The Turing Way uses GitHub Teams to organise its members and manage access/permissions to various repositories, most notably Working Groups.
However, as the community grows and we create more teams and repositories, managing the GitHub Teams will become more difficult and time consuming.
Also, a bottleneck will be created if only a small number of community members (for example the GitHub organisation owners or the Infrastructure Working Group) have the ability to manage the teams.
Therefore, a repository has been setup using infrastructure-as-code principles specifically targeting teams management: the
In this repository, YAML files are used to build human-readable definitions of our GitHub Teams, their members, which repositories they have access to, and at what permission level. The workflows in this repository use a tool called opentofu to create and reflect the structure defined by the YAML files in The Turing Way’s GitHub organisation. Therefore, any additions, changes, or deletions made to the YAML files will be automatically applied to the organisation when the edits have been merged. This will allow easier management and control of teams, their members, and permissions throughout the organisation.
As well as this ease of management, we have chosen this approach because it will make the teams easier to audit. Who made what changes will be captured in the git history of the repository. All of this information is now centralised and transparent in a single place and easy-to-read format. The bottleneck on the Infrastructure Working Group and/or GitHub org admins will be removed since those with write access (the teams themselves) will be able to raise, review, and merge their own Pull Requests against this repository. We have implemented a CODEOWNERS file that makes each GitHub team responsible for their own YAML file defining it (or a good enough approximation where necessary).
Please see the teams-as-code repository for more information.