Re: security & CNCF projects

Home Messages Hashtags Subgroups

#5665

Re: security & CNCF projects

Shubhra Kar #5665 Essentially we want them to create LFIDs to grant access. Shubhra toggle quoted message Show quoted text On Tue, Feb 16, 2021, 10:05 AM Vasu Naidu <vnaidu@...> wrote: Thanks Stephen. We have granted access to given access to stefan@.... We are unable to find accounts for hidde@... and michael@... . Regards, Vasu From: Stephen Augustus <hey@...> Date: Tuesday, February 16, 2021 at 9:52 AM To: Shubhra Kar <skar@...> Cc: Alexis Richardson <alexis@...>, Vasu Naidu <vnaidu@...>, St Leger, Jim <jim.st.leger@...>, Chris Aniszczyk <caniszczyk@...>, Pranab Bajpai (pbajpai@...) <pbajpai@...>, Alexis Richardson via cncf-toc <cncf-toc@...> Subject: Re: [cncf-toc] security & CNCF projects As I understand it, https://maintainers.cncf.io/ holds the aggregate maintainers for CNCF project. For flux, specifically: https://github.com/fluxcd/flux/blob/master/MAINTAINERS -- Stephen On Tue, Feb 16, 2021 at 12:46 PM Shubhra Kar <skar@...> wrote: I would suggest we add access for all the maintainers of the project and anyone on the governance committees (example TSCs). Do you maintain a maintainers.md file or better for us to just scan the repos and find the contributors ? Kind Regards, Shubhra Kar CTO and GM of Products and IT tweet: @shubhrakar On Tue, Feb 16, 2021 at 9:10 AM Alexis Richardson <alexis@...> wrote: thanks, how do I share these with the flux maintainers and community On Tue, Feb 16, 2021 at 4:59 PM Vasu Naidu <vnaidu@...> wrote: Hi Alexis, You should have access to the security reports of the flux project. Please let me know if you have any questions. https://security.lfx.linuxfoundation.org/#/a0941000002wBz4AAE/foundation-details Regards, Vasu From: St Leger, Jim <jim.st.leger@...> Date: Tuesday, February 16, 2021 at 7:06 AM To: Chris Aniszczyk <caniszczyk@...>, alexis richardson <alexis@...>, Pranab Bajpai (pbajpai@...) <pbajpai@...>, Vasu Naidu (vnaidu@...) <vnaidu@...> Cc: Alexis Richardson via cncf-toc <cncf-toc@...> Subject: RE: [cncf-toc] security & CNCF projects + Pranab and Vasu (product/eng leads on LFX I believe.) Jim From: cncf-toc@... <cncf-toc@...> On Behalf Of Chris Aniszczyk Sent: Tuesday, February 16, 2021 7:13 AM To: alexis richardson <alexis@...> Cc: Alexis Richardson via cncf-toc <cncf-toc@...> Subject: Re: [cncf-toc] security & CNCF projects I'll follow up Alexis on the ticket but it's just white labeled https://snyk.io If you are already using, say Snyk via github action (https://github.com/snyk/actions/tree/master/golang) you won't see anything new (which is available for open source projects). On Tue, Feb 16, 2021 at 3:54 AM alexis richardson <alexis@...> wrote: Hi all Has anyone looked at this? https://security.lfx.linuxfoundation.org/#/ How do we see project data? I wanted to take a look at flux. I had to create a login. Then, I had to "request" a view, which turned out to mean filing a JIRA ticket. Since then, tumbleweed. Can we have something more open & useful please? a -- Chris Aniszczyk (@cra)
More All Messages By This Member

View All 26 Messages In Topic

#5665

Join cncf-toc@lists.cncf.io to automatically receive all group messages.

Home Hashtags Subgroups Terms