This is a blog post about Derek, our project maintainer and community manager bot for OpenFaaS. As the project grew I quickly needed a way to delegate fine-grained permissions to new contributors and community members. Unfortunately GitHub only has two modes for user accounts "write access" or "no access". Derek solves that problem by delegating fine-grained OAuth permissions to whomever we choose through GitHub comments.
Pictured: Derek in action on the main OpenFaaS GitHub repository
5 facts about Derek
- He's written in Go, is a Serverless Function and fully open-source - so PRs are welcome
- He's registered as a GitHub App which means he can be installed on any repo with one click. You can configure features and maintainers via a .DEREK.yml file
- Derek is secure - he is triggered through webhooks sent via GitHub which are verified by TLS and HMAC
- He makes it easy to follow formal processes such as when a sign-off is required on all commits for the Developer Certificate of Origin (DCO)
- He's hosted by the OpenFaaS project meaning anyone can make use of him on their project or run their own bot
You can also host Derek on your own OpenFaaS instance by following the OpenFaaS setup guide.
Star or fork Derek on GitHub.
I recorded a short video overview of how Derek works, why he needs to exist and how he's been helping Docker's moby project and the OpenFaaS project too. Puppet and Zappa have also expressed an interest in using Derek to help them triage issues with automatic labels.
If you're an active maintainer or contributor on the OpenFaaS or Moby project then please send a Pull Request to our respective .DEREK.yml files to add yourself. If you'd like to try Derek out on your own GitHub project or organisation then please mail firstname.lastname@example.org
- Star or fork Derek on GitHub.
Don't miss out on future blog posts - follow me on Twitter @alexellisuk for more.