From 1c48bfe327cf4f91b13e1fb63a728bf3a7dae549 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Wed, 12 Dec 2018 10:48:16 +1100 Subject: [PATCH] Enable github shared admin account This change describes the shared github administrator account. This is inspired by I0c61f192a6b5164af7babde5c99e5ee2b77a652c. As described there, this allows for admins to have private accounts in the organisation, but requires that 2FA be turned on. If people wish to keep this as a single account which they do "real" work with (commits, etc) that is probably OK, but add a note that you'll end up with a lot of mostly irrelevant stuff in your feeds. Change-Id: Ic408250571133796b4b4639715fe8d01f91898f2 --- doc/source/sysadmin.rst | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/doc/source/sysadmin.rst b/doc/source/sysadmin.rst index 5aab23208d..308f2c29e6 100644 --- a/doc/source/sysadmin.rst +++ b/doc/source/sysadmin.rst @@ -190,10 +190,20 @@ Git repositories, only Gerrit will be permitted to commit code to OpenStack repositories. Because GitHub always allows project administrators to commit code, accounts that have access to manage the GitHub projects necessarily will have commit access to the -repositories. Therefore, to avoid inadvertent commits to the public -repositories, unique administrative-only accounts must be used to -manage the OpenStack GitHub organization and projects. These accounts -will not be used to check out or commit code for any project. +repositories. + +A shared Github administrative account is available (credentials +stored in the global authentication location). If administrators +would prefer to keep a separate account, it can be added to the +organisation after discussion and noting the caveats around elevated +access. The account must have 2FA enabled. + +In either case, the adminstrator accounts should not be used to check +out or commit code for any project. + +Note that it is unlikely to be useful to use an account also used for +active development, as you will be subscribed to many notifications +for all projects. Root only information #####################