[as112-ops] AS112 Project web site: a new beta

Matt Griswold grizz at 20c.com
Fri Sep 29 01:05:14 UTC 2023


On Thu, Sep 28, 2023 at 03:08:23PM -0400, Matthew Pounsett wrote:
> > Is the site open source and available anywhere? You might get some help
> > from people with spare cycles every now and again. Querying the servers
> > for a liveness check would be great.
> > 
> > Keeping the static list in a git hosted yaml or json file somewhere
> > could be pretty nice since people could update their own listings and do
> > a Pull Request for approval.
> 
> The site isn't open source and probably won't be.. we try to open source stuff where it makes sense; we talked about it for the site, but don't see the value.  Who's going to want to host their own version of the site? :)

I was more thinking along the lines of contributing to automation
efforts and adding features, as well as working on any sort of
pipelining for triggers, etc. :)

On Thu, Sep 28, 2023 at 03:14:52PM -0400, Matthew Pounsett wrote:
> > On Sep 28, 2023, at 15:08, Matthew Pounsett <matt at dns-oarc.net> wrote:
> > 
> >> Keeping the static list in a git hosted yaml or json file somewhere
> >> could be pretty nice since people could update their own listings and do
> >> a Pull Request for approval.
> > 
> > The list is a different story.  I've been thinking that over for a few weeks and I'm on the fence still.  I was also thinking about the value of people being able to do PRs on their own data to keep the list up to date.  However, the data model includes a contact name and email we would like to start collecting, but not publishing, so that we can get in touch with operators if it looks like updates are required.  Even though we intend for that to be a role contact (e.g. Hostmaster, NOC) it still runs the risk that someone includes an individual's contact info, and then we're up against PII issues.

Nice, keeping extra contact information is a good idea.

> Oh... and forgot a thing (swamped, remember?) :)
> 
> There's an authentication issue, as well.  I can exchange email with someone at their organization email address and be reasonably sure I'm talking to someone at that organization.  That's harder with a PR on GitHub, especially as a lot of people might use their personal GitHub login.
> 
> We could require signed commits, but there still needs to be a way to associate that back to the org that is theoretically making the listing.
> 
> I'm not well versed enough in a lot of deep git-foo to know whether there's already a solution to that.  So again, if anyone has input ...

All good points, so it could turn into a debacle and be more trouble
than it's worth. On the flip side, it could just be an additional method
available if your email happened to match.

Food for thought at any rate.

Enjoy your vacation!


More information about the as112-ops mailing list