admin icon indicating copy to clipboard operation
admin copied to clipboard

Published 20 hours ago verified publisher icon nodejs

blocklist import/export

Open bnb opened this issue 3 years ago • 5 comments

per the recent discussion around the moderation team and importing/exporting the blocklist across our three orgs (nodejs, pkgjs, and nodejs-private), I went ahead and built out a GitHub Action that allows us to import blocklists from one organization to another organization. In practice, this means that if someone is blocked in the nodejs org, that block can be imported to the other organizations automatically (presumably on a cron or manual run of the Action, rather than being directly triggered by the block event).

You can find the code in cutenode/action-import-blocklist. Implementing it requires a PAT from an account (presumably, in our case, the Node.js bot account) that has the full admin:org permissions, which is required by the GitHub API.

@nodejs/tsc @nodejs/actions want to get feedback on this. My proposal:

  • implement syncing to pkgjs and nodejs-private by setting up .github repositories in both and adding workflows. I'm happy to help with this, but it's pretty trivial.
  • alternatively, implement syncing by setting up a .github repo in the nodejs org, allowing us to have control within the project of where our blocklist is being exported to and not providing admin:org tokens to those orgs (pkgjs is notably more permissive).

questions I have:

  • currently, the Action uses console.log() to output what's happening. This does include usernames. Is this okay, or would we want to omit those?
  • I'd prefer to move the action to a project-owned organization. Does this belong under nodejs or under pkgjs?

bnb avatar Feb 08 '22 19:02 bnb

@nodejs/tsc PTAL. Also, this would be good to at least mention, if not discuss, at the TSC meeting on Thursday.

Trott avatar Feb 09 '22 01:02 Trott

I think pkgjs is probably a better place for it.

ljharb avatar Feb 09 '22 02:02 ljharb

@Trott has there been any decision from the TSC on implementing this?

bnb avatar Mar 15 '22 16:03 bnb

@bnb my recollection is that there were no concerns raised and understanding was that it could move forward.

mhdawson avatar Mar 15 '22 19:03 mhdawson

I've moved the repo to pkgjs/action-import-blocklist and have opened https://github.com/nodejs/.github/pull/1 which adds the Action to our organization. I specifically put it in our organization because I'd like to keep control of our data and PATs within the org we more aggressively maintain.

I will need to add a token to the nodejs/.github repo from an account that has admin:org permissions in both organizations. My assumption is that @nodejs-github-bot is the correct account for this. I've created https://github.com/nodejs/admin/issues/672 to request this.

bnb avatar Mar 24 '22 16:03 bnb