Thanks for putting this together! I have a few questions and comments on the proposal. Questions: 1. Does every existing CNCF project need to be assigned to a SIG? 2. Does every candidate project

Right. Operator is a concept, better to be put in the Area column. Operator framework is a generic framework project, which can be a potential project in the generic app dev, ops, testing SIG. For

Quinton et al, I was just thinking of "Operators" as a generic term much like "PaaS" is on App Dev, Ops & Testing SIG areas list rather than specifically calling out Operator Framework. Diane --

Here's our annual report for last year: https://www.cncf.io/cncf-annual-report-2018/ Tweet away: https://twitter.com/CloudNativeFdn/status/1092544807900110848 We'll discuss it briefly on tomorrow's

Here's the agenda and deck for tomorrow: - Congrats CoreDNS on CNCF Graduation! - FYI: CNCF Annual Report - TOC Election 2019 Results! - CNCF TOC Seat opens March 2019:

Yes, although I think that operators themselves will probably also be discussed in most of the SIG’s, as they’re a general-purpose automation mechanism, and may be applied anywhere. So

Quinton et al, Would it be acceptable to add"Operators" to list of areas covered in the App Dev, Ops & Testing - "Area" column? As we get asked a lot which Kubernetes SIG this topic falls into. I know

Agreed that this should likely be left up to the chartering process, but Oversight to me says “management”. So something like a steering committee or advisory board, not necessary related to

For what it’s worth, I poked around in some dictionaries and thesauri, and am now even more convinced that you’re all right and Governance is not the best term. Succinct alternatives seem fairly

I fully expect some of the SIG names to be wordsmithed by the TOC Liaison, Chairs and other interested parties of that SIG during the chartering process, where the more detailed scope of the SIG will

"Security and Compliance" is a good name. I would not limit it just to "Security". Rapidly evolving cloud environments do require governance, and there is a broad range of policies that need to be

+1 to Security & Compliance over Governance (Which will get abbreviated to SecComp and then everyone will think there’s a SIG on seccomp profiles. :)

Sure - regulations are what folks have to be in compliance with. So long as the SIG doesn't start writing more regulations :-) -- Liz Rice @lizrice | lizrice.com | +44 (0) 780 126 1145

RegSec?

+1 that "Governance" isn't a great name for this security-related SIG. I'd suggest "Security and Compliance". In many cases end users are concerned not just with security but also with associated

CNCF plans on participating in Summer of Code again this year: https://github.com/cncf/soc#project-ideas If you're a CNCF project/mentor interested in participating, please submit a project idea with

I agree with Sarah, and this is where most people missunderstand policy - they think of it in terms of governance instead of a set of rules which provides constraints for a cluster. Could we change it

+1.

Quinton has done all the "final" edits, and the team of volunteers (Erin, Matt, Alex & some others) got the doc into an editable state. THANK-YOU! a

Overall the doc looks great -- thanks Alexis for your editorial work and Quinton for moving this forward! One small point on naming of a specific SIG: Governance security, authentication,