Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

korg: add audit command #4291

Merged
merged 2 commits into from
Jan 23, 2024
Merged

korg: add audit command #4291

merged 2 commits into from
Jan 23, 2024

Conversation

palnabarun
Copy link
Member

@palnabarun palnabarun commented Jun 14, 2023
edited
Loading

Implements the audit command

Top level logic

  1. Fetch all users from the org configuration
  2. Fetches contribution statistics from devstats
  3. Parses an exception file (in CSV format), if specified
  4. Filters out members with contributions exceeding a threshold or present in the exceptions file. Note: The filtered-out members are active contributors, and inactive members are the ones left.
  5. Checks if the users are owners.
  6. Print the data to a Markdown file or to stdout.

Example

Running the following with this exceptions file after checking out this branch will give this table of users to be removed.

go run ./cmd/korg/... audit --org kubernetes,kubernetes-sigs,kubernetes-client,kubernetes-csi --activity-threshold 0 --output-file removals.md --exceptions-file exceptions.csv --check-teams --check-owners

Follow-ups

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. area/github-management Issues or PRs related to GitHub Management subproject labels Jun 14, 2023
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 14, 2023
@palnabarun palnabarun mentioned this pull request Jun 14, 2023
Closed
4 tasks
@palnabarun
Copy link
Member Author

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 14, 2023
@nikhita
Copy link
Member

nikhita commented Jun 15, 2023

/assign
for final review and lgtm

/assign @MadhavJivrajani @Priyankasaggu11929
can you take an initial pass?

MadhavJivrajani
MadhavJivrajani reviewed Jun 15, 2023
View reviewed changes
Copy link
Contributor

@MadhavJivrajani MadhavJivrajani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few minor suggestions and questions.
Overall, looks great! Thank you @palnabarun, this is going to be very handy ❤️

cmd/korg/audit.go Outdated Show resolved Hide resolved
cmd/korg/korg.go Outdated Show resolved Hide resolved
cmd/korg/audit.go Show resolved Hide resolved
cmd/korg/korg.go Outdated Show resolved Hide resolved
pacoxu
pacoxu reviewed Jun 16, 2023
View reviewed changes
cmd/korg/utils.go Outdated Show resolved Hide resolved
@Priyankasaggu11929
Copy link
Member

Also — it would be useful to include this example exceptions file as well in the PR.

Both for format reference and maybe as a default entries for bot accounts?

(k8s-release-robot is appearing in the output table for usernames to remove. Perhaps we could add that to the exceptions list too. )

pacoxu
pacoxu reviewed Jun 16, 2023
View reviewed changes
cmd/korg/audit.go Outdated Show resolved Hide resolved
@pacoxu
Copy link
Member

pacoxu commented Jun 16, 2023
edited
Loading

There is a special case that not sure if we want to make a flag.

https://go.k8s.io/owners/liu-cong is in the owner file but is emeritus. For such cases, we don't need an owner cleanup.
For others, he/she may be in the owner file and need a cleanup. (But hard to know if one is an emeritus as emeritus_approvers will not be commented with #.🤣 )

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 26, 2023
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the PR is closed

You can:

  • Mark this PR as fresh with /remove-lifecycle stale
  • Close this PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 20, 2024
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jan 22, 2024
@palnabarun
Copy link
Member Author

[...] would it make sense to have "if a username is still a valid GH username or not?" as a default filtering predicate? [...]

@MadhavJivrajani The idea is good. I think it is taken care of already. Peribolos occasionally fails to reconcile if an invalid user exists in our manifests. Wondering if that is a sufficient lazy check.

@Priyankasaggu11929 @MadhavJivrajani @pacoxu I resolved all your pending comments and regenerated the lists.

Functionality diff from previous version:

  • Removed the output type. Rendering to the terminal doesn't provide much value.
  • The script now computes all teams that the users are part of.
  • Takes care of case agnostic behavior of GitHub usernames. The repo has entries for the same user in correct case and lower case.

@palnabarun
Copy link
Member Author

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 22, 2024
Priyankasaggu11929
Priyankasaggu11929 requested changes Jan 22, 2024
View reviewed changes
docs/sample-exceptions.csv Outdated Show resolved Hide resolved
MadhavJivrajani
MadhavJivrajani reviewed Jan 22, 2024
View reviewed changes
Copy link
Contributor

@MadhavJivrajani MadhavJivrajani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few non-blocking comments, LGTM otherwise!

cmd/korg/audit.go Show resolved Hide resolved
cmd/korg/audit.go Show resolved Hide resolved
cmd/korg/audit.go Outdated Show resolved Hide resolved
@MadhavJivrajani
Copy link
Contributor

The idea is good. I think it is taken care of already. Peribolos occasionally fails to reconcile if an invalid user exists in our manifests. Wondering if that is a sufficient lazy check.

I think this should suffice, thanks for reminding me about that 👍🏼

@palnabarun
korg: add audit command
ce51a23 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
@palnabarun
add a sample exceptions file
245e550 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
MadhavJivrajani
MadhavJivrajani approved these changes Jan 22, 2024
View reviewed changes
Copy link
Contributor

@MadhavJivrajani MadhavJivrajani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 22, 2024
@Priyankasaggu11929
Copy link
Member

/lgtm
/approve

/hold

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: MadhavJivrajani, palnabarun, Priyankasaggu11929

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [MadhavJivrajani,Priyankasaggu11929,palnabarun]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@palnabarun
Copy link
Member Author

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 23, 2024
@pacoxu
Copy link
Member

pacoxu commented Jan 23, 2024

Good job.

My last run two months ago resulted in a long list.

@k8s-ci-robot k8s-ci-robot merged commit 4ce0366 into kubernetes:main Jan 23, 2024
4 checks passed
@palnabarun palnabarun deleted the korg/audit branch January 23, 2024 11:54
@Priyankasaggu11929 Priyankasaggu11929 mentioned this pull request May 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pacoxu pacoxu pacoxu left review comments

@MadhavJivrajani MadhavJivrajani MadhavJivrajani approved these changes

@Priyankasaggu11929 Priyankasaggu11929 Priyankasaggu11929 approved these changes

@nikhita nikhita Awaiting requested review from nikhita

Assignees

@MadhavJivrajani MadhavJivrajani

@nikhita nikhita

@Priyankasaggu11929 Priyankasaggu11929

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/github-management Issues or PRs related to GitHub Management subproject cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@palnabarun @nikhita @Priyankasaggu11929 @pacoxu @k8s-triage-robot @MadhavJivrajani @k8s-ci-robot