So one issue that came up with this solution is that we want the role to apply for all team members which should include team maintainers as well. Adding

relation member: github/user | github/team#member

only covers the team members but not the team maintainers, who should also be considered members. The way we’ve been working with team membership as being inclusive of members and maintainers is with a permission on the team object which is

permission membership = maintainer + member

. I realize we could grant the role to the team maintainers in addition to the members via

github/role:repo_manager#member@github/team:team_fgp#maintainer

, but that doesn’t feel quite right. I’m wondering if there is a way we can adjust the team

member

relation to include the

maintainer

relation for the same team and get this to work. I added an assertion to our playground for a team maintainer which is currently failing to illustrate this https://play.authzed.com/s/op7kPxacSaMU