doc: explicit perms not intended to replace code host perms sync (!24519) · Merge requests · Warren Gifford / sourcegraph

Warren Gifford requested to merge explicit-permissions-doc-update into main Sep 01, 2021

Created by: bobheadxi

@ggilmore and I were investigating alternatives for a customer and came across this note that explicit permissions API (RFC 40) is intended to replace the individual code host permissions sync.

However a subsequent RFC (RFC 114) notes that:

One of the initial motivations of RFC 40 was to push all future customers to use the new explicit permissions API. Unfortunately, we soon realized (after finished implementation) that if the customer was going to build a permissions syncing service between the code host and the Sourcegraph instance, they would face the exact same problems we had (i.e. rate-limiting, scaling, etc.), not to say it takes extra engineering effort for either them or us to maintain the syncing service.

It looks like the direction is that explicit permissions API is either complementary or just an alternative to the code hosts sync. This updates the doc to be a bit less alarming to folks setting up permissions syncing. Let me know if I've misunderstood here!

doc: explicit perms not intended to replace code host perms sync

Merge request reports