CNCF Code of Conduct Community of Practice?


Karena Angell
 

+100

Happy to also help with this incredibly important effort in an open, collaborative way.


Vincent Batts
 

Big agree. The spirit of this proposal was very alive in the community members that showed up for the CoC BoF talk at KubeCon EU last week. Particularly and currently, to ensure a fair process.

Expecting that pay-to-play GB roles will handle this in the same spirit as communities already do seems to be at a disconnect. Don't get me wrong, I <3 so many of the GB members, but this is a distinct and sensitive topic that is normal for communities.

I am happy to support and even bootstrap this effort.


Davanum Srinivas
 

Folks,


Crossing Streams!!!

image.png

On Mon, May 23, 2022 at 3:13 PM Divya Mohan <divya.mohan0209@...> wrote:
Just catching up on emails after the event, but a huge +1 to this effort and I'd be happy to help/contribute in any way I can :)

Regards,
Divya

On Sat, 21 May, 2022, 7:35 pm Scott Rigby, <scott@...> wrote:
a few days late to the party...
Paris, đź’Ż to this
Dims, đź‘Ť to designing in collaboration with the community
xo

On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:
Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:
Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."
Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,
Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims



--
Davanum Srinivas :: https://twitter.com/dims


Divya Mohan
 

Just catching up on emails after the event, but a huge +1 to this effort and I'd be happy to help/contribute in any way I can :)

Regards,
Divya

On Sat, 21 May, 2022, 7:35 pm Scott Rigby, <scott@...> wrote:
a few days late to the party...
Paris, đź’Ż to this
Dims, đź‘Ť to designing in collaboration with the community
xo

On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:
Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:
Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."
Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,
Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Scott Rigby
 

a few days late to the party...
Paris, đź’Ż to this
Dims, đź‘Ť to designing in collaboration with the community
xo


On Thu, May 19, 2022 at 1:08 AM Davanum Srinivas <davanum@...> wrote:
Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:
Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."
Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,
Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Davanum Srinivas
 

Joanna,

Quick note on something I touched on when we chatted at dinner.

Here's the relevant section as pointed out by Paris below (pasting the same url here for your reference):
https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct

The text as it stands today says two things:
Point #1 -  "All participants agree to abide by The Linux Foundation Code of Conduct available at https://events.linuxfoundation.org/code-of-conduct."
Point #2 - "The TOC may vote to adopt its own code of conduct for the CNCF community."

Our Charter clearly puts "code of conduct for the CNCF community" in the hands of the TOC (says so right there!), just writing one is not enough and any Code of Conduct needs to be enforced for it to have any effect, So we will look at options to design this properly in collaboration with the community which this Code of Conduct will end up governing!

thanks,
Dims

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Joe Beda
 

I want to echo my support for this effort. Thank you for introducing it, Paris.  Setting community standards and enforcing them is a key part of making our ecosystem work and I believe it is critical that this happens from the community itself.  In doing so, we can hold all parties in the community to the same standard.

Joe

On Wed, May 18, 2022 at 12:47 AM Davanum Srinivas <davanum@...> wrote:
Paris,

thanks for the note to the TOC and the community. 

+1 to the principles behind it for sure. Let's figure out how to work together and get ideas/consensus from multiple folks and ensure that this works for all of us.

We will happily set aside time on the TOC agenda for sure to get the ball rolling when we get back from kubecon.

Thanks
-- Dims
(wearing TOC chair hat)

On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Davanum Srinivas
 

Paris,

thanks for the note to the TOC and the community. 

+1 to the principles behind it for sure. Let's figure out how to work together and get ideas/consensus from multiple folks and ensure that this works for all of us.

We will happily set aside time on the TOC agenda for sure to get the ball rolling when we get back from kubecon.

Thanks
-- Dims
(wearing TOC chair hat)


On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Dan Shaw
 

This is great, Paris.

Seems like the right time to put this in place.

Dan Shaw
@dshaw


On Tue, May 17, 2022 at 3:40 AM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions



Libby Meren
 

This is great, love it! I’d like to help too.

Sent from a teeny tiny device screen, please excuse brevity and typos.

On May 17, 2022, at 8:41 AM, Carolyn Van Slyck via lists.cncf.io <carolyn.vanslyck=microsoft.com@...> wrote:

+1 This is a great idea, and I'd like to help if I can

-----Original Message-----
From: cncf-toc@... <cncf-toc@...> On Behalf Of Josh Berkus via lists.cncf.io
Sent: Tuesday, May 17, 2022 9:27 AM
To: Paris Pittman <paris.pittman@...>; CNCF TOC <cncf-toc@...>
Subject: Re: [cncf-toc] CNCF Code of Conduct Community of Practice?


I believe we are at a point where a CNCF code of conduct community
of practice will serve us well. I sat on the first Kubernetes Code of
Conduct committee and many of the below ideas stemmed from my
experiences there. Whether this is a body, community of practice,
incident management team, etc is all up for discussion.
TAG-CS is, of course, happy to support.

Personally, I would be particularly interested in figuring out some kind of CoCC support for smaller projects.

--
-- Josh Berkus
Kubernetes Community Architect
OSPO, OCTO











Carolyn Van Slyck <carolyn.vanslyck@...>
 

+1 This is a great idea, and I'd like to help if I can

-----Original Message-----
From: cncf-toc@... <cncf-toc@...> On Behalf Of Josh Berkus via lists.cncf.io
Sent: Tuesday, May 17, 2022 9:27 AM
To: Paris Pittman <paris.pittman@...>; CNCF TOC <cncf-toc@...>
Subject: Re: [cncf-toc] CNCF Code of Conduct Community of Practice?


 I believe we are at a point where a CNCF code of conduct community
of practice will serve us well. I sat on the first Kubernetes Code of
Conduct committee and many of the below ideas stemmed from my
experiences there. Whether this is a body, community of practice,
incident management team, etc is all up for discussion.
TAG-CS is, of course, happy to support.

Personally, I would be particularly interested in figuring out some kind of CoCC support for smaller projects.

--
-- Josh Berkus
Kubernetes Community Architect
OSPO, OCTO


Davanum Srinivas
 

CC'ing CNCF-GB

I love it when plans from folks come together!

-- Dims


On Tue, May 17, 2022 at 12:40 PM Paris Pittman <paris.pittman@...> wrote:

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




--
Davanum Srinivas :: https://twitter.com/dims


Josh Berkus
 

 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.
TAG-CS is, of course, happy to support.

Personally, I would be particularly interested in figuring out some kind of CoCC support for smaller projects.

--
-- Josh Berkus
Kubernetes Community Architect
OSPO, OCTO


Jaice Singer DuMars
 

I am strongly supportive of this initiative. I was on the original Kubernetes CoCC with Paris for 2 years and am happy to participate in this formation in whatever capacity is needed to serve the community.

On Tue, May 17, 2022 at 5:50 AM Diane Mueller <dmueller2001@...> wrote:
+1 and happy to help in anyway I can!



On Tue, May 17, 2022 at 2:39 PM Brandon Lum <lumjjb@...> wrote:
+1!!!! For TAG security, we had added additional practice guidelines, as a start. So, it would definitely help if we had a forum or committee for this discussion!

On Tue, May 17, 2022 at 2:20 PM Chris Short via lists.cncf.io <cbshort=amazon.com@...> wrote:
HUGE +1 to this.

Chris Short
He/Him/His
Sr. Developer Advocate, AWS Kubernetes (GitOps)
TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


This is wonderful idea, Paris. +1!

---


Stephen Augustus (he/him)

Head of Open Source

augustus@...


My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.



From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions



--
Diane Mueller

(mobile) 604.765.3635
(twitter) pythondj
(skype) xbrlspy
(email) dmueller2001@...



This email is intended only for the person or entity to which it is addressed and may contain confidential information and/or privileged information. Any use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the email and all copies (electronic or otherwise) immediately. Thank you.


Diane Mueller
 

+1 and happy to help in anyway I can!



On Tue, May 17, 2022 at 2:39 PM Brandon Lum <lumjjb@...> wrote:
+1!!!! For TAG security, we had added additional practice guidelines, as a start. So, it would definitely help if we had a forum or committee for this discussion!

On Tue, May 17, 2022 at 2:20 PM Chris Short via lists.cncf.io <cbshort=amazon.com@...> wrote:
HUGE +1 to this.

Chris Short
He/Him/His
Sr. Developer Advocate, AWS Kubernetes (GitOps)
TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


This is wonderful idea, Paris. +1!

---


Stephen Augustus (he/him)

Head of Open Source

augustus@...


My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.



From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions



--
Diane Mueller

(mobile) 604.765.3635
(twitter) pythondj
(skype) xbrlspy
(email) dmueller2001@...



This email is intended only for the person or entity to which it is addressed and may contain confidential information and/or privileged information. Any use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the email and all copies (electronic or otherwise) immediately. Thank you.


Brandon Lum
 

+1!!!! For TAG security, we had added additional practice guidelines, as a start. So, it would definitely help if we had a forum or committee for this discussion!


On Tue, May 17, 2022 at 2:20 PM Chris Short via lists.cncf.io <cbshort=amazon.com@...> wrote:
HUGE +1 to this.

Chris Short
He/Him/His
Sr. Developer Advocate, AWS Kubernetes (GitOps)
TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


This is wonderful idea, Paris. +1!

---


Stephen Augustus (he/him)

Head of Open Source

augustus@...


My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.



From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




Chris Short
 

HUGE +1 to this.

Chris Short
He/Him/His
Sr. Developer Advocate, AWS Kubernetes (GitOps)
TZ=America/Detroit

On May 17, 2022, at 13:19, Stephen Augustus (augustus) via lists.cncf.io <augustus=cisco.com@...> wrote:



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


This is wonderful idea, Paris. +1!

---


Stephen Augustus (he/him)

Head of Open Source

augustus@...


My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.



From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




Stephen Augustus (augustus)
 

This is wonderful idea, Paris. +1!

---


Stephen Augustus (he/him)

Head of Open Source

augustus@...


My working hours may not be your working hours.

Please do not feel obligated to reply outside of your normal work schedule.



From: cncf-toc@... <cncf-toc@...> on behalf of Paris Pittman <paris.pittman@...>
Sent: Tuesday, May 17, 2022, 06:41
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] CNCF Code of Conduct Community of Practice?

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions




Paris Pittman
 

Hi TOC and community,


 I believe we are at a point where a CNCF code of conduct community of practice will serve us well. I sat on the first Kubernetes Code of Conduct committee and many of the below ideas stemmed from my experiences there. Whether this is a body, community of practice, incident management team, etc is all up for discussion.


Would it be possible to put this on the next TOC agenda? If folks are interested in this work and at KubeCon, give a shout; even if you’re virtual, I’m hanging on CNCF Slack. 


-paris 


To help get the ball rolling for discussion, here are some rough ideas:

https://github.com/cncf/foundation/blob/main/charter.md#13-code-of-conduct


Purpose

Create a community of practice around code of conduct matters at the CNCF Community level. This community of practice could be bootstrapped by an independant committee, a working group of TAG Contributor Strategy, or another organizational design that TOC thinks would position this group for success with the ultimate goal of an independent body. This doc is not intended to be implementation details but the establishment of such a community.

Goals

  • community members creating policy and carrying out enforcement
  • creating a safe space for reporters
  • Focus on mediation rather than ligitation. goals of having a community member/body take reports vs CNCF staff and lawyers. 
  • cncf community members, project contributors, toc, ambassadors, and cncf staff would have this as a resource
  • build trust via community involvement and transparency reporting 

NonGoals

  • require changes to projects that already have defined code of conduct systems in place that aren’t LF support; eg Kubernetes Code of Conduct Committee

Knowns

  • Kubernetes has a code of conduct committee. It was created independently due to scale, our values, and desire for a community run program. https://github.com/kubernetes/community/blob/master/committee-code-of-conduct/bootstrapping-process.md
  • OpenTelemetry’s GC acts as a CoCC.
  • All other projects, which are governed by CNCF staff, go to Chris A or Priyanka as first step
  • CNCF Staff consults with laywers to enforce their code of conduct; this is seen as a power differential in the community; “a business approach”
  • Most CoC language on LF sites are geared towards events and not other situations or related conduct matters
  • There have been issues in the past with community members confused on where to file issues, who enforces, and where/when at cloud native related events. Example: If its “kubecon” does that mean conduct@...?

Responsibilities and Composition

  • Nominations from TOC and community; TOC shortlist for qualifications; community votes
  • everyone gets training
  • initial group bootstraps the function
    • build out policies and procedures that fit with the ecosystem
    • create roles and teams
    • create a charter

Opportunities

  • Allows CNCF staff to focus on project operations and membership vs mediating community challenges and incidents. Instead puts mediation and enforcement into the community. 
  • focus on mediation vs litigation.
  • incident management and transparecy reporting //build out an incident management team
  • projects can plug into this with better incident reporting structures than contact someone an attorney at Linux Foundation
  • projects can have liasion reps which can then feed into staffing for incident response groups

Next Steps

  • Discuss at a TOC meeting
  • Bring in current and emeritus Kubernetes CoCC to help formulate and bootstrap discussions
  • Bring in project maintainers from CNCF projects; possiby create a special Maintainers Circle for this topic

Open Questions

  • We would need this to be an independent body. Where would that sit?
  • can an overarching committee have sufficient visibility into project-specific context to offer quality outcomes around restoration after an incident?
  • Does a CoC action taken in one project affect a contributor’s ability to participate in other CNCF projects?
  • Escalation path for events?
  • Liability coverage for Committee decisions