"Projects struggling to get maintainers when the owning entity is unwilling to give up control to the community" This mostly does not happen. Although due to some bad actors, it can. Mostly projects

What would the mechanism used to be sure that a “plan” for a community controlled roadmap becomes a reality? At present, holding graduation as the milestone for that is, imho, one of the most

I wish to note that it was @cra's idea. I just wrote about it and then talked about it a lot.

Thanks everyone who came to the TOC call today - with extra thanks to Alexis for initiating the idea in the first place. I've tried to capture the key points: Problem statement summary: projects that

This is great! Here's another solid resource that we put together last year that covers the "openness of projects" along with some criteria to look at. -- Chris Aniszczyk (@cra) | +1-512-961-6719

Since we have been talking governance, I just noticed a new catalog of FOSS Governance documents launched. It's at https://fossgovernance.org/. It has pointers to many governance docs on many open

Working in synchronicity from the authentication problem space adjacent to authorization, it has been fascinating to watch OPA evolve and grow in both adoption and maturity. In every SPIFFE and SPIRE

Hi all, We'll be meeting tomorrow at 8am Pacific, discussing graduation requirements around maintainer diversity. Presentation:

Something something "doomed to reinvent lisp"... +1, nb

+1 NB Agree with Gareth that there is no silver bullet here. Just like programming languages there are preferences and different needs and no one size fits all solution. That being said, I

Congratulations, Emily!

Emily Fox for SIG Security Chair: https://lists.cncf.io/g/cncf-toc/message/5303 +1 Binding 7/10 Justin Cormack: https://lists.cncf.io/g/cncf-toc/message/5312 Michelle Noorali:

+1 NB I am a maintainer of Kyverno (https://github.com/nirmata/kyverno/blob/master/README.md), which as mentioned above is an alternative to OPA/Gatekeeper. We believe that policies are essential to

+1 NB I'm biased here, as one of the maintainers of the Conftest project which is now part of OPA. I wanted to address the point above about Rego. I'm an unashamed DSL nerd. I was a user and

-1 NB The community around this project is great and there is a consensus on problem space. Having the benefit of solving and working with customers on Kubernetes security compliance and

We're starting the nomination process for our ambassador, committer and community awards. CNCF Top Ambassador: A champion for the cloud native space, this individual helps spread awareness of the

+1

+1 binding Thank you for volunteering!

+1 binding Exciting times!

We discussed this in the SIG Architecture meeting today. While generally workload controllers are within scope of the Kubernetes project, it is up to SIG Apps to decide if they are willing to take