chore: request new repo 'tractusx-profiles'

[paullatzelsperger]

Description

This PR requests a new repository named 'tx-profiles'.

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

• DEPENDENCIES are up-to-date. Dash license tool. Committers can open IP issues for restricted libs.
• Copyright and license header are present on all affected files

[netomi]

in the long run we would like to enforce only read permissions by default. While it is quite some work for existing repo to ensure that all their workflows still work, for new repos I would suggest to already start with read permissions. WDYT?

[paullatzelsperger]

this repo is supposed to mainly contain files (no code), so i don't anticipate any sophisticated workflows. But what would be the practical consequence? could I still request write permission per-workflow, in the workflow file?

[netomi]

Indeed, everything would still be working, but you need to explicitly request write tokens in the workflow file itself:

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

So its an effort to declare what permissions the workflow really needs instead of granting it write tokens by default which could be misused by 3rd party actions.

[paullatzelsperger]

that totally makes sense :) updated the PR

[netomi]

LGTM, can someone else give an approval?

[FaGru3n]

Hi @paullatzelsperger,

is there a reason why naming it "tx-profiles" ?

[paullatzelsperger]

Yes because it'll contain resources such as verifiable credentials, json-ld contexts and policies for tractus-x. However, they will have to be namespaced to a particular dataspace (eg catena x). And we plan to represent that as profiles.

[FaGru3n]

Yes because it'll contain resources such as verifiable credentials, json-led contexts and policies for tractus-x. However, they will have to be namespaced to a particular dataspace (eg catena x). And we plan to represent that as profiles.

seems legit, but to prevent missunderstanding with our fork naming patterns within catena-x i guess prefix "tx-" should be improved

[paullatzelsperger]

seems legit, but to prevent missunderstanding with our fork naming patterns within catena-x i guess prefix "tx-" should be improved

calling it just "profiles" seems a bit too generic. where can I find those fork naming patterns?

[FaGru3n]

seems legit, but to prevent missunderstanding with our fork naming patterns within catena-x i guess prefix "tx-" should be improved

calling it just "profiles" seems a bit too generic. where can I find those fork naming patterns?

https://github.com/catenax-ng?q=tx-&type=all&language=&sort=
and some internal system team instruction https://catenax-ng.github.io/docs/internal/how-to-setup-forked-repo

[paullatzelsperger]

seems legit, but to prevent missunderstanding with our fork naming patterns within catena-x i guess prefix "tx-" should be improved

calling it just "profiles" seems a bit too generic. where can I find those fork naming patterns?

https://github.com/catenax-ng?q=tx-&type=all&language=&sort= and some internal system team instruction https://catenax-ng.github.io/docs/internal/how-to-setup-forked-repo

I honestly don't know how it would be possible for anyone to confuse an upstream repo with a fork, and I don't see how (formally) the catenax-ng repo has any influence on tractusx. but
ok, then "tractusx-profiles" will be better.

[FaGru3n]

seems legit, but to prevent missunderstanding with our fork naming patterns within catena-x i guess prefix "tx-" should be improved

calling it just "profiles" seems a bit too generic. where can I find those fork naming patterns?

https://github.com/catenax-ng?q=tx-&type=all&language=&sort= and some internal system team instruction https://catenax-ng.github.io/docs/internal/how-to-setup-forked-repo

I honestly don't know how it would be possible for anyone to confuse an upstream repo with a fork, and I don't see how (formally) the catenax-ng repo has any influence on tractusx. but ok, then "tractusx-profiles" will be better.

where also my suggestions:

• tractusx-profiles
• profiles-tractus-x
• tractusx-profile-manager
• tractusx-profilehub

[github-actions]

Diff for 5840580:

Printing local diff:

Actions are indicated with the following symbols:
+   create
!   modify
!   forced update
-   delete

Organization eclipse-tractusx[id=eclipse-tractusx]
  there have been 41 validation infos, enable verbose output with '-v' to to display them.

+   add repository[name="tractusx-profiles"] {
+     allow_auto_merge                                         = false
+     allow_forking                                            = true
+     allow_merge_commit                                       = true
+     allow_rebase_merge                                       = true
+     allow_squash_merge                                       = true
+     allow_update_branch                                      = false
+     archived                                                 = false
+     default_branch                                           = "main"
+     delete_branch_on_merge                                   = false
+     dependabot_alerts_enabled                                = true
+     dependabot_security_updates_enabled                      = false
+     description                                              = null
+     gh_pages_build_type                                      = "legacy"
+     gh_pages_source_branch                                   = "gh-pages"
+     gh_pages_source_path                                     = "/"
+     has_discussions                                          = true
+     has_issues                                               = true
+     has_projects                                             = true
+     has_wiki                                                 = true
+     homepage                                                 = null
+     is_template                                              = false
+     merge_commit_message                                     = "PR_TITLE"
+     merge_commit_title                                       = "MERGE_MESSAGE"
+     name                                                     = "tractusx-profiles"
+     private                                                  = false
+     secret_scanning                                          = "enabled"
+     secret_scanning_push_protection                          = "enabled"
+     squash_merge_commit_message                              = "COMMIT_MESSAGES"
+     squash_merge_commit_title                                = "COMMIT_OR_PR_TITLE"
+     template_repository                                      = null
+     topics                                                   = []
+     web_commit_signoff_required                              = false
+   }

+   add repo_workflow_settings[repository="tractusx-profiles"] {
+     actions_can_approve_pull_request_reviews                 = true
+     default_workflow_permissions                             = "read"
+     enabled                                                  = true
+   }

+   add environment[name="github-pages", repository="tractusx-profiles"] {
+     branch_policies                                          = [
+       "gh-pages"
+     ],
+     deployment_branch_policy                                 = "selected"
+     name                                                     = "github-pages"
+     reviewers                                                = []
+     wait_timer                                               = "0"
+   }
  
  Plan: 3 to add, 0 to change, 0 to delete.

Canonical Diff for 5840580:

Showing canonical diff:

Organization eclipse-tractusx[id=eclipse-tractusx]

[FaGru3n]

LGTM

[netomi]

changes are live.

[Siegfriedk]

@netomi pls aks for project lead verification for repository creation