council/tickets
council/tickets
14
0
Fork 0
Code Issues 14 Pull requests Projects Activity

Fedora forge usage policy #558

New issue
Open
opened 2026-03-10 10:49:23 +00:00 by humaton · 11 comments
humaton commented 2026-03-10 10:49:23 +00:00
Copy link

Summary

Create Fedora forge usage policy

Background

As we are finalizing work on the new forge, some of our contributors are already using it. We need a usage policy. I took the liberty of creating a draft

Details

The forge usage policy is approved and available.

Summary

Fedora users and contributors have clear guidelines for hosting repositories on our forge.

### Summary Create Fedora forge usage policy ### Background As we are finalizing work on the new forge, some of our contributors are already using it. We need a usage policy. I took the liberty of creating a [draft](https://forge.fedoraproject.org/forge/forge/wiki/Fedora-Forge-Usage-Policy) ### Details The forge usage policy is approved and available. ### Summary Fedora users and contributors have clear guidelines for hosting repositories on our forge.
👍 2 ❤️ 3
bookwar commented 2026-03-10 11:35:29 +00:00
Owner
Copy link

Thanks, amazing job on the draft!

Question: Does Fedora Forge allow bringing "your own" Action workers? Can organizations manage them indepently from Forge admins? Do we want a policy to cover that as well?

For example, let's say we grant the "exceptional" status to FreeIPA. But it can not fit into the current limits of the Forge Action runners. Can that exception come with the requirement that the project brings its own CI resources?

Thanks, amazing job on the draft! Question: Does Fedora Forge allow bringing "your own" Action workers? Can organizations manage them indepently from Forge admins? Do we want a policy to cover that as well? For example, let's say we grant the "exceptional" status to FreeIPA. But it can not fit into the current limits of the Forge Action runners. Can that exception come with the requirement that the project brings its own CI resources?
churchyard commented 2026-03-10 11:45:22 +00:00
Owner
Copy link

Thank you!

Personal Namespaces: Upon your first login, a personal namespace (e.g., forge.fedoraproject.org/your-fas-username) is automatically provisioned for you.

But I cannot create projects within, other than by forking, correct? This is not clear to me from the text (perhaps I missed it).

open a ticket with the Fedora Infrastructure team

Could we add a link to such statements? E.g. is it https://forge.fedoraproject.org/infra/tickets or https://forge.fedoraproject.org/forge/forge/issues

Thank you! > Personal Namespaces: Upon your first login, a personal namespace (e.g., forge.fedoraproject.org/your-fas-username) is automatically provisioned for you. But I cannot create projects within, other than by forking, correct? This is not clear to me from the text (perhaps I missed it). > open a ticket with the Fedora Infrastructure team Could we add a link to such statements? E.g. is it https://forge.fedoraproject.org/infra/tickets or https://forge.fedoraproject.org/forge/forge/issues
humaton commented 2026-03-10 19:29:22 +00:00
Author
Copy link

Did some updates, added section on bring your own runners. And some links.

We are still missing some docs pages so some links are pointing to the issue tracker.

It's WIP, if you want just enable wiki on any repo in this org and I can copy the .md file there so anybody in this org can edit it.

Did some updates, added section on bring your own runners. And some links. We are still missing some docs pages so some links are pointing to the issue tracker. It's WIP, if you want just enable wiki on any repo in this org and I can copy the .md file there so anybody in this org can edit it.
👍 1
churchyard commented 2026-03-10 20:09:23 +00:00
Owner
Copy link

The draft is on the forge/forge wiki. I don't seem to be able to edit it.

The CI/CD changes on shared runners seem to have left over the original, so some info is now duplicated.

The draft is on the forge/forge wiki. I don't seem to be able to edit it. [The CI/CD changes on shared runners](https://forge.fedoraproject.org/forge/forge/wiki/commit/5d1ec5659d9dda868cbedea9e741dcd1b33d0bd8) seem to have left over the original, so some info is now duplicated.
humaton commented 2026-03-10 21:00:58 +00:00
Author
Copy link

@churchyard wrote in #558 (comment):

The draft is on the forge/forge wiki. I don't seem to be able to edit it.

We can move it anywhere, just enable wiki in any repo in this org. Than its git clone the forge wiki and cp.

The CI/CD changes on shared runners seem to have left over the original, so some info is now duplicated.

Fixed.

@churchyard wrote in https://forge.fedoraproject.org/council/tickets/issues/558#issuecomment-577175: > The draft is on the forge/forge wiki. I don't seem to be able to edit it. We can move it anywhere, just enable wiki in any repo in this org. Than its git clone the forge wiki and cp. > [The CI/CD changes on shared runners](https://forge.fedoraproject.org/forge/forge/wiki/commit/5d1ec5659d9dda868cbedea9e741dcd1b33d0bd8) seem to have left over the original, so some info is now duplicated. Fixed.
gotmax23 commented 2026-03-11 01:40:18 +00:00
Copy link

The Infrastructure team reserves the right to automatically archive repositories that have seen no activity for 6 months.

This seems a bit aggressive.

> The Infrastructure team reserves the right to automatically archive repositories that have seen no activity for 6 months. This seems a bit aggressive.
jflory7 added this to the Fedora Linux 44 milestone 2026-03-11 15:11:15 +00:00
bookwar commented 2026-03-18 21:04:51 +00:00
Owner
Copy link

@gotmax23 wrote in #558 (comment):

The Infrastructure team reserves the right to automatically archive repositories that have seen no activity for 6 months.

This seems a bit aggressive.

What would be your suggestion? A year?

I would assume that the archiving won't happen without at least an attempt to send a notification.

@humaton Can we agree that the archiving action can only be applied if we made an attempt to contact the repo owner a week in advance?

@gotmax23 wrote in https://forge.fedoraproject.org/council/tickets/issues/558#issuecomment-577197: > > The Infrastructure team reserves the right to automatically archive repositories that have seen no activity for 6 months. > > This seems a bit aggressive. What would be your suggestion? A year? I would assume that the archiving won't happen without at least an attempt to send a notification. @humaton Can we agree that the archiving action can only be applied if we made an attempt to contact the repo owner a week in advance?
gotmax23 commented 2026-03-19 02:55:23 +00:00
Copy link

That's more reasonable, but what is the function of archiving repositories in the first place?

That's more reasonable, but what is the function of archiving repositories in the first place?
siosm commented 2026-03-25 15:17:01 +00:00
Copy link

This policy looks good to me.

For the archiving part, maybe we do could something like:

Notify the project via an issue if the repo has been inactive for 6 months. If the issue does not get a reply from a maintainer in 2 months, the repo is archived.

But really, it should be fairly easy to request un-archiving repos so we might as well make it an automatic thing so that we don't have to think about it.

This policy looks good to me. For the archiving part, maybe we do could something like: > Notify the project via an issue if the repo has been inactive for 6 months. If the issue does not get a reply from a maintainer in 2 months, the repo is archived. But really, it should be fairly easy to request un-archiving repos so we might as well make it an automatic thing so that we don't have to think about it.
jflory7 commented 2026-03-31 00:26:36 +00:00
Owner
Copy link

+1 to the policy proposal draft. It provides essential context for the Fedora Forge.

To make this official and for the Council votes to mean something, we must follow the Policy Change Policy:

Proposed changes to Fedora Council policies must be publicly announced on the #council tag on Fedora Discussion and in a Fedora Community Blog post in order to get feedback from the community. After a minimum of two calendar weeks, the Fedora Council may vote on the proposed change using the full-consensus voting model. After approval, the change is reflected on the Fedora Council policies page.

Next Steps for Approval

  1. Publish a brief (1-2 paragraph) announcement on the Community Blog. Link to the longer read in this article.
  2. Open a topic on Fedora Discussion to collect community feedback.
    • Note: If preferred, a Council member could do this step since we do not have automatic posts on Fedora Discussion from Fedora Council tickets on Forgejo anymore/yet.
  3. Wait the required two weeks.
  4. The Council holds a formal, scheduled vote.
  5. If passed, submit a PR to update the official docs.

@humaton: Do you have the capacity to write the short Community Blog post and open the Discussion topic? If your bandwidth is tight, please let me know and a Council member can take ownership of this step. (Your previous blog post was highly effective, but this new notice only needs to be a brief link to the draft and the Discussion thread).

@bookwar wrote in #558 (comment):

Thanks, amazing job on the draft!

+1 @bookwar. Thank you, @humaton and the Forge team, for driving this. Writing policy is tedious, but establishing clear rules now will avoid or reduce major friction later as Forgejo usage scales up.

@siosm wrote in #558 (comment):

For the archiving part, maybe we do could something like:

Notify the project via an issue if the repo has been inactive for 6 months. If the issue does not get a reply from a maintainer in 2 months, the repo is archived.

Regarding the archiving timeline: Instead of a flat 6-month timestamp, what if we tied inactivity directly to the Fedora release cycle? If a repository shows zero activity for the entire lifespan of a currently supported Fedora Linux release (approximately 13 months), we flag it for archiving. This aligns repository maintenance directly with our OS support windows.

Let me know if you think this overcomplicates the automation logic.

+1 to the policy proposal draft. It provides essential context for the Fedora Forge. To make this official and for the Council votes to mean something, we must follow the [Policy Change Policy](https://docs.fedoraproject.org/en-US/council/policy/policy-change-policy/): > Proposed changes to Fedora Council policies must be publicly announced on the #council tag on Fedora Discussion and in a Fedora Community Blog post in order to get feedback from the community. After a minimum of two calendar weeks, the Fedora Council may vote on the proposed change using the full-consensus voting model. After approval, the change is reflected on the Fedora Council policies page. ### Next Steps for Approval 1. Publish a brief (1-2 paragraph) announcement on the Community Blog. Link to [the longer read](https://communityblog.fedoraproject.org/the-forge-is-our-new-home/) in this article. 2. Open a topic on Fedora Discussion to collect community feedback. * _Note_: If preferred, a Council member could do this step since we do not have automatic posts on Fedora Discussion from Fedora Council tickets on Forgejo anymore/yet. 3. Wait the required two weeks. 4. The Council holds a formal, scheduled vote. 5. If passed, submit a PR to update the official docs. @humaton: Do you have the capacity to write the short Community Blog post and open the Discussion topic? If your bandwidth is tight, please let me know and a Council member can take ownership of this step. (Your previous [blog post](https://communityblog.fedoraproject.org/the-forge-is-our-new-home/) was highly effective, but this new notice only needs to be a brief link to the draft and the Discussion thread). --- @bookwar wrote in https://forge.fedoraproject.org/council/tickets/issues/558#issuecomment-577019: > Thanks, amazing job on the draft! +1 @bookwar. Thank you, @humaton and the Forge team, for driving this. Writing policy is tedious, but establishing clear rules now will avoid or reduce major friction later as Forgejo usage scales up. --- @siosm wrote in https://forge.fedoraproject.org/council/tickets/issues/558#issuecomment-593196: > For the archiving part, maybe we do could something like: > > > Notify the project via an issue if the repo has been inactive for 6 months. If the issue does not get a reply from a maintainer in 2 months, the repo is archived. Regarding the archiving timeline: Instead of a flat 6-month timestamp, what if we tied inactivity directly to the Fedora release cycle? If a repository shows zero activity for the entire lifespan of a currently supported Fedora Linux release (approximately 13 months), we flag it for archiving. This aligns repository maintenance directly with our OS support windows. Let me know if you think this overcomplicates the automation logic.
jflory7 self-assigned this 2026-03-31 00:26:58 +00:00
jflory7 commented 2026-03-31 03:44:04 +00:00
Owner
Copy link

I had time for a formal review pass. I organized my feedback into a few minor copyedits and two broader policy questions for us to weigh in on.

Minor Copyedits & Links

"Organizations and Teams: To prevent organizational sprawl, the creation of top-level Organizations (e.g., /infra or /quality) is restricted. If your Fedora team or SIG needs a dedicated Organization space, please open a ticket with the Forge team. Organization owners are responsible for managing team access within their assigned space."

The Forge team link should point directly to the new organization issue template.

"To ensure the Fedora Forge remains perform-ant, […]"

"Registration Process: To register a dedicated runner for your team, please review our Runner Registration Docs and ensure your runner is secured according to Fedora Infrastructure standards."

Typos & Broken Links: Fix perform-ant to performant, and update the incorrect link for the Runner Registration Docs.

"Naming Conventions: Please use clear, descriptive names for repositories so other community members can easily understand their purpose."

It might help to provide a couple of clear examples here (e.g., a "tickets" repo for planning or "docs" for a Fedora Docs site).

"Getting Help: For technical issues with the Fedora Forge (e.g., CI runner failures, login issues, requesting an Organization), please open a ticket on the Fedora Infrastructure Tracker or ask in the #fedora-admin Matrix channel."

The Matrix channel link should be corrected to #admin:fedoraproject.org.

Open Question 1: FPCA and Forge Access

Since ticket #410 is still open and the FPCA remains our current governing policy, should the Forge usage policy explicitly note this default licensing requirement? We might even consider requiring an FPCA signature just to authenticate into Forge. This could serve as a safe bridge while we figure out the long-term implicit consent model, though we should carefully weigh this against any extra friction it might create for new contributors.

Open Question 2: API Usage & Infrastructure Health

The current rule requiring user-agent strings for API usage is great. However, should we also establish a boundary around heavy, automated API scraping—specifically regarding mass data ingestion for LLM training? While we may eventually want to encourage responsible, community-sanctioned AI training on our public platforms, our immediate priority needs to be protecting the Forge infrastructure from being overwhelmed by uncoordinated scraping. Adding a clause focused purely on abuse prevention and infrastructure health might be a smart safeguard.

I had time for a formal review pass. I organized my feedback into a few minor copyedits and two broader policy questions for us to weigh in on. ## Minor Copyedits & Links > "**Organizations and Teams**: To prevent organizational sprawl, the creation of top-level Organizations (e.g., /infra or /quality) is restricted. If your Fedora team or SIG needs a dedicated Organization space, please open a ticket with the [**Forge team**](https://forge.fedoraproject.org/forge/forge/issues). Organization owners are responsible for managing team access within their assigned space." The Forge team link should point directly to the [new organization issue template](https://forge.fedoraproject.org/forge/forge/issues/new?template=.forgejo%2fissue_template%2fnew_organization.yml). >"To ensure the Fedora Forge remains perform-ant, […]" > > "**Registration Process**: To register a dedicated runner for your team, please review our [**Runner Registration Docs**](https://forge.fedoraproject.org/forge/forge) and ensure your runner is secured according to Fedora Infrastructure standards." **Typos & Broken Links:** Fix `perform-ant` to `performant`, and update the incorrect link for the **Runner Registration Docs**. > "**Naming Conventions**: Please use clear, descriptive names for repositories so other community members can easily understand their purpose." It might help to provide a couple of clear examples here (e.g., `a "tickets" repo for planning or "docs" for a Fedora Docs site`). > "**Getting Help**: For technical issues with the Fedora Forge (e.g., CI runner failures, login issues, requesting an Organization), please open a ticket on the [**Fedora Infrastructure Tracker**](https://forge.fedoraproject.org/forge/forge/issues) or ask in the [**#fedora-admin**](https://matrix.to/#/%23fedora-admin:fedoraproject.org) Matrix channel." The Matrix channel link should be corrected to `#admin:fedoraproject.org`. ## Open Question 1: FPCA and Forge Access Since ticket #410 is still open and the FPCA remains our current governing policy, should the Forge usage policy explicitly note this default licensing requirement? We might even consider requiring an FPCA signature just to authenticate into Forge. This could serve as a safe bridge while we figure out the long-term implicit consent model, though we should carefully weigh this against any extra friction it might create for new contributors. ## Open Question 2: API Usage & Infrastructure Health The current rule requiring user-agent strings for API usage is great. However, should we also establish a boundary around heavy, automated API scraping—specifically regarding mass data ingestion for LLM training? While we may eventually want to encourage responsible, community-sanctioned AI training on our public platforms, our immediate priority needs to be protecting the Forge infrastructure from being overwhelmed by uncoordinated scraping. Adding a clause focused purely on abuse prevention and infrastructure health might be a smart safeguard.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
No results found.
Labels
Clear labels   
category
budget

  
category
code-of-conduct

  
category
docs

  
category
elections

  
category
events

  
category
initiatives

  
category
mindshare

  
category
policies

  
category
spending-request
"Budget" is for big-picture things. This is for as-we-go allocations.

  
category
Strategy Summit

  
category
trademarks

  
state
resolved
Tickets that were resolved or fixed by the Fedora Council

  
good first issue

Good tickets to begin with (if you want to get involved, try working on one of these!)

  
help wanted

Tickets where we need help or need feedback from the wider Fedora community

  
?
needs changes
Needs changes or fixes before closing

  
?
needs reporter feedback
Additional feedback or information from the reporter is needed to advance

  
?
needs triage
A repository maintainer is needed to triage this further

  
?
needs vote
A vote is required from Fedora Council members in order to advance

  
role
engineering
Needs attention from the Council FESCo Representative

  
role
fca
Needs attention from the Fedora Community Architect

  
role
foa
Needs attention from the Fedora Operations Architect

  
role
fpl
Needs attention from the Fedora Project Leader

  
role
initiative lead
Needs attention from a Community Initiative (Co-)Lead

  
role
mindshare
Needs attention from the Council Mindshare Committee Representative

  
scope
bug
Something isn't working

  
scope
improvement
Requests for something we are either repeating or improving

  
scope
new
Requests for a new task or project

  
state
approved
Tickets that received approval by the Fedora Council

  
state
blocked
Cannot move forward: blocked by feedback, other tickets, etc.

  
state
duplicate
This issue or pull request already exists

  
state
invalid
This doesn't seem right

  
state
wontfix
This will not be worked on

No labels
category
budget
category
code-of-conduct
category
docs
category
elections
category
events
category
initiatives
category
mindshare
category
policies
category
spending-request
category
Strategy Summit
category
trademarks
state
resolved
good first issue
help wanted
?
needs changes
?
needs reporter feedback
?
needs triage
?
needs vote
role
engineering
role
fca
role
foa
role
fpl
role
initiative lead
role
mindshare
scope
bug
scope
improvement
scope
new
state
approved
state
blocked
state
duplicate
state
invalid
state
wontfix
Milestone
Clear milestone
No items
No milestone
Flock 2026
Projects
Clear projects
No items
No project
Council Meeting Planner
Assignees
Clear assignees
No assignees
jflory7
6 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
council/tickets#558
No description provided.