Date   

Re: [cncf-special-issues] Special issues process proposal

Matt Klein
 

Hi folks,

Ahead of our special issues meeting tomorrow morning, I have updated the document based on feedback I have received so far. PTAL.

Thanks,
Matt

On Sat, Feb 1, 2020 at 5:22 PM Lisbeth McNabb <lmcnabb@...> wrote:
Excellent Matt.  I will be able to provide input Feb 7 and ahead of our next working call on Feb 20th.


Warm Regards,

Lisbeth

Linux Foundation, CFO/COO
m:  214.632.6729
@lisbethmcnabb




On Fri, Jan 31, 2020 at 8:42 AM Matt Klein <mattklein123@...> wrote:
Hi TOC community,

As part of our working group on how to better handle project "special issues," I have put together a draft process document that I would love your feedback on:

This is part of the general work steam around improving the services that we provide to member projects (see also https://docs.google.com/document/d/1HLRFOCgSleHX5ZHu3PQRTAVQB-KNjxggZxc6CFLLQxQ/edit#heading=h.wb9r8ykfgpr1).

Looking forward to your feedback!

Thanks,
Matt


CNCF Governing Board Developer Seat Election Results

Taylor Waggoner
 

The election for the maintainer-selected developer seat on the CNCF Governing Board has ended, with Matt Klein winning the seat.

Congratulations to Matt and thank you to everyone who participated in the election. 

A big thank you to Brandon Philips for his two years of service as a developer representative on the Governing Board.

Taylor Waggoner
Sr. Operations Analyst  - Cloud Native Computing Foundation
Location & Time-zone: Portland, OR - PT
web: https://www.cncf.io/
email:  twaggoner@...


Re: SIG-Security Tech Lead nominations

Saad Ali
 

No objections from me. +1 on all three candidates. Thank you for volunteering!


On Tue, Feb 18, 2020 at 4:49 PM Sheng Liang <sheng@...> wrote:

+1

 

Sheng

 

From: <cncf-toc@...> on behalf of "Liz Rice via Lists.Cncf.Io" <liz=lizrice.com@...>
Reply-To: "liz@..." <liz@...>
Date: Tuesday, February 18, 2020 at 7:44 AM
To: Sarah Allen <sarah@...>
Cc: "cncf-toc@..." <cncf-toc@...>
Subject: Re: [cncf-toc] SIG-Security Tech Lead nominations

 

+1 from me for all three nominees

 

 

On Mon, 17 Feb 2020 at 02:02, Sarah Allen <sarah@...> wrote:

Dear Technical Oversight Committee,

 

In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.

 

“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections

 

See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.

 

Thank you!

Sarah Allen

SIG-Security Chair

 

———-

SIG-Security Tech Lead nominations:

 

Justin Cappos

  • SIG-Security highlights
    • Security Assessment Facilitator, Meeting Facilitator
    • Instrumental in bringing in assessment model to SIG-Security. In 2018, conducted SPIFFE/SPIRE audit as TOC contributor, presented to SAFE WG and proposed initial guidelines (Nov 2018) then with collaboratively on PR#140 (Jan - Apr 2019)
  • Professional affiliations: 

Emily Fox

  • SIG-Security highlights 
  • Professional affiliations:
    • DevOps Security Lead, NSA 

Brendan Lum

  • SIG-Security highlights
    • Triage team, Meeting Facilitator 
    • Security reviewer on both initial assessments (in-toto and OPA)
    • Security reviewer conflict of interest guidelines PR#247
    • Presented SIG-Security session China June 2019, San Diego Nov 2019
    • Organized in-person meetup DockerCon, May 2019 issue#151
  • Professional affiliations: 
    • IBM Research, container security
      • Technical Lead: Encrypted Container Images
      • Technical Advisor: Design and Architecture. Trusted Identity Project
      • Community manager/maintainer of runnc, runtime for Nabla Containers


Re: SIG-Security Tech Lead nominations

Sheng Liang <sheng@...>
 

+1

 

Sheng

 

From: <cncf-toc@...> on behalf of "Liz Rice via Lists.Cncf.Io" <liz=lizrice.com@...>
Reply-To: "liz@..." <liz@...>
Date: Tuesday, February 18, 2020 at 7:44 AM
To: Sarah Allen <sarah@...>
Cc: "cncf-toc@..." <cncf-toc@...>
Subject: Re: [cncf-toc] SIG-Security Tech Lead nominations

 

+1 from me for all three nominees

 

 

On Mon, 17 Feb 2020 at 02:02, Sarah Allen <sarah@...> wrote:

Dear Technical Oversight Committee,

 

In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.

 

“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections

 

See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.

 

Thank you!

Sarah Allen

SIG-Security Chair

 

———-

SIG-Security Tech Lead nominations:

 

Justin Cappos

  • SIG-Security highlights
    • Security Assessment Facilitator, Meeting Facilitator
    • Instrumental in bringing in assessment model to SIG-Security. In 2018, conducted SPIFFE/SPIRE audit as TOC contributor, presented to SAFE WG and proposed initial guidelines (Nov 2018) then with collaboratively on PR#140 (Jan - Apr 2019)
  • Professional affiliations: 

Emily Fox

  • SIG-Security highlights 
  • Professional affiliations:
    • DevOps Security Lead, NSA 

Brendan Lum

  • SIG-Security highlights
    • Triage team, Meeting Facilitator 
    • Security reviewer on both initial assessments (in-toto and OPA)
    • Security reviewer conflict of interest guidelines PR#247
    • Presented SIG-Security session China June 2019, San Diego Nov 2019
    • Organized in-person meetup DockerCon, May 2019 issue#151
  • Professional affiliations: 
    • IBM Research, container security
      • Technical Lead: Encrypted Container Images
      • Technical Advisor: Design and Architecture. Trusted Identity Project
      • Community manager/maintainer of runnc, runtime for Nabla Containers


Re: SIG-Security Tech Lead nominations

Zhipeng Huang
 

+1, great set of candidates

On Wed, Feb 19, 2020 at 12:43 AM Katie Gamanji <gamanjie@...> wrote:
+1 for all candidates



--
Zhipeng (Howard) Huang

Principle Engineer
OpenStack, Kubernetes, CNCF, LF Edge, ONNX, Kubeflow, OpenSDS, Open Service Broker API, OCP, Hyperledger, ETSI, SNIA, DMTF, W3C


Re: Apologies

Saad Ali
 

Ok, thanks!

On Tue, Feb 18, 2020 at 11:16 AM Li, Xiang <x.li@...> wrote:
No. It is cancelled. 

------------------------------------------------------------------
From:Saad Ali via Lists.Cncf.Io <saadali=google.com@...>
Sent At:2020 Feb. 18 (Tue.) 11:14
To:Justin Cormack <justin.cormack@...>
Cc:cncf-toc <cncf-toc@...>
Subject:Re: [cncf-toc] Apologies

Is there a meeting today? I didn't see anything on my calendar.

On Tue, Feb 18, 2020 at 5:31 AM Justin Cormack via Lists.Cncf.Io <justin.cormack=docker.com@...> wrote:
I will be on a flight during today’s meeting, apologies about that. 

Justin


Re: Apologies

Justin Cormack
 

No, I forgot we cancelled it and my phone had an old calendar entry!

On Tue, 18 Feb 2020 at 11:11, Saad Ali <saadali@...> wrote:
Is there a meeting today? I didn't see anything on my calendar.

On Tue, Feb 18, 2020 at 5:31 AM Justin Cormack via Lists.Cncf.Io <justin.cormack=docker.com@...> wrote:
I will be on a flight during today’s meeting, apologies about that. 

Justin


Re: Apologies

Li, Xiang
 

No. It is cancelled. 

------------------------------------------------------------------
From:Saad Ali via Lists.Cncf.Io <saadali=google.com@...>
Sent At:2020 Feb. 18 (Tue.) 11:14
To:Justin Cormack <justin.cormack@...>
Cc:cncf-toc <cncf-toc@...>
Subject:Re: [cncf-toc] Apologies

Is there a meeting today? I didn't see anything on my calendar.

On Tue, Feb 18, 2020 at 5:31 AM Justin Cormack via Lists.Cncf.Io <justin.cormack=docker.com@...> wrote:
I will be on a flight during today’s meeting, apologies about that. 

Justin


Re: Apologies

Saad Ali
 

Is there a meeting today? I didn't see anything on my calendar.

On Tue, Feb 18, 2020 at 5:31 AM Justin Cormack via Lists.Cncf.Io <justin.cormack=docker.com@...> wrote:
I will be on a flight during today’s meeting, apologies about that. 

Justin


Re: SIG-Security Tech Lead nominations

Katie Gamanji
 

+1 for all candidates


Re: SIG-Security Tech Lead nominations

Justin Cormack
 

+1 (+3?) from me too. 

Justin


On Tue, 18 Feb 2020 at 07:43, Liz Rice <liz@...> wrote:
+1 from me for all three nominees


On Mon, 17 Feb 2020 at 02:02, Sarah Allen <sarah@...> wrote:

Dear Technical Oversight Committee,


In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.


Thank you!

Sarah Allen

SIG-Security Chair


———-

SIG-Security Tech Lead nominations:


Justin Cappos

Emily Fox

Brendan Lum

  • SIG-Security highlights

    • Triage team, Meeting Facilitator 

    • Security reviewer on both initial assessments (in-toto and OPA)

    • Security reviewer conflict of interest guidelines PR#247

    • Presented SIG-Security session China June 2019, San Diego Nov 2019

    • Organized in-person meetup DockerCon, May 2019 issue#151

  • Professional affiliations: 

  • Github: @lumjjb

  • CNCF Projects: n/a

  • SIG-Security commits


Re: [EXTERNAL] [cncf-toc] SIG-Security Tech Lead nominations

Michelle Noorali
 

+1 to all of the nominees. Looks like a great group!

From: cncf-toc@... <cncf-toc@...> on behalf of Sarah Allen via Lists.Cncf.Io <sarah=ultrasaurus.com@...>
Sent: Sunday, February 16, 2020 9:01 PM
To: CNCF TOC <cncf-toc@...>
Cc: cncf-toc@... <cncf-toc@...>
Subject: [EXTERNAL] [cncf-toc] SIG-Security Tech Lead nominations
 

Dear Technical Oversight Committee,


In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.


Thank you!

Sarah Allen

SIG-Security Chair


———-

SIG-Security Tech Lead nominations:


Justin Cappos

Emily Fox

Brendan Lum

  • SIG-Security highlights

    • Triage team, Meeting Facilitator 

    • Security reviewer on both initial assessments (in-toto and OPA)

    • Security reviewer conflict of interest guidelines PR#247

    • Presented SIG-Security session China June 2019, San Diego Nov 2019

    • Organized in-person meetup DockerCon, May 2019 issue#151

  • Professional affiliations: 

  • Github: @lumjjb

  • CNCF Projects: n/a

  • SIG-Security commits


Re: Project presentations meeting

Amye Scavarda Perrin
 

Today's meeting has been removed from the calendar, no meeting today. 
Happy to take suggestions about what should be in this meeting slot! 

On Fri, Feb 14, 2020 at 11:54 AM Liz Rice <liz@...> wrote:
The third-Tuesday-of-the-month public TOC meeting has been for project presentations, but now that the SIGs are handling those project presentations, let’s cancel that meeting. I’m sure we can all find good uses for the extra time we'll get back! 

--
Liz Rice
@lizrice | lizrice.com | +44 (0) 780 126 1145





--
Amye Scavarda Perrin | Program Manager | amye@...


Re: SIG-Security Tech Lead nominations

Liz Rice
 

+1 from me for all three nominees


On Mon, 17 Feb 2020 at 02:02, Sarah Allen <sarah@...> wrote:

Dear Technical Oversight Committee,


In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.


Thank you!

Sarah Allen

SIG-Security Chair


———-

SIG-Security Tech Lead nominations:


Justin Cappos

Emily Fox

Brendan Lum

  • SIG-Security highlights

    • Triage team, Meeting Facilitator 

    • Security reviewer on both initial assessments (in-toto and OPA)

    • Security reviewer conflict of interest guidelines PR#247

    • Presented SIG-Security session China June 2019, San Diego Nov 2019

    • Organized in-person meetup DockerCon, May 2019 issue#151

  • Professional affiliations: 

  • Github: @lumjjb

  • CNCF Projects: n/a

  • SIG-Security commits


Re: SIG-Security Tech Lead nominations

Sarah Allen
 

Quick clarification -- we're seeking a vote on filling three Tech Lead slots, not asking TOC to choose between them!


On Sun, Feb 16, 2020 at 6:02 PM Sarah Allen via Lists.Cncf.Io <sarah=ultrasaurus.com@...> wrote:

Dear Technical Oversight Committee,


In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.


Thank you!

Sarah Allen

SIG-Security Chair


———-

SIG-Security Tech Lead nominations:


Justin Cappos

Emily Fox

Brendan Lum

  • SIG-Security highlights

    • Triage team, Meeting Facilitator 

    • Security reviewer on both initial assessments (in-toto and OPA)

    • Security reviewer conflict of interest guidelines PR#247

    • Presented SIG-Security session China June 2019, San Diego Nov 2019

    • Organized in-person meetup DockerCon, May 2019 issue#151

  • Professional affiliations: 

  • Github: @lumjjb

  • CNCF Projects: n/a

  • SIG-Security commits


Apologies

Justin Cormack
 

I will be on a flight during today’s meeting, apologies about that. 

Justin


SIG-Security Tech Lead nominations

Sarah Allen
 

Dear Technical Oversight Committee,


In January, the SIG-Security co-chairs along with then TOC liason’s Joe Beda and Liz Rice, agreed to nominate three Tech Leads for SIG-Security: Justin Cappos, Emily Fox and Brendan Lum. Due to the TOC election vote freeze we held off on submitting the nomination till now.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


See below for more details on each of the nominated tech leads.  Liz suggested that an email vote would be fine, though if anyone wants to suggest alternate process or has questions, let us know.


Thank you!

Sarah Allen

SIG-Security Chair


———-

SIG-Security Tech Lead nominations:


Justin Cappos

Emily Fox

Brendan Lum

  • SIG-Security highlights

    • Triage team, Meeting Facilitator 

    • Security reviewer on both initial assessments (in-toto and OPA)

    • Security reviewer conflict of interest guidelines PR#247

    • Presented SIG-Security session China June 2019, San Diego Nov 2019

    • Organized in-person meetup DockerCon, May 2019 issue#151

  • Professional affiliations: 

  • Github: @lumjjb

  • CNCF Projects: n/a

  • SIG-Security commits


Re: Project presentations meeting

Matt Farina
 

Liz,

I know the members of the TOC are busy. They are executives, lead projects, and have a lot going on. Do y'all think you will take the time to watch SIG recordings? I've been chairing Kubernetes SIGs for years and I've found this only happens when someone has a reason to watch it.

How are SIGs going to make the recommendations? Is that in meetings or is the discussion going to happen elsewhere? For example, if it happens in the issue queue what will drive the TOC members to the issues to be looped in?

My big concern is for the potential projects. If people know TOC members or know people who know them to get in touch a change in the process isn't so bad. But, for people who don't have an in with TOC members this looks like it makes the process more difficult.

Consider this, it's TOC members sponsoring projects not SIGs sponsoring them. Adding hurdles or extra elements between those sponsoring and those with something needing a sponsor is going to increase difficulty for those who don't have another known route to get to the sponsors. This is a problem for projects that don't have existing social connections.

Does the problem I'm describing make sense?

- Matt Farina

On Sat, Feb 15, 2020, at 7:57 AM, Liz Rice wrote:
Hi Matt, 

The idea is that the TOC can watch the SIG recorded presentation, and/or read the slides, and the recommendation from the SIG. And of course we can always reach out to the project if we want to discuss. 

We'll see how well this works and if we need to, we can adjust. 

Liz 

--
Liz Rice - sent from my phone

On 14 Feb 2020, at 22:06, Matt Farina <matt@...> wrote:

Liz,

Sandbox projects now require 3 TOC sponsors to get in. Presenting to the SIGs are great but there are rarely 3 TOC members in a SIG meeting. Presenting to the whole TOC provides an opportunity to showcase projects looking for sponsorship and let the TOC interact with them.

How will proposed sandbox projects get TOC member time to find sponsors if they don't get in front of the TOC itself? What will the new flow look like?

Thanks,
Matt Farina

On Fri, Feb 14, 2020, at 2:54 PM, Liz Rice wrote:
The third-Tuesday-of-the-month public TOC meeting has been for project presentations, but now that the SIGs are handling those project presentations, let’s cancel that meeting. I’m sure we can all find good uses for the extra time we'll get back! 

--
Liz Rice
@lizrice | lizrice.com | +44 (0) 780 126 1145




Re: Project presentations meeting

Liz Rice
 

Hi Matt, 

The idea is that the TOC can watch the SIG recorded presentation, and/or read the slides, and the recommendation from the SIG. And of course we can always reach out to the project if we want to discuss. 

We'll see how well this works and if we need to, we can adjust. 

Liz 

--
Liz Rice - sent from my phone

On 14 Feb 2020, at 22:06, Matt Farina <matt@...> wrote:


Liz,

Sandbox projects now require 3 TOC sponsors to get in. Presenting to the SIGs are great but there are rarely 3 TOC members in a SIG meeting. Presenting to the whole TOC provides an opportunity to showcase projects looking for sponsorship and let the TOC interact with them.

How will proposed sandbox projects get TOC member time to find sponsors if they don't get in front of the TOC itself? What will the new flow look like?

Thanks,
Matt Farina

On Fri, Feb 14, 2020, at 2:54 PM, Liz Rice wrote:
The third-Tuesday-of-the-month public TOC meeting has been for project presentations, but now that the SIGs are handling those project presentations, let’s cancel that meeting. I’m sure we can all find good uses for the extra time we'll get back! 

--
Liz Rice
@lizrice | lizrice.com | +44 (0) 780 126 1145



Re: Project presentations meeting

Ricardo Aravena
 

All,

iiuc, projects present to the SIGs in their meetings and the presentations get recorded. If a SIG meeting gets canceled (usually because no attendance or no agenda item) then the project team can schedule the presentation in the following SIG meeting.  

I do think that having a project to require 3 TOC sponsors (say for sandbox), now that the TOC has been expanded, may make it more difficult for projects to find them. Does increasing the number of required TOC liaisons help? or/and a process in where projects looking for sponsors send a notice to the TOC ML + Tag on the Github issue? wdyt?

Thanks,
Ricardo


On Fri, Feb 14, 2020 at 3:46 PM Matt Farina <matt@...> wrote:
Erin,

If the meeting where projects present is canceled when will the present to the TOC?

- Matt

On Fri, Feb 14, 2020, at 6:33 PM, Erin Boyd wrote:
Hi Matt,
Projects still present to the SIG provided they meet the proper criteria and are a fit for the landscape.
As outlined in the proposed template document in github: https://github.com/cncf/toc/issues/344

Having this will provide a consistent way for projects to be presented and hopefully make the process more transparent.

I would appreciate your feedback in the issue so we can formalize it. 

Thanks,
Erin


On Fri, Feb 14, 2020 at 3:09 PM Matt Farina <matt@...> wrote:

Liz,

Sandbox projects now require 3 TOC sponsors to get in. Presenting to the SIGs are great but there are rarely 3 TOC members in a SIG meeting. Presenting to the whole TOC provides an opportunity to showcase projects looking for sponsorship and let the TOC interact with them.

How will proposed sandbox projects get TOC member time to find sponsors if they don't get in front of the TOC itself? What will the new flow look like?

Thanks,
Matt Farina

On Fri, Feb 14, 2020, at 2:54 PM, Liz Rice wrote:
The third-Tuesday-of-the-month public TOC meeting has been for project presentations, but now that the SIGs are handling those project presentations, let’s cancel that meeting. I’m sure we can all find good uses for the extra time we'll get back! 

--
Liz Rice
@lizrice | lizrice.com | +44 (0) 780 126 1145






--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat


eboyd@...   



3641 - 3660 of 7848