8u/11u repo access and Jira changes

Aleksey Shipilev shade at redhat.com
Tue Feb 26 19:46:34 UTC 2019 

On 2/26/19 8:06 PM, Andrew Haley wrote:
> On 2/26/19 6:54 PM, Aleksey Shipilev wrote:
>> We would have lots of committers that come and push changesets to
>> update projects.
> 
> I don't quite understand this sentence.

Trying again: in update projects, we have lots of committers that are not intimately aware of all
the codified rules and conventions of the update project, no matter in how many words it is written
somewhere. The newcomer can just push to jdk8u/jdk8u without thinking twice. The experienced
committer can push to jdk8u/jdk8u by mistake. I do expect accidental pushes to jdk-updates/jdk11u
just because somebody forgot to switch to jdk-updates/jdk11u-dev.


>> I would very much prefer that machines prohibit us from committing
>> (pun intended) mistakes that can be mechanically checked. Regular
>> Reviewers and Committers have no business pushing into stable tree,
>> and this should be mechanically forbidden. There is no need to
>> restrict the push privileges to stable tree to maintainers only, but
>> it should be restricted to some subset of users who have the need to
>> modify it.
> 
> I don't object to that, as long as it's flexible enough to allow us
> quickly to authorize people to work on the release tree.

I think that: a) traffic to stable release should be small; b) traffic that goes to stable release
is probably coming through the maintainers anyway; c) ops@ are pretty responsive.

>> In other needs, trust people, but also set up processes so that they
>> cannot make simple mistakes.
> 
> This seems to contradict your earlier statement. blocking access
> to only allow maintainers doesn't only prevent mistakes.

Yes, that introduces barriers, friction, and more work. That is actually a good thing: good systems
provide barriers that prevent the majority of people from making simple mistakes at the cost of some
friction and making a few people lives a bit harder.

Maintainers basically subscribe themselves for maintenance chores. There are two ways to deal with
the additional work: a) Elect/designate more maintainers; b) Authorize _someone else_, not
necessarily a maintainer, to push to stable tree; this gets us out of this maintainer-committer
dichotomy to begin with.

I have no energy to fight it, though. If you want to keep stable tree pushable for everyone, fine. I
do reserve the right to say "told you so" every time the "Oops, I pushed to the wrong tree, sorry"
thread appears, requiring the backout, cleaning up the hgupdater mess in JIRA (I don't even want to
think how backouts work with backports...), and perhaps invalidating the testing done for the stable
release (which are also time-sensitive, tick-tock...) ;)

-Aleksey

More information about the jdk-updates-dev mailing list