[Jenkins-infra] INFRA-2275: Allow CloudBees Product Hub App to access jenkinsci GitHub org?
R. Tyler Croy
rtyler at brokenco.de
Fri Oct 11 15:37:23 UTC 2019
(replies inline)
On Fri, 11 Oct 2019, Baptiste Mathus wrote:
> I would like to formally request the Jenkins Project considers approving the
> "CloudBees Product App" access to [1]https://github.com/jenkinsci/.
> I am tracking this at [2]https://issues.jenkins-ci.org/browse/INFRA-2275
>
> This GitHub App relates to ongoing CloudBees work around [3]Software Delivery
> Management, which was also demoed during [4]Devops World Jenkins World 2019
> some weeks ago.
Stuff like this I think is generally fine to enable at an organization level,
but we need to be mindful of a couple things:
* Whether the application is going to write any status checks, or show things
up in the UI. For applications that are going to drop things on every pull
request, for example, we should be more conservative.
* Whether the application is going to read and collect, to our knowledge,
member information. While the `jenkinsci` organization is open, authorized
applications can spam our members in a way that is not otherwise doable by a
web crawler (for example).
* And finally, does the application provide value to the Jenkins project. We
have a lot of rich and interesting data that some folks may want access to
for whatever reasons.
WIth this application, the only thing that is not answered to me is: what
value does this provide for the Jenkins project?
Cheers
--
GitHub: https://github.com/rtyler
GPG Key ID: 0F2298A980EE31ACCA0A7825E5C92681BEF6CEA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 839 bytes
Desc: OpenPGP digital signature
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20191011/63e4b420/attachment.asc>
More information about the Jenkins-infra
mailing list