GitHub Groups & Permissions

Developers can be assigned to the following groups in GitHub:

• @wellcomecollection/developers: The default group for engineering roles.

These groups are to aid in notification for review only and cover the 2 major languages in the platform:

• @wellcomecollection/js-ts-reviewers: Folk who can review JavaScript and TypeScript things. The wellcomecollection.org repo requires a review from this group before you can merge.

• @wellcomecollection/scala-reviewers: This group is only to notifiy folk who want to review Scala code in our services.

There are also teams and sub-teams for product/project/UX team members:

• @wellcomecollection/product-project-ux: Product ownership, project management & UX team

  • @wellcomecollection/data: Data science & analytics

  • @wellcomecollection/design: All things design and UX

We have some groups for developers who we work with from external companies:

• @wellcomecollection/digirati-external: We work the Digirati to provide our iiif-image & iiif-presentation APIs.

• @wellcomecollection/intranda-external: Intranda maintain the Goobi service, part of our digital-workflow services.

And a group for folk providing oversight from the Trust:

• @wellcomecollection/wellcome-trust-platform-technology: This group contains members of the Wellcome Trust platform technology teams who have oversight of Collection services.

CODEOWNERS

We use the GitHub CODEOWNERS file in our repositories to ensure proper reviews on some parts of the platform.

Buildkite pipelines

The @wellcomecollection/buildkite-reviewers group MUST be added as a code owner for any Buildkite pipelines when new repositories are added or existing ones updated.

You can use this template repository when starting a new project that needs CI: https://github.com/wellcomecollection/buildkite-template

It's necessary to enforce this relationship so that only code that has been properly reviewed can be run in our Buildkite CI environment. CI can assume roles across accounts and changes need to be reviewed properly to maintain permission boundaries.