Onboard tpkessler as Trusted User

Onboarding an Arch Linux team member

Details

• Team member username: @tpkessler
• Application: https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/3HLMZQBHIFASXSCGHCNS3PCP3BMKMMUU/
• Voting result: https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/CFGTPPLUE4RIRHXDUHWJF4SBOEEWQMJ6/
• SSH public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDA33FpKvTCUIexkjrAYaK0jKHMx5yHtJRAuFMxEzv5B3mBgBV/vd06wn/fZc2bTwStmznWhfsMwkhoGb2E3jKT/Au4GWbVVu0hOD0pgzJqoJf3YFRBOtm/AMdDvY1MFLGFhWEEoL9zQjTlvp87HwuhnR7o6LO2hBkLlknccQUxx96ncH6ACasM8cnSJY1yZXg8lNvwiVcFxJ9oxaAIVhD0y9TBX0L3mbp1gi2k9/emqerk+ekfrCUoBU4AGXunBw+TVyPjcpz2bQS8Z6o/ZN8oKrVPvsOM9ITgAzEZHEEqTge44hMPmUrBA0Jlgp5kxv9zc+hllXQ4i5Up/85W1ilXtGhyC6hccxDDfIKnKi3YzpaQLmz3CJirxpXiN3qUAVxY6pZsWM964+ir/y1QZyQbSgU/sV6Pxy3G/J4nHSCZQUaZ3dXg+0pR2Ss/ykY45Gf4HWU2gG8Lc61KsiULWLGIfE7PHjzLmHvmaHQJ9IriZXlGNyxBYuNvMAdir9lyA9scYZCKxDaxr1Qqv5QiYgNcDyo1CSMEmYfu91RQ8QfpKuGpfFAJoNofKr8VkE0ts7S9r2nDGOziDhzamLZy5qc06xy0S4KKDQrqMRAiM6wdvT+Lhqpu5jj3AS2RNWKmdx1qObWb2pnT7hhaoQyY+S2dmnwP7d7QrDw/Kcov/usoQw==
• Full Name: Torsten Keßler
• Personal e-mail address: <redated>
• PGP key ID used with personal e-mail address: 0xAF5FF1C93CF09D12
• Communication e-mail address: [arch]

All roles checklist

• Add user mail if TU or developer, or support staff and communication e-mail address is arch.
  • Add new user email as per docs/email.md.
  • Add entry in group_vars/all/archusers.yml.
    • If support staff hosts should be set to mail.archlinux.org.
    • homedir.archlinux.org is also allowed for support staff, but it is opt-in.
  • Add SSH pubkey to pubkeys/<username>.pub.
  • Run ansible-playbook -t archusers $(git grep -l archusers playbooks/ | grep -v phrik).
• Create a new user in archweb. Select the appropriate group membership and allowed repos (if applicable).
• Subscribe communication e-mail address to internal staff mailing list.
• Allow sending from communication e-mail address on arch-dev-public (subscribe and/or find address and remove moderation).
• Give the user access to #archlinux-staff on Libera Chat.
• Give the user a link to our staff services page.
• Replace the Team member username with the @-prefixed username on Gitlab.
• Remove personal information (such as Full Name and Personal e-mail address, as well as the clearsigned representation of this data), remove the description history and make the issue non-confidential.
• Request staff cloak on Libera Chat (Group contacts)

TU/Developer onboarding checklist

• Create issue in archlinux-keyring using the "New Packager Key" template (archlinux-keyring#213 (closed)).
• Assign the user to the Trusted Users or Developers group on Keycloak.
• Assign the user to the Trusted Users or Developers group on archlinux.org.
• Subscribe communication e-mail address to internal arch-tu or arch-dev mailing list.