Policy change: pushing to protected branches is now blocked

Unfortunately, as we never tested this setup for release managers, this prevented us from branching-off for NixOS 23.11 (Let's have a great 23.11 release cycle! - #6 by figsoda) and we need to postpone the branch-off for tomorrow as we require the assistance of a GitHub organization owner and no one was available during the release time.

It would be nice to fix this problem for the next time.


Four complementary ideas:

  1. Ping the org owners in advance so they are around when the branch-off happens.
  2. Give admin rights to the nixpkgs repo to the nixos-release-managers team? It would be consistent with the idea of empowering the teams in relation to their responsibilities.
  3. Deploy a declarative configuration tool such as GitHub - uwu-tools/peribolos. This would also unblock the infra team as there are no finer-grained permissions than org-owner. => Declarative GitHub configuration tool · Issue #310 · NixOS/nixos-org-configurations · GitHub
  4. Ask GitHub if they can give us the enterprise edition that has finer-grained permissions. /cc @ron
1 Like