community
community copied to clipboard
open-telemetry
Update otel bot permissions
~~Related to #2234~~
Updated: This is required for https://github.com/open-telemetry/community/issues/2277, needed by @open-telemetry/javascript-maintainers: "read:org permission would allow us to update descriptions for PRs opened by @opentelemetrybot. Recently we added a workflow to automatically create release PRs, but the workflow can't edit the description of its own PR without read:org."
FYI, I've already assigned this scope to the OpenTelemetry bot. If we end up not accepting this PR, we should revert the scope.
FYI, I've reverted the read:org permission from the opentelemetrybot org secret token, since it seems like we're likely to go in a different direction than this.
FYI, I've reverted the
read:orgpermission from the opentelemetrybot org secret token, since it seems like we're likely to go in a different direction than this.
We (OTel JS SIG) would actually appreciate having the read:org permission. :slightly_smiling_face:
It would allow us to update descriptions for PRs opened by @opentelemetrybot. Recently we added a workflow to automatically create release PRs, the workflow can't edit the description of its own PR without read:org permissions.
See https://github.com/open-telemetry/opentelemetry-js/pull/4849, https://github.com/open-telemetry/opentelemetry-js/actions/runs/10195580438/job/28204768571#step:8:389
We (OTel JS SIG) would actually appreciate having the
read:orgpermission.
I think it's ok to give @opentelemetrybot the read:org permission
from https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes, read:org is:
Read-only access to organization membership, organization projects, and team membership.
and @opentelemetrybot doesn't have any special read privileges to the @open-telemetry org (it is just a normal org member).
@pichlermarc can you open a repository maintenance issue in this repo and we can see if there's agreement from others?
@pichlermarc can you open a repository maintenance issue in this repo and we can see if there's agreement from others?
Sure thing - opened #2277 just now. Thanks :raised_hands:
FYI, I've reverted the
read:orgpermission from the opentelemetrybot org secret token, since it seems like we're likely to go in a different direction than this.
@jack-berg can you re-revert it now that we need it for #2277? (and then also we can re-test without triage permission in the website repo)
@jack-berg can you re-revert it now that we need it for https://github.com/open-telemetry/community/issues/2277? (and then also we can re-test without triage permission in the website repo)
done
@open-telemetry/technical-committee @open-telemetry/governance-committee please review this PR, we want to move forward with it again, thanks
@open-telemetry/technical-committee @open-telemetry/governance-committee please review this PR, we want to move forward with it again, thanks
I am confused about what is being added after reverts and re-reverts :-)
@svrnm can you please update the PR description to clarify the change, why and what is being changed?
I am confused about what is being added after reverts and re-reverts :-) @svrnm can you please update the PR description to clarify the change, why and what is being changed?
I am confused as well, but if I understand it correctly the JS SIG wants to have the permissions I listed here, so the PR content should be good? Trying to update the description to reflect that
@open-telemetry/technical-committee @open-telemetry/governance-committee the PR description is updated and ready for review, thanks!
