Can you please set up a /legal / Fedora Legal space on Fedora Docs on Gitlab, and make it owned/writable by @jlovejoy and @ref? Thanks!
Jilayne has things in motion for Fedora Legal docs, so soon would be nice. (In other words, not a fire, but if you can bump it up the list of small things, I'd appreciate that!)
Metadata Update from @ryanlerch: - Issue assigned to ryanlerch
OKay, the group has been created -- however i cannot add @jlovejor or @ref to the group yet since they dont seem to have ever logged into gitlab with their fedora account.
there are two options here, wither they both log in to gitlab with SAML via:
https://gitlab.com/groups/fedora/
or if there is a legal group with those two in it in Fedora Accounts, i can set that up too.
legal
There does not appear to be an existing legal group. Can we create one and add them?
Metadata Update from @kevin: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: low-gain, low-trouble, ops
Yeah, i think this may be one of the cases where the SAML group linking might be worthwhile.
Just need someone with Fedora Accounts group adding ability to add the "legal" group to IPA (i can do the github side once this is done)
@kevin out of interest, is it just sysadmin-main with that access to the accounts system?>
Yeah, i think this may be one of the cases where the SAML group linking might be worthwhile. Just need someone with Fedora Accounts group adding ability to add the "legal" group to IPA (i can do the github side once this is done)
I have added the legal group with @jlovejoy and @ref as sponsors https://accounts.fedoraproject.org/group/legal/
They are slightly different but mostly the same
@ryanlerch whats the status here?
Sorry to add another ping... Jilayne is ready to go when we have the repo...
I have setup the link. Members of the fedora 'legal' group will get 'owner' permissions for https://gitlab.com/fedora/legal
Let us know if there's anything more you all need or if you run into any problems.
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Thanks!
Hi, sorry but I'm kind of completely unclear on what to do here. I got an email from Gitlab saying: "You have been granted Owner access to the fedora / Fedora Legal group. If this was a mistake you can leave the group."
But while logged into my gitlab.com account when I try to access fedora legal I get: Your request for access could not be processed: The member's email address is not linked to a SAML account
Update: Now I get "SAML authentication failed: Extern uid has already been taken"
@ref If you go to https://gitlab.com/fedora, you should be able to log in with Fedora SSO.
I'm getting a bit stuck too - perhaps it has something to do with having (or not having) a regular Gitlab account? I do not have a Gitlab account - maybe I need to create one (and with my redhat.com address) I think @ref has a Gitlab account, perhaps under a different email - in which case, would he need to link them or create a new Gitlab account with his redhat.com email?
(used to Github, where you can have more than one email associated with your account - not sure how Gitlab handles that, but wondering if that's part of what is going on here?)
No, that's where I click "Authorize" and get "SAML authentication failed: Extern uid has already been taken"
Are you logged in with your regular gitlab account? login there first, then go to https://gitlab.com/fedora/legal and see if it will let you sign in again with fedora SAML (and link it to your existing account).
Or, maybe @ref has a different gitlab account that is linked to the Fedora one?
I think this is now resolved but I will let you know if not. :-)
Okay I don't understand what is going on. If I try to use my Fedora machine I get the "SAML authentication failed" message. I was able to successfully authenticate on a MacOS machine. I tried resetting my Fedora account password (thinking perhaps it had something to do with out of date browser stored passwords) but this did not seem to correct the problem.
Ah I think I may indeed have two gitlab accounts.
@kevin I previously had a gitlab account (associated with my Red Hat email address), username "@richardfontana", and a new gitlab account was created today as a consequence of all this, username "@rfontanaref". Obviously I can use rfontanaref and I actually never used richardfontana, but I sort of like the name better. So I have to ask - do you know if it is possible to re-associate my Fedora account with the other (richardfontana) gitlab account? If too much trouble don't worry about it.
I think it should be possible. ;)
How about:
Make sense? let me know if that sounds worth trying and I will do the step one.
Login to comment on this ticket.