Date   

FYI: CNCF Annual Report 2020!

Chris Aniszczyk
 

Hey all, hope everyone is having a great 2021!

At the end of last year, we posted the CNCF annual report covering what we accomplished in 2020: https://www.cncf.io/blog/2020/12/29/2020-cncf-annual-report/

Please give it a read! The CNCF staff takes quite a bit of time putting this together every year and it's amazing how much was accomplished in a wild year!

--
Chris Aniszczyk (@cra)


Re: SIG-Security Tech Lead nominations

Justin Cormack
 

+1 binding

Justin


On Fri, Dec 18, 2020 at 1:43 AM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




Re: SIG-Security Tech Lead nominations

Brandon Lum
 

+1 NB. I've had the chance to work with all of the nominees over various projects, issues and security assessments in the sig and they are all great candidates for tech leads!


On Fri, Dec 18, 2020, 10:58 AM Chase Pettet <chase.mp@...> wrote:
A robust NB+1.  I only know Andres well (and he's the bomb diggity), but I'm grateful for all of these folks.

On Thu, Dec 17, 2020 at 7:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




Re: SIG-Security Tech Lead nominations

Chase Pettet <chase.mp@...>
 

A robust NB+1.  I only know Andres well (and he's the bomb diggity), but I'm grateful for all of these folks.

On Thu, Dec 17, 2020 at 7:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




Re: SIG-Security Tech Lead nominations

Liz Rice
 

Super that we have these qualified and enthusiastic candidates! 

I’m happy to call this TOC vote, and give it my +1 for all three nominees

Liz


On Fri, 18 Dec 2020 at 05:22, Andrés Vega <andresvega1@...> wrote:
Whoa! It's quite an honor to receive this nomination. More so, the opportunity to serve the community alongside those who I consider its pillar. 

Many thanks to SIG-Security (co-chairs, TLs, and members) and all the great people who constitute the CNCF for the opportunity to give back in the TL capacity. 

-AV


Re: SIG-Security Tech Lead nominations

Andrés Vega
 

Whoa! It's quite an honor to receive this nomination. More so, the opportunity to serve the community alongside those who I consider its pillar. 

Many thanks to SIG-Security (co-chairs, TLs, and members) and all the great people who constitute the CNCF for the opportunity to give back in the TL capacity. 

-AV


Re: OPA to graduation

dpopes@...
 

+1

This is so great to hear! Congratulations to the OPA team!

I'm the Group Tech Lead for the Security Org at Yelp. I've found great utility from the OPA project. At the time of this writing, I've implemented authorization semantics using OPA across several different use cases:

- Service mesh authorization (via Envoy ext_authz filter)
- Linux authorization (via PAM module)
- Kubernetes Authorization (via Authorization Webhook)

In all these cases, OPA has been able to meet all security and operational requirements. 

My experience with the documentation, tooling, and support from the maintainers and the community has been really positive.

Daniel Popescu


Re: SIG-Security Tech Lead nominations

Justin Cappos <jcappos@...>
 

+1 NB for Ash and Andreas.  I've worked closely with them both on security assessments.  They are technically sharp, organized, and diligent.

Apologies to Aradhana, who I haven't worked with yet for not saying something nice here too, but I hope to collaborate in the future!



On Fri, Dec 18, 2020 at 9:58 AM Emily Fox <themoxiefoxatwork@...> wrote:
+1 NB and everything Sarah said.  These three are stellar members who have supported our SIG not only through growth, but contributions and leading efforts.

- Emily Fox

@TheMoxieFox (personal handle)

On Thu, 17 Dec 2020, 20:52 Sarah Allen, <sarah@...> wrote:
Ashutosh Narkar, Aradhana Chetal and Andres Vega have made significant contributions to SIG-Security already, and along with their background and experience, would make great Technical Leads for our SIG.   

Note that they would join (not replace) the current TLs, Brandon Lum and Justin Cappos.  

Sarah Allen
SIG-Security Co-Chair

On Thu, Dec 17, 2020 at 8:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




Re: SIG-Security Tech Lead nominations

Emily Fox
 

+1 NB and everything Sarah said.  These three are stellar members who have supported our SIG not only through growth, but contributions and leading efforts.

- Emily Fox

@TheMoxieFox (personal handle)

On Thu, 17 Dec 2020, 20:52 Sarah Allen, <sarah@...> wrote:
Ashutosh Narkar, Aradhana Chetal and Andres Vega have made significant contributions to SIG-Security already, and along with their background and experience, would make great Technical Leads for our SIG.   

Note that they would join (not replace) the current TLs, Brandon Lum and Justin Cappos.  

Sarah Allen
SIG-Security Co-Chair

On Thu, Dec 17, 2020 at 8:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




Re: SIG-Security Tech Lead nominations

Sarah Allen
 

Ashutosh Narkar, Aradhana Chetal and Andres Vega have made significant contributions to SIG-Security already, and along with their background and experience, would make great Technical Leads for our SIG.   

Note that they would join (not replace) the current TLs, Brandon Lum and Justin Cappos.  

Sarah Allen
SIG-Security Co-Chair

On Thu, Dec 17, 2020 at 8:43 PM Jeyappragash Jeyakeerthi <jj@...> wrote:

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




SIG-Security Tech Lead nominations

Jeyappragash Jeyakeerthi
 

Dear Technical Oversight Committee,


On December 16th 2020, the SIG-Security co-chairs along with then TOC liason’s Liz Rice and Justin Cormack, agreed to nominate three Tech Leads for SIG-Security: Ashutosh Narkar, Aradhana Chetal and Andres Vega.


“Tech leads are assigned following a 2/3 majority vote of the TOC and a 2/3 majority vote of SIG Chairs” — cncf-sig elections


Thank you!

Jeyappragash.J.J

(On behalf of SIG-Security Chairs)


TL Candidates - Dec 2020


Ashutosh Narkar 


Aradhana Chetal 


Andres Vega

  • SIG-Security highlights

  • Professional affiliations: 

    • VMWare

  • Github: @anvega

  • CNCF Projects:

    • SPIFFE/SPIRE

  • SIG-Security 

    • Security Assess. Review lead: Harbor

    • Security Assess. Review lead: Cloud Buildpaks

    • Security Assess. participant: SPIFFE/SPIRE

    • Security Day program committee 2020 NA

    • Facilitator for SIG meetings, and in general good with making calls more lively (1)

    • Participating in organization of CN Sec. Day 2021 EU

    • Commits (5)

    • Issues (13)




[RFC] Inclusive Naming Initiative workstreams

Stephen Augustus
 

Hey everyone,

Some of y'all have asked how you can get more involved in the Inclusive Naming Initiative and the group has just proposed a set of potential workstreams.
If you're interested, feel free to pop by the GitHub discussion and let us know where you'd like to help out/lead: https://github.com/inclusivenaming/org/discussions/12

-- Stephen


Re: Agenda for today

Liz Rice
 

Aha, I see in the public working doc today's meeting is down as cancelled. Enjoy your extra hour! 


On Tue, Dec 15, 2020 at 1:08 PM Liz Rice <liz@...> wrote:
Hi everyone, 

Amye is OOO today (I believe unexpectedly) and I’m not quite sure where we are with an agenda for the TOC call today. Does anyone have something they were prepared / planning to discuss? 

Cheers,
Liz


Agenda for today

Liz Rice
 

Hi everyone, 

Amye is OOO today (I believe unexpectedly) and I’m not quite sure where we are with an agenda for the TOC call today. Does anyone have something they were prepared / planning to discuss? 

Cheers,
Liz


[TOC] Nominations Open through 12pm PT, January 11, 2021

Amye Scavarda Perrin
 

5 seats are open for nomination by the GB and End User Community.
Nominations are open for the two Selecting Groups.

We will be publishing the list of qualified nominees at the end of the qualification process.

Timeline:
December 14: Nominations open – 12 PM PT
January 11: Nominations close - 12 PM PT
Jan 11: Qualification period opens
Jan 25: Qualification period closes
Jan 25: Election opens, Voting occurs by a time-limited Condorcet-IRV ranking in CIVS
Feb 1: Election closes at 12pm Pacific, results announced

--
Amye Scavarda Perrin | Program Manager | amye@...


Re: OPA to graduation

jkrach@...
 

We've also been using OPA in production for use cases such as:
1. microservice authorization policy
2. internal webapp authorization policies via Envoy filter
3. kafka authorization

We also spoke at Kubecon 2019 about some of our use cases, you can check it out here: https://www.youtube.com/watch?v=LhgxFICWsA8

Gatekeeper / K8S admission is actually one of the main use cases we still haven't fully integrated (in the works though)!


[cncf-dex-maintainers] [Announcement] First Maintainers Circle: Thursday! You're Invited!

Stephen Augustus
 

(Forwarding to the TOC + ContribStrat mailing lists as well.)

Join us next week for the first edition of the Maintainers Circle!
Details below from Paris. :)

-- Stephen

---------- Forwarded message ---------
From: Paris <paris.pittman@...>
Date: Fri, Dec 11, 2020 at 11:38 AM
Subject: [cncf-dex-maintainers] [Announcement] First Maintainers Circle: Thursday! You're Invited!
To: <maintainers@...>


Please forward this to other maintainers and folks making key decisions for the project; not solely the TOC voting members(reviewers, approvers, committee members, et al.).

💫 SIG Contributor Strategy welcomes you to the first edition of the Maintainers Circle.💫
This Thursday, December 17th. 
In this first session, we will talk about burnout and time management. 
Full details and future sessions in the works in our repo. A tl;dr: Dorothy Howard, FOSS Researcher and Wikipedia Maintainer with the University of California, San Diego, and Aaron Crickenberger, Emeritus Steering Committee member and SIG Testing Chair for the Kubernetes project will be joining us to share their experiences and research. 

These interactive learning sessions will have ample opportunities to talk to your peers from across projects in small groups and hear from speakers that are academics, researchers, growth consultants, and other maintainers on topics that aren’t widely discussed. You'll be able to introduce yourself and the role you play.

To RSVP:
Join #maintainers-circle on CNCF Slack (https://slack.cncf.io/) and emoji react to the post (that’s it!)

To add this to your calendar:
Grab the sig-contributor-strategy meetings on the CNCF Calendar: https://www.cncf.io/calendar/
They will be re-labeled with the title of Maintainer Circle shortly.  

Wish this was during another day/time that is better for you?
Let us know with the time range options: https://doodle.com/poll/z5gg4p6qyxedgf2c. We will make a schedule for 2021 to include times to better accommodate participants. 


See you soon,
Paris
SIG Contributor Strategy 





--
To unsubscribe from this group and stop receiving emails from it, send an email to maintainers+unsubscribe@....


Re: [VOTE] Open Policy Agent from incubating to graduated

Kiran Mova
 

+1 NB


On Fri, Dec 11, 2020 at 2:08 PM Dave Zolotusky via lists.cncf.io <dzolo=spotify.com@...> wrote:
+1 binding

~Dave


Re: [VOTE] Open Policy Agent from incubating to graduated

Dave Zolotusky
 

+1 binding

~Dave


Re: [VOTE] Open Policy Agent from incubating to graduated

Frederick Kautz
 

+1 NB

This is an incredibly important project, and I think we are only seeing the beginning of its impact. Congratulations to the team for their achievements!

On Dec 9, 2020, at 11:22 AM, John Belamaric via lists.cncf.io <jbelamaric=google.com@...> wrote:

+1 nb

821 - 840 of 6383