drop storage migrator registry

groups/restrictions.yaml

@@ -20,7 +20,6 @@ restrictions:
       - "^[email protected]$"
   - path: "sig-api-machinery/groups.yaml"
     allowedGroups:
-      - "^[email protected]$"
       - "^[email protected]$"
       - "^[email protected]$"
       - "^[email protected]$"

groups/sig-api-machinery/groups.yaml

@@ -1,138 +1,125 @@
 groups:
-
   #
   # Mailing lists
   #
   # Each group here represents a mailing list for the SIG or its subprojects,
   # and is not intended to govern access to infrastructure
   #
 
-- email-id: [email protected]
-  name: sig-api-machinery-leads
-  description: |-
-    SIG api-machinery leads
-  owners:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-  settings:
-    AllowWebPosting: "true"
-    ReconcileMembers: "true"
-    WhoCanPostMessage: "ANYONE_CAN_POST"
-    WhoCanViewGroup: "ALL_MEMBERS_CAN_VIEW"
+  - email-id: [email protected]
+    name: sig-api-machinery-leads
+    description: |-
+      SIG api-machinery leads
+    owners:
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+    settings:
+      AllowWebPosting: "true"
+      ReconcileMembers: "true"
+      WhoCanPostMessage: "ANYONE_CAN_POST"
+      WhoCanViewGroup: "ALL_MEMBERS_CAN_VIEW"
 
-- email-id: [email protected]
-  name: sig-api-machinery
-  description: |-
-    SIG api-machinery general discussion group, for future migration from old googlegroups
-  owners:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-    - [email protected]
-  settings:
-    WhoCanJoin: "ANYONE_CAN_JOIN"
-    WhoCanViewGroup: "ANYONE_CAN_VIEW"
-    WhoCanDiscoverGroup: "ANYONE_CAN_DISCOVER"
-    WhoCanPostMessage: "ANYONE_CAN_POST"
-    MessageModerationLevel: "MODERATE_NON_MEMBERS"
-    WhoCanViewMembership: "ALL_MANAGERS_CAN_VIEW"
-    WhoCanModerateMembers: "OWNERS_AND_MANAGERS"
-    WhoCanModerateContent: "OWNERS_AND_MANAGERS"
-    MembersCanPostAsTheGroup: "false"
-    ReconcileMembers: "false"
+  - email-id: [email protected]
+    name: sig-api-machinery
+    description: |-
+      SIG api-machinery general discussion group, for future migration from old googlegroups
+    owners:
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+    settings:
+      WhoCanJoin: "ANYONE_CAN_JOIN"
+      WhoCanViewGroup: "ANYONE_CAN_VIEW"
+      WhoCanDiscoverGroup: "ANYONE_CAN_DISCOVER"
+      WhoCanPostMessage: "ANYONE_CAN_POST"
+      MessageModerationLevel: "MODERATE_NON_MEMBERS"
+      WhoCanViewMembership: "ALL_MANAGERS_CAN_VIEW"
+      WhoCanModerateMembers: "OWNERS_AND_MANAGERS"
+      WhoCanModerateContent: "OWNERS_AND_MANAGERS"
+      MembersCanPostAsTheGroup: "false"
+      ReconcileMembers: "false"
 
-- email-id: [email protected]
-  name: sig-api-machinery-cel-dev
-  description: |-
-    Discussion of SIG api-machinery CEL based features
-  settings:
+  - email-id: [email protected]
+    name: sig-api-machinery-cel-dev
+    description: |-
+      Discussion of SIG api-machinery CEL based features
+    settings:
       WhoCanPostMessage: "ANYONE_CAN_POST"
       ReconcileMembers: "true"
-  owners:
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-  members:
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-     - [email protected]
-
-  #
-  # k8s-staging write access for SIG-owned subprojects
-  #
-  # Each group here represents privileged access to a staging project,
-  # allowing the members to directly write to GCS and GCR within the
-  # project, as well as trigger Cloud Build within the project. Ideally
-  # this level access is used solely for troubleshooting purposes.
-  #
-  # Membership should correspond roughly to subproject owners for the set of
-  # subproject artifacts being stored in a given staging project
-  #
-
-- email-id: [email protected]
-  name: k8s-infra-staging-storage-migrator
-  description: |-
-    ACL for kube-storage-version-migrator
-  settings:
-    ReconcileMembers: "true"
-  members:
-  - [email protected]
-  - [email protected]
+    owners:
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+    members:
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
+      - [email protected]
 
-- email-id: [email protected]
-  name: k8s-infra-staging-kubebuilder
-  description: |-
-    ACL for pushing kubebuilder artifacts
-  settings:
-    ReconcileMembers: "true"
-  members:
-    - [email protected]
-    - [email protected]
-    - [email protected]
-
-  #
-  # k8s-infra gcs write access
-  #
-  # TODO: where is the bucket? is this prod or staging?
-  #
-  # Each group here governs access to one GCS bucket. Ideally this level of
-  # access is used solely for troubleshooting purposes.
-  #
-  # Membership should correspond roughly to subproject owners for the set of
-  # subproject artifacts being stored in the GCS bucket
-  #
+    #
+    # k8s-staging write access for SIG-owned subprojects
+    #
+    # Each group here represents privileged access to a staging project,
+    # allowing the members to directly write to GCS and GCR within the
+    # project, as well as trigger Cloud Build within the project. Ideally
+    # this level access is used solely for troubleshooting purposes.
+    #
+    # Membership should correspond roughly to subproject owners for the set of
+    # subproject artifacts being stored in a given staging project
+    #
 
+  - email-id: [email protected]
+    name: k8s-infra-staging-kubebuilder
+    description: |-
+      ACL for pushing kubebuilder artifacts
+    settings:
+      ReconcileMembers: "true"
+    members:
+      - [email protected]
+      - [email protected]
+      - [email protected]
 
-  # k8s-infra owners for sig-owned subprojects
-  #
-  # Each group here represents highly privileged access to kubernetes project
-  # infrastructure owned or managed by this SIG. A high level of trust is
-  # required for membership in these groups.
-  #
+    #
+    # k8s-infra gcs write access
+    #
+    # TODO: where is the bucket? is this prod or staging?
+    #
+    # Each group here governs access to one GCS bucket. Ideally this level of
+    # access is used solely for troubleshooting purposes.
+    #
+    # Membership should correspond roughly to subproject owners for the set of
+    # subproject artifacts being stored in the GCS bucket
+    #
 
+    # k8s-infra owners for sig-owned subprojects
+    #
+    # Each group here represents highly privileged access to kubernetes project
+    # infrastructure owned or managed by this SIG. A high level of trust is
+    # required for membership in these groups.
+    #
 
-  # RBAC groups:
-  # - grant access to the `namespace-user` role for a single namespace on the `aaa` cluster
-  # - must have WhoCanViewMemberShip: "ALL_MEMBERS_CAN_VIEW"
-  # - must be members of [email protected]
+    # RBAC groups:
+    # - grant access to the `namespace-user` role for a single namespace on the `aaa` cluster
+    # - must have WhoCanViewMemberShip: "ALL_MEMBERS_CAN_VIEW"
+    # - must be members of [email protected]