- getting people into the systems to work with their teams
- getting people to understand Tor culture
- getting people to know where to look for information
### Core Contributor Onboarding Process
1. Candidate gets nominated and approved (as described in the [membership document](https://gitweb.torproject.org/community/policies.git/tree/membership.txt)).
2. Membership secretary sends mail to new contributor with the following information:
. Organization's chart
3. Membership secretary or nominator creates a ticket in TPA's GitLab, PGP signed, to:
- Setup Email/LDAP access. LDAP coordinates access to a few services, mostly shell, and gitolite, but less and fewer services are connected to it, so we need to grant access to a lot of services when we add new users
4. Membership secretary sends a mail to tor-internal@ introducing the new contributor (after the email is created and tested). Instructions for tor-internal IRC are in intro email.
5. The membership secretary creates a ticket in TPA's Gitlab group requesting to create the following accounts as needed:
6. Person that nominated new contributor, onboard them. We should give the nominator a template for things to remember to tell them about (similar to the one we have in https://gitlab.torproject.org/tpo/team/-/wikis/OnBoardingAgendaTemplate) and a "how to talk with media" guide that comms team will write and policies at Tor.
## Offboarding process
### Priorities
What do we want out of this process?
- manage access to the systems that we work on
- give people the opportunity to keep collaborating in the Tor community
### Offboarding process for core contributors
1. They express to the membership audit secretary that they are not going to be a core contributor anymore.
2. Exit interview is sent (a list of questions replied to by email).
3. Return of swag or anything else of Tor's that they have
4. Membership secretary creates a ticket in tpo/web/tpo to remove contributor from the people page
5. Membership secretary creates a confidential ticket in TPA to remove permissions.
6. Remove from all private mailing lists, znc irc bouncer and aliases. Handle contributor's email.
7. Check if they are a security liaison (i.e. on the security@ list), and if so go through the removal process.
# The Tor Project's Employees
## Onboarding process
### Priorities
What do we want out of this process?
- getting people into the systems to work with their teams
- getting people to understand Tor culture
- getting people to know where to look for information
### TPI hiring procedure
This happens after we go through the recruiting process, and the
candidate has accepted a formal offer.
1. Candidate accepts the offer, in writing, from TPI (with the social contract, code of conduct, and employee handbook). HR sends the start date to the team the person will be working in.
2. Send a mail to the team lead + PM to tell them starting date for new employee.
4. HR sends mail to new employee with the following information:
* holidays calendar
* org chart
* harvest
* next steps
5. HR creates a ticket in TPA's gitlab, pgp signed, to:
* setup Email/LDAP access. LDAP coordinates accesses to a few services, mostly shell and gitolite, but less and less services are connected to it, so we need to grant access to a *lot* of services when we add new users
6. HR sends a mail to tor-internal@ introducing new employee (after email is created and tested). Instructions for tor-internal IRC is in intro email.
7. HR creates a ticket in TPA gitlab group requesting to create following accounts:
* BBB
* GitLab
* Nextcloud
* ... maybe more? see the [service list](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service)
8. New employee receives email from team lead to schedule a meeting with the team for onboarding.
9. New employee meets with the team with the [agenda template](https://gitlab.torproject.org/tpo/team/-/wikis/OnBoardingAgendaTemplate)
## Offboarding process
### Priorities
What do we want out of this process?
- manage access to the systems that we work on
- give people the opportunity to keep collaborating in the Tor community
- understand if there is anything that can be improved at TPI that may have affected their leaving (we try to get this info with the exit interview)
### Resigns or laid off
Offboarding process right now for Staff that resigns or are laid off:
1. Employee sends letter of resignation to HR and team lead.
2. Exit interview is sent (a list of questions replied by email).
3. Remove from benefits
4. Return of company property
5. Send a reminder to submit all expenses and finish the time sheet through the last day worked.
6. Remove from payroll
7. If person was not a core contributor, HR checks with employee if they will continue contributing to the project as a core volunteer and in which area. At this point forward, the person's tor-internal membership will be subject to the Community membership audit process.
8. If the person was a core contributor before becoming an employee or contractor and is terminated (fired), TPI and the Community Council will coordinate to decide whether the person should remain on tor-internal. (https://gitweb.torproject.org/community/policies.git/tree/membership.txt#n116) https://gitlab.torproject.org/tpo/team/-/wikis/Onboarding-Procedures#termination
9. If they are not core contributor or do not volunteer:
1. HR creates a ticket in tpo/web/tpo to remove employee from the people page
2. Team lead creates a confidential ticket in TPA to remove permissions.
3. Remove from all private mailing lists, znc irc bouncer and aliases.
4. Handle employee's email
10. If they will volunteer:
1. Team lead creates a ticket in TPA to remove permissions not associated with the area they will continue volunteering with.
2. Remove from tor-employees mailing lists.
3. Check if they are a security liaison (i.e. on the security@ list), and if so go through the removal process.
### Gets terminated (fired)
Offboarding process right now for Staff that gets terminated (fired):
1. Team lead creates a confidential ticket in TPA to schedule the permissions removal
2. Exit interview in person while TPA removes accesses, including mailing lists, znc irc bouncer and aliases
3. Remove from benefits
4. Return of company property
5. Send a reminder to submit all expenses and finish the time sheet through the last day worked.
6. Remove from payroll
7. HR creates a ticket in tpo/web/tpo to schedule employee removal from the people page.
8. Handle employee's email.
# What is missing?
a systematic process by which people get the accesses they need when they join, and it gets removed when they leave
in particular, we often seem to forget to remove people from the tor-internal mailing list, and forget to add people to LDAP. many tor-internal people also don't actually have "real" LDAP account (in the sense they lost access to their PGP key long ago, e.g. isabela) or they just don't have an LDAP account at all.
> Part of the problem with removing people from tor-internal is that there's no process for tracking people who say they want to stay involved and then don't, now that Damian doesn't do a membership audit anymore. This mostly applies to people who were part of the community before becoming an employee, there's no way to follow up on their participation, but because they had email and/or were on tor-internal beforehand.
The audit process for core members is not happening. We need to have a timeout after which someone is removed or at least checked for membership (?)
## TODO list
* TODO: core-only onboarding procedure?
* TODO: can we have buddies? mentors? whatever you call those, the person you ask questions when you're new and confused.
* TODO: emergency termination
* TODO: core-only offboarding procedure
* TODO: what happens with email: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32558 propose that we auto-reply with a bounce explaining the replacement email, to give agency to the sender, expiry 12 months, remove existing forwards older than 12 months
* TODO Need template for auditing services for removal/changes of accounts when offboarding https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service - maybe instead of a template, make some automation to parse the service.md list and ask the operator to act (or not) on each
* TODO: discussion on onboarding/offboarding procedures for core-only contributors. Send a msg to cecylia and Roger to be included in this discussion. (gaba)
## tickets
* user management procedures are poorly documented: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40129
* clarify what happens to email when we retire a user: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32558
- new person for tpa https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/new-person
- template for onboarding agendas: https://gitlab.torproject.org/tpo/team/-/wikis/OnBoardingAgendaTemplate
- notes from Ireland meeting https://gitlab.torproject.org/tpo/team/-/wikis/202209MeetingCoreContributors
[[_TOC_]]
# Core Contributors
## Onboarding process
### Priorities
What do we want out of this process?
- getting people into the systems to work with their teams
- getting people to understand Tor culture
- getting people to know where to look for information
### Core Contributor Onboarding Process
1. Candidate gets nominated and approved (as described in the [membership document](https://gitweb.torproject.org/community/policies.git/tree/membership.txt)).
2. Membership secretary sends mail to new contributor with the following information: . Organization's chart
3. Membership secretary or nominator creates a ticket in TPA's GitLab, PGP signed, to:
- Setup Email/LDAP access. LDAP coordinates access to a few services, mostly shell, and gitolite, but less and fewer services are connected to it, so we need to grant access to a lot of services when we add new users
4. Membership secretary sends a mail to tor-internal@ introducing the new contributor (after the email is created and tested). Instructions for tor-internal IRC are in intro email.
5. The membership secretary creates a ticket in TPA's Gitlab group requesting to create the following accounts as needed:
- BBB
- GitLab
- ... maybe more? see the service list
6. Person that nominated new contributor, onboard them. We should give the nominator a template for things to remember to tell them about (similar to the one we have in https://gitlab.torproject.org/tpo/team/-/wikis/OnBoardingAgendaTemplate) and a "how to talk with media" guide that comms team will write and policies at Tor.
## Offboarding process
### Priorities
What do we want out of this process?
- manage access to the systems that we work on
- give people the opportunity to keep collaborating in the Tor community
### Offboarding process for core contributors
1. They express to the membership audit secretary that they are not going to be a core contributor anymore.
2. Exit interview is sent (a list of questions replied to by email).
3. Return of swag or anything else of Tor's that they have
4. Membership secretary creates a ticket in tpo/web/tpo to remove contributor from the people page
5. Membership secretary creates a confidential ticket in TPA to remove permissions.
6. Remove from all private mailing lists, znc irc bouncer and aliases. Handle contributor's email.
7. Check if they are a security liaison (i.e. on the security@ list), and if so go through the removal process.
# The Tor Project's Employees
## Onboarding process
### Priorities
What do we want out of this process?
- getting people into the systems to work with their teams
- getting people to understand Tor culture
- getting people to know where to look for information
### TPI hiring procedure
This happens after we go through the recruiting process, and the candidate has accepted a formal offer.
1. Candidate accepts the offer, in writing, from TPI (with the social contract, code of conduct, and employee handbook). HR sends the start date to the team the person will be working in.
2. Send a mail to the team lead + PM to tell them starting date for new employee.
3. HR sends mail to new employee with the following information:
* holidays calendar
* org chart
* harvest
* next steps
4. HR creates a ticket in TPA's gitlab, pgp signed, to:
* setup Email/LDAP access. LDAP coordinates accesses to a few services, mostly shell and gitolite, but less and less services are connected to it, so we need to grant access to a _lot_ of services when we add new users
5. HR sends a mail to tor-internal@ introducing new employee (after email is created and tested). Instructions for tor-internal IRC is in intro email.
6. HR creates a ticket in TPA gitlab group requesting to create following accounts:
* BBB
* GitLab
* Nextcloud
* ... maybe more? see the [service list](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service)
7. New employee receives email from team lead to schedule a meeting with the team for onboarding.
8. New employee meets with the team with the [agenda template](https://gitlab.torproject.org/tpo/team/-/wikis/OnBoardingAgendaTemplate)
## Offboarding process
### Priorities
What do we want out of this process?
- manage access to the systems that we work on
- give people the opportunity to keep collaborating in the Tor community
- understand if there is anything that can be improved at TPI that may have affected their leaving (we try to get this info with the exit interview)
### Resigns or laid off
Offboarding process right now for Staff that resigns or are laid off:
1. Employee sends letter of resignation to HR and team lead.
2. Exit interview is sent (a list of questions replied by email).
3. Remove from benefits
4. Return of company property
5. Send a reminder to submit all expenses and finish the time sheet through the last day worked.
6. Remove from payroll
7. If person was not a core contributor, HR checks with employee if they will continue contributing to the project as a core volunteer and in which area. At this point forward, the person's tor-internal membership will be subject to the Community membership audit process.
8. If the person was a core contributor before becoming an employee or contractor and is terminated (fired), TPI and the Community Council will coordinate to decide whether the person should remain on tor-internal. (https://gitweb.torproject.org/community/policies.git/tree/membership.txt#n116) https://gitlab.torproject.org/tpo/team/-/wikis/Onboarding-Procedures#termination
9. If they are not core contributor or do not volunteer:
1. HR creates a ticket in tpo/web/tpo to remove employee from the people page
2. Team lead creates a confidential ticket in TPA to remove permissions.
3. Remove from all private mailing lists, znc irc bouncer and aliases.
4. Handle employee's email
10. If they will volunteer:
1. Team lead creates a ticket in TPA to remove permissions not associated with the area they will continue volunteering with.
2. Remove from tor-employees mailing lists.
3. Check if they are a security liaison (i.e. on the security@ list), and if so go through the removal process.
### Gets terminated (fired)
Offboarding process right now for Staff that gets terminated (fired):
1. Team lead creates a confidential ticket in TPA to schedule the permissions removal
2. Exit interview in person while TPA removes accesses, including mailing lists, znc irc bouncer and aliases
3. Remove from benefits
4. Return of company property
5. Send a reminder to submit all expenses and finish the time sheet through the last day worked.
6. Remove from payroll
7. HR creates a ticket in tpo/web/tpo to schedule employee removal from the people page.
8. Handle employee's email.
# What is missing?
a systematic process by which people get the accesses they need when they join, and it gets removed when they leave
in particular, we often seem to forget to remove people from the tor-internal mailing list, and forget to add people to LDAP. many tor-internal people also don't actually have "real" LDAP account (in the sense they lost access to their PGP key long ago, e.g. isabela) or they just don't have an LDAP account at all.
> Part of the problem with removing people from tor-internal is that there's no process for tracking people who say they want to stay involved and then don't, now that Damian doesn't do a membership audit anymore. This mostly applies to people who were part of the community before becoming an employee, there's no way to follow up on their participation, but because they had email and/or were on tor-internal beforehand.
The audit process for core members is not happening. We need to have a timeout after which someone is removed or at least checked for membership (?)
## TODO list
* TODO: core-only onboarding procedure?
* TODO: can we have buddies? mentors? whatever you call those, the person you ask questions when you're new and confused.
* TODO: emergency termination
* TODO: core-only offboarding procedure
* TODO: what happens with email: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32558 propose that we auto-reply with a bounce explaining the replacement email, to give agency to the sender, expiry 12 months, remove existing forwards older than 12 months
* TODO Need template for auditing services for removal/changes of accounts when offboarding https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service - maybe instead of a template, make some automation to parse the service.md list and ask the operator to act (or not) on each
* TODO: discussion on onboarding/offboarding procedures for core-only contributors. Send a msg to cecylia and Roger to be included in this discussion. (gaba)
## tickets
* user management procedures are poorly documented: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40129
* clarify what happens to email when we retire a user: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32558
