Re: Final RFC: CNCF Sandbox

alexis richardson


I think the right way to reflect our governance values is in the
Graduation criteria and Incubation criteria. Therefore the Sandbox
doc could add a statement of the form "The CNCF will help projects
adopt good principles of governance in preparation for future
Incubation, if the project leads so desire".


On Mon, Feb 26, 2018 at 5:00 PM, Chris Aniszczyk
<caniszczyk@...> wrote:
Thanks for your feedback here Stephen, a big tenant of CNCF has always been
that projects are self governing and can bring their own governance as long
as it's transparent + fair (we call this minimum viable governance):

Over time (especially these days), I find that successful projects evolve
towards more open governance (we've even had this happen in CNCF with
containerd moving from bdfl to committee model) due to community/adopter

I'll look at seeing how I can codify your point in the sandbox proposal that
open governance is important and the earlier the better. I'm looking to
finalize the proposal the next day or so before calling for a vote.


On Wed, Feb 21, 2018 at 5:48 AM, Stephen Watt <swatt@...> wrote:

Thanks Chris. Firstly, I think the way the sandbox doc is articulated in
the doc is great. However, I imagine sandbox projects should be aware of the
TLP graduation criteria and trying to steer their ship towards those goals,
and as such, it prompted a broader meta question that I thought might be
better suited to the TOC list, rather than a comment on the doc.

When I look at the graduation criteria from Sandbox -> Incubation ->
Graduated, I see in the criteria for "graduated" that one needs to have
committers from at least 2 organizations. This hints at a desire for CNCF
projects to have some measure of open governance but stops short of calling
it out directly. Why not do so?

I believe I've heard it stated by the TOC before that you don't want to
preclude healthy important projects where the vast majority of committers
happen to be from one organization. I agree. However, I don't think that is
at odds with an open governance model. For example, you could have an open
governance model where it just so happened to be, that the participation in
the project is all from a single company, however, because of the governance
model, should contributors join later from other companies, they would have
a path to equal influence in the project decision making and contributions
being committed.

Why am I bringing this up? An ounce of prevention is worth a pound of
cure. I believe the advantage of calling open gov out explicitly in the
graduation criteria helps avoid a future scenario where a CNCF project is
governed by a cabal largely dominated by one company, that has a token
committer from outside, that actively or passively ignores contributions
from the community (the incentives can differ from project to project). I
suspect you have come across github projects with open source licenses that
behave this way. Projects like this are bad for the project's and
foundation's brand. The ASF had to deal with this issue a number of times
with popular projects in their Big Data stack. It was painful, but they were
able to deal with it because they are prescriptive about how ASF projects
are to be governed. I realize this can be a slippery slope because the next
step would be to become prescriptive about what type(s) of open governance
model CNCF projects would deem acceptable. However, perhaps something worth
anticipating and discussing.

Steve Watt

On Tue, Feb 20, 2018 at 12:06 PM, Chris Aniszczyk
<caniszczyk@...> wrote:

At today's TOC call there was consensus on the CNCF Sandbox proposal is
close to being ready for a formal vote. We will leave the document open for
any community comments for a week and do a formal vote next week:

After the vote and assuming the sandbox is approved, we will resume
voting on new project proposals (existing inception proposals will be
slotted for the sandbox).


Chris Aniszczyk (@cra) | +1-512-961-6719

Chris Aniszczyk (@cra) | +1-512-961-6719

Join to automatically receive all group messages.