Project Administration

This section documents all the information necessary to administer the infrastructure which makes the project possible.

Tooling

.. toctree::
   :titlesonly:

   ../README
   ../tools/wptserve/docs/index.rst
   ../tools/wptrunner/README

.. toctree::
   :hidden:

   ../tools/wptserve/README

Secrets

SSL certificates for all HTTPS-enabled domains are retrieved via Let's Encrypt, so that data does not represent an explicitly-managed secret.

Third-party account owners

(unknown registrar): https://web-platform-tests.org
- jgraham@hoppipolla.co.uk
(unknown registrar): https://w3c-test.org
- mike@w3.org
(unknown registrar): http://testthewebforward.org
- web-human@w3.org
Google Domains: https://wpt.fyi
(Google internal): https://wpt.live https://wptpr.live
- foolip@google.com
- robertma@google.com
GitHub: web-platform-tests
- @foolip
- @Hexcles
- @jgraham
- @plehegar
- @thejohnjansen
- @youennf
- @zcorpan
GitHub: w3c
- @plehegar
- @sideshowbarker
Google Cloud Platform: wptdashboard{-staging}
Google Cloud Platform: wpt-live
- smcgruer@google.com
- robertma@google.com
Google Cloud Platform: wpt-pr-bot
- smcgruer@google.com
- robertma@google.com
E-mail address: wpt.pr.bot@gmail.com
GitHub: @wpt-pr-bot account

Emergency playbook

Lock down write access to the repo

Recommended but not yet verified approach: Create a new branch protection rule that applies to * (i.e. all branches), and check "Restrict who can push to matching branches". This should prevent everyone except those with the "Maintain" role (currently only the GitHub admins listed above) from pushing to any branch. To lift the limit, delete this branch protection rule.

Alternative approach proven to work in #21424: Go to manage access, and change the permission of "reviewers" to "Read". To lift the limit, change it back to "Write". This has the known downside of resubscribing all reviewers to repo notifications.

3.1 KiB Raw Blame History