quality/tickets
10
2
Fork 0
Code Issues 50 Projects Activity Actions

Perform QA groups cleanup #900

New issue
Closed
opened 2026-05-05 12:44:44 +00:00 by kparal · 8 comments
kparal commented 2026-05-05 12:44:44 +00:00
Owner
Copy link

As a follow-up to #898 , we should look at the existing QA groups members from time to time and make sure all the access rights are still correct. We currently have these important groups to care about:

And the same for staging:

Let's make sure we update the groups, and limit the access appropriately for security purposes.

As a follow-up to #898 , we should look at the existing QA groups members from time to time and make sure all the access rights are still correct. We currently have these important groups to care about: * https://accounts.fedoraproject.org/group/qa-admin/ * https://accounts.fedoraproject.org/group/qa-tools-sig/ * https://accounts.fedoraproject.org/group/sysadmin-qa/ And the same for staging: * https://accounts.stg.fedoraproject.org/group/qa-admin/ * https://accounts.stg.fedoraproject.org/group/qa-tools-sig/ * https://accounts.stg.fedoraproject.org/group/sysadmin-qa/ Let's make sure we update the groups, and limit the access appropriately for security purposes.
kparal self-assigned this 2026-05-05 12:44:44 +00:00
kparal added this to the Sprint 9 project 2026-05-05 12:44:44 +00:00
adamwill commented 2026-05-05 16:01:36 +00:00
Owner
Copy link

@tflink says "I'm certainly not using any of that so it's probably better to remove me"

@tflink says "I'm certainly not using any of that so it's probably better to remove me"
adamwill commented 2026-05-05 16:13:41 +00:00
Owner
Copy link

So I would say from qa-admin we can remove tflink and frantisekz.

from sysadmin-qa remove tflink, frantisekz , asaleh (I believe he was probably added for dashboard purposes, he has no commits in ansible since 2023), jskladan, lbrabec, lrossett (I think he was an OSCI person who helped with resultsdb-ci-listener deployment but he has no ansible commits since 2022, we can give access to @lecris or someone for this purpose if necessary), mbrysa (can't find any explanation why he's in the group, can't find any ansible commits, mailing list mails...), mjia (looks like he did greenwave deployment stuff but no commits to ansible since 2012 or greenwave since 2017), mtoman (can't find any recent activity, looks like he was an RHer but no longer is), pschindl. Make me and you sponsors maybe?

For qa-tools-sig I'm not quite sure. Do we know what the significance of that group is? It's the Bugzilla assignee for some things...what else? Does it affect forge access? We might potentially want to keep some of the old team members in it if they still intend to lurk in any of the upstreams?

So I would say from qa-admin we can remove tflink and frantisekz. from sysadmin-qa remove tflink, frantisekz , asaleh (I believe he was probably added for dashboard purposes, he has no commits in ansible since 2023), jskladan, lbrabec, lrossett (I think he was an OSCI person who helped with resultsdb-ci-listener deployment but he has no ansible commits since 2022, we can give access to @lecris or someone for this purpose if necessary), mbrysa (can't find any explanation why he's in the group, can't find any ansible commits, mailing list mails...), mjia (looks like he did greenwave deployment stuff but no commits to ansible since 2012 or greenwave since 2017), mtoman (can't find any recent activity, looks like he was an RHer but no longer is), pschindl. Make me and you sponsors maybe? For qa-tools-sig I'm not quite sure. Do we know what the significance of that group is? It's the Bugzilla assignee for some things...what else? Does it affect forge access? We might *potentially* want to keep some of the old team members in it if they still intend to lurk in any of the upstreams?
lecris commented 2026-05-05 16:21:02 +00:00
Copy link

For qa-tools-sig I'm not quite sure.

Could be repurposed (or have a similar one) and share it with fedora-ci members since that could be a good place to put some repos that we plan to share like https://forge.fedoraproject.org/quality/python-ci_messages?

Would be interesting if forge could sync a membership there for both organizations 😅.

> For qa-tools-sig I'm not quite sure. Could be repurposed (or have a similar one) and share it with fedora-ci members since that could be a good place to put some repos that we plan to share like https://forge.fedoraproject.org/quality/python-ci_messages? Would be interesting if forge could sync a membership there for both organizations 😅.
kparal commented 2026-05-06 12:54:06 +00:00
Author
Owner
Copy link

Thanks, Adam, for your investigation. That helps a lot.

@lecris wrote in #900 (comment):

that could be a good place to put some repos that we plan to share like https://forge.fedoraproject.org/quality/python-ci_messages?

For sharing work on particular repos, I think the best approach is to simply specify additional collaborators (that are outside of the owning organization). This is very easy to do, just go do repo -> Settings -> Collaborators.

Thanks, Adam, for your investigation. That helps a lot. @lecris wrote in https://forge.fedoraproject.org/quality/tickets/issues/900#issuecomment-693631: > that could be a good place to put some repos that we plan to share like https://forge.fedoraproject.org/quality/python-ci_messages? For sharing work on particular repos, I think the best approach is to simply specify additional collaborators (that are outside of the owning organization). This is very easy to do, just go do repo -> Settings -> Collaborators.
kparal commented 2026-05-06 13:15:38 +00:00
Author
Owner
Copy link

@adamwill wrote in #900 (comment):

For qa-tools-sig I'm not quite sure. Do we know what the significance of that group is? It's the Bugzilla assignee for some things...what else?

If only we already did #840 😆

Yes it has a lot of significance. It populates https://accounts.fedoraproject.org/group/forge-quality-members/ which populates https://forge.fedoraproject.org/org/quality/teams/members which have admin access to all our Forge repos. Also there's the Bugzilla group/mailing list. I don't know what else. But because of the Forge stuff, I believe we want to keep it minimal. I would drop all people who are currently not in our team.

@adamwill wrote in https://forge.fedoraproject.org/quality/tickets/issues/900#issuecomment-693626: > For qa-tools-sig I'm not quite sure. Do we know what the significance of that group is? It's the Bugzilla assignee for some things...what else? If only we already did #840 😆️ Yes it has a lot of significance. It populates https://accounts.fedoraproject.org/group/forge-quality-members/ which populates https://forge.fedoraproject.org/org/quality/teams/members which have admin access to all our Forge repos. Also there's the Bugzilla group/mailing list. I don't know what else. But because of the Forge stuff, I believe we want to keep it minimal. I would drop all people who are currently not in our team.
lecris commented 2026-05-06 13:27:36 +00:00
Copy link

This is very easy to do, just go do repo -> Settings -> Collaborators.

Sure, just thought that doing it at a team level would be easier to manage, even if the team is not synced to a FAS group.

> This is very easy to do, just go do repo -> Settings -> Collaborators. Sure, just thought that doing it at a team level would be easier to manage, even if the team is not synced to a FAS group.
kparal commented 2026-05-06 13:43:56 +00:00
Author
Owner
Copy link

I have filed infra/tickets#13327 . @adamwill please ack that change, thank you.

I requested that the two of us are sponsors in all these groups except sysadmin-qa in production. For that one, I think we should be even stricter, and keep just you (and Kevin/Infra of course) as sponsors. If there was a need and you weren't available, we can always create an Infra ticket.

I've updated all groups except sysadmin-qa in production (where I don't have rights to do so). Once you're a sponsor, please make it match the current sysadmin-qa staging group, thank you. Then we can close this ticket, I believe.

I have filed https://forge.fedoraproject.org/infra/tickets/issues/13327 . @adamwill please ack that change, thank you. I requested that the two of us are sponsors in all these groups except sysadmin-qa in production. For that one, I think we should be even stricter, and keep just you (and Kevin/Infra of course) as sponsors. If there was a need and you weren't available, we can always create an Infra ticket. I've updated all groups except sysadmin-qa in production (where I don't have rights to do so). Once you're a sponsor, please make it match the current sysadmin-qa staging group, thank you. Then we can close this ticket, I believe.
adamwill commented 2026-05-06 17:37:54 +00:00
Owner
Copy link

Done.

Done.
adamwill 2026-05-06 17:37:55 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
agile
related to Scrum or other Agile methodology

  
anacondawebui
tickets relating to the anaconda 'web ui' interface refresh

  
arm

   
blockerfe
Issues relating to the blocker / freeze exception process

  
Closed As
Duplicate
 Closed with the reason of Duplicate

  
Closed As
Fixed
 Closed with the reason of Fixed

  
Closed As
Invalid
 Closed with the reason of Invalid

  
Closed As
Wontfix
 Closed with the reason of Wontfix

  
Closed As
Worksforme
 Closed with the reason of Worksforme

  
coreos
issue related to coreos

  
criteria
release criteria-related issues

  
defect

   
easyfix

   
enhancement

   
iot
Issues related to IoT

  
meeting
a topic for the next QA meeting

  
meta
issues in the issue tracker itself (like, whooooaaa, man)

  
onboarding call
issues that are used to track new contributor onboarding

  
proventesters

   
retrospective
issues filed as a result of QA Retrospective feedback

  
silverblue
Issues related to silverblue

  
sponsor
requests to become a FAS group sponsor

  
test cases

   
test days

   
wiki
  
ai-review-please
Request AI review for a pull request

  
Backlog Status
Needs Review
 Work items that have been created or updated but need review, refinement, or approval before they can be considered ready for sprint planning.

  
Backlog Status
Ready
 Work items that have been reviewed, refined, and are ready to be committed to a sprint. These items have clear requirements and can be worked on immediately when capacity is available.

  
chore
Work that needs to be done but doesn't add new functionality or fix bugs. Maintenance tasks that keep the system running smoothly and the codebase clean.

  
documentation
Work focused on creating, updating, or improving documentation for users, developers, or system administrators.

  
points
01
 A task that is simple, small, and has very little uncertainty. It should be easy enough for any team member to pick up and complete quickly, without a lot of discussion or research.

  
points
02
 This is a task that is slightly more complex or larger than a "1." It might involve two or three simple steps, but the outcome is still very clear and there's little uncertainty.

  
points
03
 Medium-sized task with some noticeable complexity. It might require a bit more thought or collaboration. The steps are well-defined, but it's not a trivial change.

  
points
05
 A significant piece of work. It has more complexity and a higher degree of uncertainty than smaller tasks. It might require some research, a design discussion, or collaboration across multiple teams.

  
points
08
 Complex task with a lot of uncertainty. It's often the largest size that a team will consider for a single sprint. It likely requires a detailed breakdown and multiple team members to complete.

  
points
13
 Any task that feels like it's a "13" or more is considered an Epic. These are too large and uncertain to be worked on in a single sprint and should be broken down.

  
Priority
Critical
 This is for work that is urgent and of critical importance and so and must be addressed immediately with a higher priority than all other work, even if not originally planned for the current sprint.

  
Priority
High
 This is for work that is critical and needs to be addressed in the next sprint. It's often for urgent bugs, important features, or a major piece of technical debt that is blocking other work.

  
Priority
Low
 This is for work that is good to do but not urgent. It's a candidate for being worked on when there's extra time or when it rises in importance. It can stay in the backlog for a longer period.

  
Priority
Medium
 This is for important work that should be done soon, but isn't as urgent as a high-priority item. It will likely be considered for the next 1-2 sprints.

  
Sprint Status
Blocked
 Work items that cannot progress due to external dependencies, blockers, or issues that need resolution.

  
Sprint Status
Done
 Work items that have been completed, reviewed, and integrated. No further work is needed within the current sprint.

  
Sprint Status
In Progress
 Work items currently being worked on by a team member. Active development, research, or implementation is happening.

  
Sprint Status
Review
 Work items that are complete but need review, testing, or approval before being marked as done.

  
Sprint Status
To Do
 Work items that are committed to the sprint but haven't been started yet. These items are ready to be picked up by team members.

  
Technical Debt
Work that addresses shortcuts, workarounds, or suboptimal implementations that were done previously to meet deadlines. These items improve code quality, maintainability, or performance without adding new features.

  
Work Item
Bug
 Issues where the system is not working as intended or designed. Bugs represent deviations from expected behavior.

  
Work Item
Epic
 Large initiatives that are broken down into multiple smaller work items (user stories, tasks, bugs). Epics represent significant features or projects that span multiple sprints.

  
Work Item
Spike
 Time-boxed research, investigation, or proof-of-concept work to reduce uncertainty or explore solutions. Spikes help inform future development decisions.

  
Work Item
Task
 Used to break down larger user stories into smaller, manageable implementation pieces. They focus on the specific technical steps needed to deliver the user story's value.

  
Work Item
User Story
 User-facing features or functionality that can be framed from a user perspective, describing what someone wants to accomplish and why.

No labels
agile
anacondawebui
arm
blockerfe
Closed As
Duplicate
Closed As
Fixed
Closed As
Invalid
Closed As
Wontfix
Closed As
Worksforme
coreos
criteria
defect
easyfix
enhancement
iot
meeting
meta
onboarding call
proventesters
retrospective
silverblue
sponsor
test cases
test days
wiki
ai-review-please
Backlog Status
Needs Review
Backlog Status
Ready
chore
documentation
points
01
points
02
points
03
points
05
points
08
points
13
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Sprint Status
Blocked
Sprint Status
Done
Sprint Status
In Progress
Sprint Status
Review
Sprint Status
To Do
Technical Debt
Work Item
Bug
Work Item
Epic
Work Item
Spike
Work Item
Task
Work Item
User Story
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Sprint 9
Assignees
Clear assignees
No assignees
kparal
adamwill
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Depends on
#13327 Update Quality groups sponsors
infra/tickets
Reference
quality/tickets#900
No description provided.