Help talk:Toolforge/Rules

From Wikitech
Jump to navigation Jump to search

Proposed revision to Rule 4

Add 'without explicit permission from admins'. This allows Quarry to move to tools. yuvipanda (talk) 18:49, 15 August 2016 (UTC)Reply[reply]

I think this is reasonable. The intent of Quarry and Paws is to remove artificial barriers to interacting with Wikimedia data. A tool such as quarry that has been reviewed by multiple trusted developers and includes methods for blocking users making unwanted use of the service is a valuable addition to Labs. On the resource consumption front, moving the existing service from dedicated VMs in Labs to kubernetes in Tool Labs should actually reduce overall resource consumption by allowing the service to scale elastically (k8s pods) rather than in fixed resource blocks (OpenStack VMs). The only potential difficulty I can see is in drafting and fairly applying a set of criteria for administrative approval. --BryanDavis (talk) 19:39, 15 August 2016 (UTC)Reply[reply]
Here's my proposal for the updated rule:
  • Do not provide direct access to Labs resources to unauthenticated users
    For instance, do not allow web clients to issue shell commands or arbitrary SQL queries against the databases. Labs resources are shared and limited, and it must be possible to attribute usage to specific wikitech users who are bound to the terms of use.
    Under certain circumstances unauthenticated access may be allowed if alternate compensating controls are provided. This requires explicit approval by the Tool Labs administrative staff who will review the design and implementation of the controls to ensure that they provide reasonable protections against excessive resource consumption. Such exemptions may be revoked at any time if the controls are found to be insufficient.
--BryanDavis (talk) 05:16, 5 January 2017 (UTC)Reply[reply]