This repository contains the structure of the Rust teams. The repository is automatically synchronized with:
Service | Synchronized every | |
---|---|---|
@bors | In real time | Integration source |
Crater and @craterbot | In real time | Integration source |
Perf and @rust-timer | In real time | Integration source |
@rfcbot | 5 minutes | Integration source |
GitHub teams membership | Shortly after merge | Integration source |
GitHub repositories | Shortly after merge | Integration source |
Mailing lists and aliases (@rust-lang.org , @crates.io ) |
Shortly after merge | Integration source |
Zulip user group membership | Shortly after merge | Integration source |
Governance section on the website | 2 minutes | Integration source |
crates.io admin access | 1 hour | Integration source |
If you need to add or remove a person from a team, send a PR to this repository. After it's merged, their account will be added/removed from all the supported services.
It's possible to interact with this repository through its CLI tool.
This repository contains some sanity checks to avoid having stale or broken
data. You can run the checks locally with the check
command:
cargo run check
Note that some of these checks will be skipped due to missing API tokens.
It's possible to fetch the public information present in a GitHub profile and store it in a person's TOML file:
cargo run add-person <github-username>
You can also add additional information, such as someone's Discord or Zulip ID by adding additional fields to their .toml
file.
To determine someone's Zulip ID, find them in the list of people on the right-hand side in Zulip, click the "three dots" menu and then "View profile", and copy the 'User ID' into the toml file:
zulip-id = <user id>
There are a few CLI commands that allow you to get some information generated from the data in the repository.
You can get a list of all the people in a team:
cargo run dump-team all
You can get a list of all the email addresses subscribed to a list:
cargo run dump-list [email protected]
You can get a list of all the users with a permission:
cargo run dump-permission perf
You can generate www.rust-lang.org's locales/en-US/tools.ftl file by running
cargo run dump-website
The website will automatically load new teams added here, however they cannot be translated unless tools.ftl
is also updated.
You can also print a list of users with individual access to repositories
# Group the accesses by repository
cargo run dump-individual-access --group-mode repo
# Group the accesses by contributor
cargo run dump-individual-access --group-mode person
You can build locally the content of https://team-api.infra.rust-lang.org/v1/
by running the command:
cargo run static-api output-dir/
The content will be placed in output-dir/
.
You can use the tool to synchronize state to the live services. By default, the tool will run in dry mode on all the services we synchronize, meaning that the changes will be previewed on the console output but no actual change will be applied:
cargo run sync
Once you're satisfied with the changes you can run the full synchronization by
passing the apply
subcommand:
cargo run sync apply
You can also limit the services to synchronize on by passing a list of all the service names you want to sync. For example, to synchronize only GitHub and Mailgun you can run:
cargo run sync -- --services github,mailgun
cargo run sync -- --services github,mailgun apply
By default, the synchronization will be based on data from the live team
endpoint.
When making changes to the tool it might be useful to test
with dummy data though. You can do that by passing the --team-repo
flag to the CLI:
cargo run sync -- --team-json <directory>
The <directory>
with JSON data can be generated using cargo run static-api
.
If an email address in a list needs to be confidential it's possible to encrypt it. Encrypted email addresses look like this:
encrypted+3eeedb8887004d9a8266e9df1b82a2d52dcce82c4fa1d277c5f14e261e8155acc8a66344edc972fa58b678dc2bcad2e8f7c201a1eede9c16639fe07df8bac5aa1097b2ad9699a700edb32ef192eaa74bf7af0a@rust-lang.invalid
The production key is accessible to select Infrastructure Team members, so if you need to add an encrypted email address you'll need to reach out to that team. The key is stored in the following parameter on AWS SSM Parameter Store:
/prod/sync-team/email-encryption-key
The cargo run encrypt-email
and cargo run decrypt-email
interactive CLI
commands are available for infra team members to interact with encrypted
emails. The rust_team_data
(with the email-encryption
feature enabled) also
provides a module to programmatically encrypt and decrypt.