, so SIG members who were present didn't find it a real issue. > (email notifications go to SIG chair - and/or other members ? - in > advance so easy to follow) > > That's probably the workflow people use already anyway, while Brian > confirmed that longer-term a proper credentials store would be on the > roadmap, but soon. > > I'd like to see a better write up of the use cases for these bot's -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc