Launch identity.kde.org
Yesterday evening we did the final import into identity.kde.org and decided it was stable enough for general usage. With this blog we announce the general availability of this site and I will give a small introduction.
We imported all existing developers into the system, and all developers from the past too. Your username is identical to your subversion username. Your don’t have a password yet, but by using the obvious option on the welcome screen you can reset it and get access.
After the login you will be greeted with your profile. You can fill in all your details as you like. During the import we have set your Name and email address and the ssh public keys you use for svn access currently.
Important to know is what will become available to whom. We will not show all the profile data to everyone. We will use the grouping feature of the identity.kde.org-system. Basically we now the following groups: users, developers, former-developers, ev-members and sysadmins. users will never see anything. developers will probably see the usernames, names and email info of other developers, and ev-members will see what developers see, but also some more contact info about fellow ev-members. Or if someone decides otherwise, that’s fine too, we’re just executers trying to work with sane defaults for that matter.
This system will replace the famous accounts file in the future. We will of course provide something downloadable in the future for that. And hopefully it will replace the database we once used for ev-members, but this last bit is not sure yet, as the system is still being evaluated for this purpose.
This screen allowes your change your ssh-keys. This part is the primary use case for this system at this moment in time. While importing we have imported your keys already, and from now on you can manage your own ssh keys. You no longer need the system team to control which keys you will have access to svn. You can delete keys, and upload new additional keys, whatever you like, as often as you like and whenever it suits you.
Currently we are working on getting the scripts working which deal with all the key changes, so currently you can test this as much as you like without it having consequences. Just make sure that when you are ready with testing, you have the right set of keys uploaded. Starting from this weekend the scripts will be activated and the keys on identity.kde.org will be leading.
The future of the system is that we will soon open identity.kde.org for new users. After registration they will belong to the group ‘Users’. On this level, your username and password for identity.kde.org will also provide you immediate access to the new reviewboard and redmine system we will soon launch.
As a user you can request an upgrade to de developer status. This is done with a similar form as which we have used for the last couple of years. After the sysadmin has processed the request, the user is upgraded to developer, and from that moment on the user has push access to the repositories.
Both git.kde.org and svn.kde.org will allow commits / pushes from developers, both systems verify against the keys that are available in identity.kde.org. There is no difference between developers for git and developers for svn. If you can commit to svn you can also push to git.kde.org.
In the future we can use the data from identity.kde.org for a gazillion new purposes. Not only will your username and password from identity.kde.org give you access to a few new sites, but also you can think of more fun things. For example we can use it to power planetkde, instead of the config file, you can manage your rss feed from identity.kde.org. Or @kde.org email address holders can change the forward address behind the kde.org address. Or we can manage registrations for akademy this way. We’ve explcitely choosen identity.kde.org (which is powered by GOsa), because of the ability to create such features in a limited amount of time.
I’ve talked way to much for an introduction. You can now jump to the identity.kde.org-site, read the interview with Ben Cooksley, the sysadmin that deserves most of the credits for the setup of this system. You can also follow our progress in the launch of the git.kde.org infrastructure in our schedule. As usual you can file bugs for identity.kde.org at our bug tracker.
Good job. Thanks for all your work!
I went to the website and put in my username, then pressed TAB and paused for a moment. I didn’t know my password!
Then I realized that I should claim I ‘forgot’ it and the wheels of setting it would be set in motion.
Might be something to update the post with.
Aside from that, great work. I can really see the potential. The efforts of the sysadmins in this area of SCM migration is really impressive.
Thank you very much for working on this.
Good job!
@stephen thanks! I think the text already covers the suggestion to use the password lost function… But, i now changed the text to make it more obvious
@toma would be a good idea to have the “Reset password” routine accept username as well as email address… I sincerely had a bit of trouble remembering which one I had set up last time I actually touched anything KDEish ;)
Great work and great information strategy. Like your blogs (already flatt(e)red).
One question: I’m an eV member but no developer (yet). Am I already in the system with a username?
Great job! One small question: why do you use “shutdown” icon for “logout” action?
Hi,
first thanks for your work. I didn’t find a component for identity at the bug tracker. So here some small reports.
a) You can add empty phone numbers.
b) When adding more information and a picture (12kb) I get the following error:
Fatal error: Maximum execution time of 30 seconds exceeded in /srv/www/gosa/include/class_configRegistry.inc on line 479
If I try to add only a picture I get:
Fatal error: Maximum execution time of 30 seconds exceeded in /srv/www/gosa/include/functions.inc on line 440
Ups, found the component in the bugtracker.
http://identity.kde.org gives me HTTP 500
Just tried to reset my password (as per blog). Appeared to go well but upon following the emailed link I was presented with this error message from https://identity.kde.org/passwordreset.php?…..
Error, Setup.php must be included from the file scope, after DefaultSettings.php
Hmmm… I ran into a small problem: Looks like I used a email address to set up my KDE account with which I no longer control. Never noticed since my SSH key still works great;-) So how can I reset my email so that I can afterwards reset my password?
Best Regards,
Tobias
Oops, yeah the info was already in the blog. I must have missed it.
Thanks.
A big thank you to everybody involved. You even made it look nice :)
I like the background used for the account page. I wonder from what item of KDE swag you the inspiration ;)
Thanks everyone for the compliments! I’ll pass them on to the sysadmin crew. Feel free to report bugs and questions to the bugtracker, so we don’t forget them….
The changing-image-leads-to-timeout-problem is known and there is also a tiny problem with uploading keys, those will be fixed in the next couple days.
@hunger you can fix your email address in the accounts file. We will notice this change and fix your account on identity manually, just hop into #kde-sysadmin to coordinate or file a sysadmin bugreport to coordinate this change.
(Yes, this is extra work for you, but I warned for this in my last blogs repeatedly….)
@Sean & @stefan, yes, we had some problems with that server today. Should be fine now.
What about making these data accessible through CardDAV or something similar?
By just adding them as a resource in Akonadi you’d have all KDE people on your fingertips for PIM needs.
Good idea. Please file a sysadmin br / feature request so we can look if there is perhaps a default plugin available for doing this.