Date   

RFC: Thanos/KubeVirt/In-Toto

Chris Aniszczyk
 

Hey all, we had three project proposal presentations from the community today:

https://docs.google.com/presentation/d/1jhzJlSAAJNNil1nIYp60eSMH3LPd6AwqHLt3vEAzMSg/edit#slide=id.g25ca91f87f_0_0


Please feel free to make any comments+questions as adopters/users to the PRs. We are tracking the progress of the projects through sponsorship/voting here: https://github.com/cncf/toc/projects/3

--
Chris Aniszczyk (@cra) | +1-512-961-6719


TOC Agenda for 7/9/2019

Chris Aniszczyk
 

Hey all, the agenda for tomorrow's community presentation meeting is here:


We will be hearing from the kubevirt, in-toto and thanos projects.

See you tomorrow!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: Project Process flow chart....

Alex Chircop
 

Hi,

Further to this thread, the CNCF Storage SIG has been prepping a simple questionnaire:


The idea was to provide a baseline that would help a project to prepare for a presentation to the SIG, and then helps the SIG share the collated information with the TOC.

All feedback and comments would be appreciated!

Kind Regards,
Alex



From: cncf-toc@... <cncf-toc@...> on behalf of Brendan Burns via Lists.Cncf.Io <bburns=microsoft.com@...>
Sent: 05 July 2019 21:41
To: CNCF TOC
Cc: cncf-toc@...
Subject: [cncf-toc] Project Process flow chart....
 
Folks,
I'm quite tardy, but I created the proposed flow-chart for the project adoption process as discussed 2 meetings ago:


Comments please!

Thanks
--brendan



Re: Project Process flow chart....

Eduardo Silva
 

Hi, 

I would suggest the workflow states that the project must exist and have a minimum of adoption, otherwise, it could lead to "elevator pitch" to validate ideas.



On Fri, Jul 5, 2019 at 2:42 PM Brendan Burns via Lists.Cncf.Io <bburns=microsoft.com@...> wrote:
Folks,
I'm quite tardy, but I created the proposed flow-chart for the project adoption process as discussed 2 meetings ago:


Comments please!

Thanks
--brendan




--

Eduardo Silva
Principal Engineer  | Arm
. . . . . . . . . . . . . . . . . . . . . . . . . . . 
m. +506 70138007
Arm.com
Treasuredata.com


   



Project Process flow chart....

Brendan Burns
 

Folks,
I'm quite tardy, but I created the proposed flow-chart for the project adoption process as discussed 2 meetings ago:


Comments please!

Thanks
--brendan



CFP Reminder for KubeCon + CloudNativeCon NA (closes July 12th)

Chris Aniszczyk
 

Just a friendly reminder that the CFP for KubeCon + CloudNativeCon NA closes soon:

Please get your submissions in by July 12th.

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: What is the purpose of the SIGs?

Chris Aniszczyk
 

Thanks, we will put something together in the coming week.


On Wed, Jul 3, 2019 at 8:59 AM Dimitri Mitropoulos <dimitri@...> wrote:
thanks all!  a high level overview on the main site would be great!

On Tue, 2 Jul 2019 at 12:44, Liz Rice <liz@...> wrote:
Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!



--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: What is the purpose of the SIGs?

Dimitri Mitropoulos <dimitri@...>
 

thanks all!  a high level overview on the main site would be great!


On Tue, 2 Jul 2019 at 12:44, Liz Rice <liz@...> wrote:
Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


Re: CNCF SIG (and WG) expected deliverables

Sarah Allen
 

Hi Quinton and MIchael,

You are both correct.  SAFE WG started as a group separate from CNCF.  Many early members joined the group with the assumption that the goal of the group was to become a CNCF Working Group. Other members, myself included, thought that was an interesting option, but found value in the group in any case.

Independent of org affiliation, we had planned to deliver a white paper in Q4-18.  We had also planned to publish a micro-site highlighting recordings of presentations, as well as other work streams developing landscape categories, personas and use cases.   We have delivered some documents, but first and foremost, we have formed a community where its members find the work valuable to themselves and their organizations (many of whom are CNCF member companies).  Perhaps we took on too much, certainly we did not predict the additional needs and opportunities that emerged from our prospective CNCF association.

In 2018, the TOC did not speak with one voice.  While Quinton was frustratedly waiting on the white paper, SAFE merged with the Policy WG, which brought with it a Policy White Paper already underway, along with other projects.  The TOC asked us to review in-toto and we started a process of figuring out what our role should be in assessing the security of an open source project.  That effort became the focus of the group for many months, and we heard feedback from multiple TOC members and other stakeholders that the output of this work would serve a critical need for the CNCF, as well as serving a need for many of our members, and so it was prioritized, with explicit approval from Liz, when she was appointed TOC Liaison.  

The TOCs and the SIGs need to increase transparency and communication to avoid such confusions in the future.  The TOC Liaison positions and Amye's role coordinating processes with SIGs and CNCF is a big step forward, yet there is still quite a bit of room for improvement.

Sarah



On Tue, Jul 2, 2019 at 11:09 AM Quinton Hoole <quinton@...> wrote:
Hi Michael

That's not accurate, or at least not my understanding, nor what's documented in the SAFE minutes.

Specifically: The minutes of 2018-04-13 say: 

Agenda:

  • NOTE: Today's session will be primarily focused on preparations for the SAFE WG proposal presentation to the CNCF TOC on 2018-4-17

  • Getting ready for CNCF TOC meeting 2018-4-17, 8am Pacific



It seems that didn't happen until Aug 2018, 3 months later.

It was specifically in that context, that I provided the following feedback and requirements from the TOC, in response to the group's request to the TOC to become a working group (the PR has subsequently been changed substantially and used to for the SIG instead, so be aware of that if you read it).  This was done in Aug and Sept 2018.


For example: Quinton: "I would like us to clearly agree upon the written proposed timeline for delivering artifacts (contained in the charter). Both the SAFE WG, and the Policy WG have been around for a year or more and to my knowledge produced very little yet in the form of concrete outputs (please correct me if I'm wrong here). So I think it is important to produce the proposed artifacts, specifically white papers, within the reasonable timeframe proposed (about a quarter per phase) starting now (i.e. Sept 2018)."

The reply from the group was:

Ultrasaurus: "I agree that dates for deliverables are helpful. We have some in our roadmap and need to fold in new deliverables from merging with Policy WG. Group will pick this up as an activity to be done in the next meeting."

One of the primary deliverables listed in the roadmap is:

Describe the landscape
Define the terminology used in the output documents, and in the community
Describe the current state (landscape) of cloud native security, ...
... common patterns in use today for system that works for cloud-native apps. For example:
Extract end-to-end view of secure access, and
Common layering or a block architecture 

It was scheduled for final delivery in "Q4 2018 - Q1 2019", but this never happened.

I also discussed this in person with Ultrasaurus at KubeCon Seatle in Dec 2018 to clarify, and she assured me at the time that plans were on track as per the above roadmap.

To be clear, this is not a finger-pointing exercise, and it's completely understandable for some target dates to be missed sometimes.
But I think it's equally important to recognise the distinction between poor communication and poor delivery.  

It seems to me that the requirements and expectations here were clearly communicated and understood, but not delivered.

Q

 





On Tue, Jul 2, 2019 at 9:57 AM Michael Ducy <michael.ducy@...> wrote:
The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...



--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

Hi Michael

That's not accurate, or at least not my understanding, nor what's documented in the SAFE minutes.

Specifically: The minutes of 2018-04-13 say: 

Agenda:

  • NOTE: Today's session will be primarily focused on preparations for the SAFE WG proposal presentation to the CNCF TOC on 2018-4-17

  • Getting ready for CNCF TOC meeting 2018-4-17, 8am Pacific



It seems that didn't happen until Aug 2018, 3 months later.

It was specifically in that context, that I provided the following feedback and requirements from the TOC, in response to the group's request to the TOC to become a working group (the PR has subsequently been changed substantially and used to for the SIG instead, so be aware of that if you read it).  This was done in Aug and Sept 2018.


For example: Quinton: "I would like us to clearly agree upon the written proposed timeline for delivering artifacts (contained in the charter). Both the SAFE WG, and the Policy WG have been around for a year or more and to my knowledge produced very little yet in the form of concrete outputs (please correct me if I'm wrong here). So I think it is important to produce the proposed artifacts, specifically white papers, within the reasonable timeframe proposed (about a quarter per phase) starting now (i.e. Sept 2018)."

The reply from the group was:

Ultrasaurus: "I agree that dates for deliverables are helpful. We have some in our roadmap and need to fold in new deliverables from merging with Policy WG. Group will pick this up as an activity to be done in the next meeting."

One of the primary deliverables listed in the roadmap is:

Describe the landscape
Define the terminology used in the output documents, and in the community
Describe the current state (landscape) of cloud native security, ...
... common patterns in use today for system that works for cloud-native apps. For example:
Extract end-to-end view of secure access, and
Common layering or a block architecture 

It was scheduled for final delivery in "Q4 2018 - Q1 2019", but this never happened.

I also discussed this in person with Ultrasaurus at KubeCon Seatle in Dec 2018 to clarify, and she assured me at the time that plans were on track as per the above roadmap.

To be clear, this is not a finger-pointing exercise, and it's completely understandable for some target dates to be missed sometimes.
But I think it's equally important to recognise the distinction between poor communication and poor delivery.  

It seems to me that the requirements and expectations here were clearly communicated and understood, but not delivered.

Q

 





On Tue, Jul 2, 2019 at 9:57 AM Michael Ducy <michael.ducy@...> wrote:
The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...



--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

Thanks Liz

That definitely explains some of the potential confusion in the past few weeks.  But it's worth noting that the lack of delivery of the white paper dates back much further than that.  See my other message.

Q


On Tue, Jul 2, 2019 at 10:00 AM Liz Rice <liz@...> wrote:
Hi Quinton, 

This is in large part down to me! The chairs asked me for guidance on their priorities at the point where they were formally accepted as a SIG. I suggested focusing on getting some assessments done so we can get some concrete experience of this happening. To my mind this was more pressing, so we could see if/how SIGs can help the TOC scale and cope with the project assessment workload.

On 2 Jul 2019, 17:27 +0100, Quinton Hoole <quinton@...>, wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Liz Rice
 

Hi Quinton, 

This is in large part down to me! The chairs asked me for guidance on their priorities at the point where they were formally accepted as a SIG. I suggested focusing on getting some assessments done so we can get some concrete experience of this happening. To my mind this was more pressing, so we could see if/how SIGs can help the TOC scale and cope with the project assessment workload.

On 2 Jul 2019, 17:27 +0100, Quinton Hoole <quinton@...>, wrote:

A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Michael Ducy
 

The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: What is the purpose of the SIGs?

Liz Rice
 

Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:

Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


Re: What is the purpose of the SIGs?

Chris Aniszczyk
 


On Tue, Jul 2, 2019 at 11:38 AM Dimitri Mitropoulos <dimitri@...> wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!



--
Chris Aniszczyk (@cra) | +1-512-961-6719


What is the purpose of the SIGs?

Dimitri Mitropoulos <dimitri@...>
 

Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: CNCF TOC Meeting 7/2/2019 Agenda

Erin Boyd
 

Thank you!
Talk to you tomorrow,
Erin


On Mon, Jul 1, 2019 at 6:19 PM Chris Aniszczyk <caniszczyk@...> wrote:
I'll make this more clear but it's easier if we have projects just put forth a formal project proposal and then request a community presentation slot. The barrier is a bit higher to entry to do so but helps us be more organized imho. We will discuss tomorrow.

On Mon, Jul 1, 2019 at 7:15 PM Erin Boyd <eboyd@...> wrote:
Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   



--
Chris Aniszczyk (@cra) | +1-512-961-6719


--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   


Re: CNCF TOC Meeting 7/2/2019 Agenda

Chris Aniszczyk
 

I'll make this more clear but it's easier if we have projects just put forth a formal project proposal and then request a community presentation slot. The barrier is a bit higher to entry to do so but helps us be more organized imho. We will discuss tomorrow.


On Mon, Jul 1, 2019 at 7:15 PM Erin Boyd <eboyd@...> wrote:
Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   



--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: CNCF TOC Meeting 7/2/2019 Agenda

Erin Boyd
 

Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...