Closed Bug 1959991 Opened 8 days ago Closed 2 days ago

Access to Github mozilla-fakespot organization for dkirchner

Categories

(mozilla.org :: Github: Administration, task)

Product:
mozilla.org
Component:
Github: Administration
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dkirchner, Assigned: cknowles)

References

Details

I've read https://wiki.mozilla.org/GitHub#Team_Maintainers_.26_Project_Leads, and need help adding a contributor to the org: mozilla-fakespot

Name: Dimitri Kirchner
Mozilla Email: dkirchner@mozilla.com
Github Profile link: https://github.com/Tibap
Github Team(s) REQUIRED: Any Security team if a similar team already exists in that org today. Otherwise, a new team called "Product Security" can be created.
Reason: This would allow the security team to monitor for security problems and help the Fakespot team with the remediation. For example, we are currently trying to assess which repos across Mozilla Github orgs are building Docker images but do not follow best practices described here: https://wiki.mozilla.org/GitHub/Repository_Security/GitHub_Workflows_%26_Actions#Docker_Security_Best_Practices

If this is not being requested by a team maintainer, please request their approval via need-info.

OK, let me ask Joe McBride about this - Joe - I'm happy to create a product security team - and we can grant that team easy access (at level you like, read/write/admin) to all repos in the org.

Let me know if that works for you - or any other ideas, and we can get things moving.

Flags: needinfo?(jmcbride)
Assignee: nobody → cknowles

Approved

Flags: needinfo?(jmcbride)

Please set to read for now

Blocks: 1961208

Alright - Created product security team with read to all repos in the org.

Dimitri - You will be getting two invites. First from people.mozilla.org: invites to the group ghe_mozilla-fakespot_users - please accept this before proceeding.
Next, from GitHub to whatever email address you have associated with your GitHub account. The invites to the mozilla-fakespot org(s) - once you accept these and sign into GitHub you'll be a member of the org(s), and the requested teams.

If you can't find that GitHub invite, go to the following link and next to the desired organization name, there should be an option to accept an invite. https://github.com/settings/organizations

Note that invites expire after a week, and so if you need things re-sent please update this bug.

Once you’re signed into the org, there may be some changes you need to make if you use PAT/SSH/gh cli/other-tools - directions for that live here: https://wiki.mozilla.org/GitHub/GHE_SAML_User_FAQ#Alright.2C_I.27ve_SAML.27d_what_now.3F

Please let us know if there's any questions or concerns

No longer blocks: 1961208
Status: NEW → RESOLVED
Closed: 2 days ago
Resolution: --- → FIXED
See Also: → 1961208
You need to log in before you can comment on or make changes to this bug.