|
Re: FYI: Fuzzing for CNCF Projects
Katie Gamanji
That's a very insightful report! Would be great to see more CNCF projects using fuzzing integration to simplify vulnerability scanning and bug fixing.
On Mon, Jan 4, 2021 at 10:04 PM Lorenzo Fontana <fontanalorenz@...> wrote:
|
|
|
|
Re: SIG-Security Tech Lead nominations
+1 NB Thank you Ashutosh Narkar, Aradhana Chetal and Andres Vega for all the hard work advancing SIG-Security. Dan Shaw Cor.dev - Solving Solved Problems 💗
On Thu, Dec 17, 2020 at 5:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:
|
|
|
|
Re: SIG-Security Tech Lead nominations
Katie Gamanji
+1 NB Katie Gamanji
|
|
|
|
Re: Public comment period for Ambassador
Matt Klein
> I object to the name "Ingress Controller for Envoy Proxy” as that also describes Contour. This will create confusion and will be easily misread as "THE Ingress Controller for Envoy Proxy" and will violate the "no kingmakers" value of the TOC. I agree and I raised a similar concern at some point but I don't remember the outcome here. @Daniel Bryant?
On Wed, Jan 6, 2021 at 10:48 AM Joe Beda <joe@...> wrote:
|
|
|
|
Re: Public comment period for Ambassador
Joe Beda
What is the new name? The name "ambassador" is all over the docs and I'd expect to see this reframed around the new name. I object to the name "Ingress Controller for Envoy Proxy” as that also describes Contour. This will create confusion and will be easily misread as "THE Ingress Controller for Envoy Proxy" and will violate the "no kingmakers" value of the TOC. Joe
On Wed, Jan 6, 2021 at 9:12 AM Matt Klein <mattklein123@...> wrote:
|
|
|
|
Public comment period for Ambassador
Matt Klein
All, Ambassador is applying for incubation status:
DD has been reviewed by myself and SIG Network and we are supportive. We are now calling for the 2 week public comment period prior to the vote. Thanks, Matt
|
|
|
|
Re: SIG-Security Tech Lead nominations
Alena Prokharchyk
+1 binding
toggle quoted messageShow quoted text
-alena.
|
|
|
|
Re: [EXTERNAL] Re: [cncf-toc] SIG-Security Tech Lead nominations
Brendan Burns
+1, binding
--brendan
From: cncf-toc@... <cncf-toc@...> on behalf of Dave Zolotusky via lists.cncf.io <dzolo=spotify.com@...>
Sent: Wednesday, January 6, 2021 6:55:44 AM To: John Hillegass <hillegassdev@...> Cc: CNCF TOC <cncf-toc@...>; Liz Rice <liz@...> Subject: [EXTERNAL] Re: [cncf-toc] SIG-Security Tech Lead nominations +1 binding
On Wed, Jan 6, 2021 at 2:34 PM John Hillegass <hillegassdev@...> wrote:
~Dave
|
|
|
|
Re: SIG-Security Tech Lead nominations
+1 binding
On Wed, Jan 6, 2021 at 2:34 PM John Hillegass <hillegassdev@...> wrote:
--
~Dave
|
|
|
|
Re: SIG-Security Tech Lead nominations
John Hillegass
+1 NB
On Jan 6, 2021, 4:35 AM -0500, Liz Rice <liz@...>, wrote:
|
|
|
|
SIG-Security Tech Lead nominations
Liz Rice
Bumping this vote, as it would be great to get the new SIG Security leads in place if others on the TOC are comfortable with these nominees ---------- Forwarded message --------- From: Justin Cormack via lists.cncf.io <justin.cormack=docker.com@...> Date: Fri, Dec 18, 2020 at 5:01 PM Subject: Re: [cncf-toc] SIG-Security Tech Lead nominations To: Jeyappragash Jeyakeerthi <jj@...> Cc: CNCF TOC <cncf-toc@...> +1 binding Justin
On Fri, Dec 18, 2020 at 1:43 AM Jeyappragash Jeyakeerthi <jj@...> wrote:
|
|
|
|
[TOC] Nominations Open through 12pm PT, January 11, 2021
Just a reminder about upcoming TOC elections for the GB and end user seats! Feel free to petition your GB and end user member representatives! ---------- Forwarded message --------- From: Amye Scavarda Perrin <ascavarda@...> Date: Mon, Dec 14, 2020 at 2:02 PM Subject: [cncf-toc] [TOC] Nominations Open through 12pm PT, January 11, 2021 To: CNCF TOC <cncf-toc@...> 5 seats are open for nomination by the GB and End User Community.
Nominations are open for the two Selecting Groups. We will be publishing the list of qualified nominees at the end of the qualification process. Timeline: December 14: Nominations open – 12 PM PT January 11: Nominations close - 12 PM PT Jan 11: Qualification period opens Jan 25: Qualification period closes Jan 25: Election opens, Voting occurs by a time-limited Condorcet-IRV ranking in CIVS Feb 1: Election closes at 12pm Pacific, results announced Amye Scavarda Perrin | Program Manager | amye@... Chris Aniszczyk (@cra)
|
|
|
|
Re: FYI: Fuzzing for CNCF Projects
Lorenzo Fontana
Thanks for sharing, this is a very useful initiative Chris. I’ve been thinking about doing a proposal for the Falco project to adopt syzcaller[0] to perform continuous fuzzing of the inputs/language parser. I’ll bring up this topic at the next Falco community call to see what other maintainers think. Thanks again for sharing! Lore
On Mon, 4 Jan 2021 at 22:31 Chris Aniszczyk <caniszczyk@...> wrote:
|
|
|
|
FYI: Fuzzing for CNCF Projects
Hey TOC and the wider community, some of our projects have taken advantage of fuzzing (through oss-fuzz and other tools), also we recently funded some fuzzing/audit work for fluentbit to see the impact and usefulness: https://github.com/fluent/fluent-bit/pull/2853 I've attached a report as an output which contains all the issues found/resolved. If your project is interested in this type of work, let us know via a servicedesk request (https://github.com/cncf/servicedesk), we found it fairly useful on top of normal security audits. Chris Aniszczyk (@cra)
|
|
|
|
Agenda for 1/5
Amye Scavarda Perrin
Hi all, We'll be meeting tomorrow at 8am Pacific. Agenda: https://docs.google.com/document/d/1jpoKT12jf2jTf-2EJSAl4iTdA7Aoj_uiI19qIaECNFc/edit Presentation: https://docs.google.com/presentation/d/114InXWp_s3f5gS5AFTQ5yBk0TRC03BdNU31hQCnTZOI/edit#slide=id.g25ca91f87f_0_0
|
|
|
|
FYI: CNCF Annual Report 2020!
Hey all, hope everyone is having a great 2021! At the end of last year, we posted the CNCF annual report covering what we accomplished in 2020: https://www.cncf.io/blog/2020/12/29/2020-cncf-annual-report/ Please give it a read! The CNCF staff takes quite a bit of time putting this together every year and it's amazing how much was accomplished in a wild year! Chris Aniszczyk (@cra)
|
|
|
|
Re: SIG-Security Tech Lead nominations
Justin Cormack
+1 binding Justin
On Fri, Dec 18, 2020 at 1:43 AM Jeyappragash Jeyakeerthi <jj@...> wrote:
|
|
|
|
Re: SIG-Security Tech Lead nominations
Brandon Lum
+1 NB. I've had the chance to work with all of the nominees over various projects, issues and security assessments in the sig and they are all great candidates for tech leads!
On Fri, Dec 18, 2020, 10:58 AM Chase Pettet <chase.mp@...> wrote:
|
|
|
|
Re: SIG-Security Tech Lead nominations
Chase Pettet <chase.mp@...>
A robust NB+1. I only know Andres well (and he's the bomb diggity), but I'm grateful for all of these folks.
On Thu, Dec 17, 2020 at 7:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:
|
|
|
|
Re: SIG-Security Tech Lead nominations
Liz Rice
Super that we have these qualified and enthusiastic candidates! I’m happy to call this TOC vote, and give it my +1 for all three nominees Liz
On Fri, 18 Dec 2020 at 05:22, Andrés Vega <andresvega1@...> wrote: Whoa! It's quite an honor to receive this nomination. More so, the opportunity to serve the community alongside those who I consider its pillar.
|
|
|