-
Notifications
You must be signed in to change notification settings - Fork 629
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SANDBOX PROJECT ONBOARDING] Krustlet #690
Comments
This is great news! We'll start working on all the steps shortly |
@thomastaylor312: One thing that would be a big help is an OWNERS file, I don't see anything in https://github.com/deislabs/krustlet |
Yeah, I'll take care of that first |
Please ping me when this project moves to a separate GitHub org. |
Devstats instance created. |
Here is a PR to add a code owners file to the repo - krustlet/krustlet#643 It is using the CODEOWNERS format, as defined by GitHub - https://help.github.com/en/articles/about-code-owners, let us know if the format is ok, or if we need to change it to an OWNERS file. |
That’s fine
On Thu, Jul 15, 2021 at 7:06 PM Radu M ***@***.***> wrote:
Here is a PR to add a code owners file to the repo - krustlet/krustlet#643
<krustlet/krustlet#643>
It is using the CODEOWNERS format, as defined by GitHub -
https://help.github.com/en/articles/about-code-owners, let us know if the
format is ok, or if we need to change it to an OWNERS file.
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#690 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIJGJGFM2YIW7MMDF33TX5ZZZANCNFSM5AJTV3GA>
.
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
For the license scanning tool, is there a free for open source version of one of those tools or a license the CNCF can give us access to? |
we have access to both https://github.com/fossas/fossa-cli and snyk, choose
which one you like :D
…On Fri, Jul 16, 2021 at 11:59 AM Taylor Thomas ***@***.***> wrote:
For the license scanning tool, is there a free for open source version of
one of those tools or a license the CNCF can give us access to?
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#690 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIMPBHJVH7V6CD46L63TYBQP3ANCNFSM5AJTV3GA>
.
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
I think we'll go ahead and use fossa. I assume it will be easier to set up once we move over to a neutral org (which we have, but are tying up a few loose ends before we do) |
Just contacted our legal team for signing the logo transfer agreement. If needed, is there someone from the CNCF I should pull in? |
@thomastaylor312: You can start with me and I'll help route it to the correct place. |
@thomastaylor312: checking back in here, artwork is the big next step. |
Yep, things are in motion on our legal side, the agreements will be sent out soon. Then next week I am planning on moving the repos and setting up all the bots |
Trademark agreement has been signed, so that can be checked off. I'll add the logos to the artwork repo |
Ok, I have most of the logos added but I am waiting on opening a PR because we are missing a few variations/types of the logo. Some people are out on vacation, so it won't be until Monday-ish next week |
Added LF and Chris to the new GH org we'll be moving the repo to |
The repo has been migrated to its new home: https://github.com/krustlet/krustlet |
wohoo thank you!
…On Thu, Jul 22, 2021 at 2:30 PM Taylor Thomas ***@***.***> wrote:
The repo has been migrated to its new home:
https://github.com/krustlet/krustlet
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#690 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIJNWUDQ7RELCJDQ3UTTZBWWPANCNFSM5AJTV3GA>
.
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
DCO is enabled in the new org |
At this rate, you'll be done by the end of the week! Marking off GH owners, DCO and neutral GH repo |
I think we are ready to enable the synk license scanner whenever that is ready! |
Quick question here as well: We just finished adding some Rust specific license checks. Everything looks good, but there is one transitive dependency with a BSD-2 Clause license. Are there any problems with that for a CNCF project? |
No issue for that Taylor, you can see the allowlist here:
https://github.com/cncf/foundation/blob/master/allowed-third-party-license-policy.md#approved-licenses-for-allowlist
…On Mon, Aug 2, 2021 at 2:11 PM Taylor Thomas ***@***.***> wrote:
Quick question here as well: We just finished adding some Rust specific
license checks. Everything looks good, but there is one transitive
dependency with a BSD-2 Clause license. Are there any problems with that
for a CNCF project?
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#690 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIPDGSODCKP5BIMROZDT23UXRANCNFSM5AJTV3GA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
Ok, there was one more license I missed here. We have a transitive dependency on a crate called |
We most likely will have to ask for a license exception, I haven't found
webpki-roots in
https://github.com/cncf/foundation/tree/master/license-exceptions
If so, open up an issue here for the license exception and we will bring it
up in the next CNCF GB meeting: https://github.com/cncf/foundation/issues
I don't see us having an issue here.
…On Wed, Aug 4, 2021 at 1:24 PM Taylor Thomas ***@***.***> wrote:
Ok, there was one more license I missed here. We have a transitive
dependency on a crate called webpki-roots that has an MPL-2.0 license. It
looks like from the FAQ <https://www.mozilla.org/en-US/MPL/2.0/FAQ/> all
we might need is a NOTICE file. Is this something to open a service desk
ticket for?
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#690 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIOGKJO7QSUQGIJCBRTT3GAULANCNFSM5AJTV3GA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
Done! Thank you! |
@thomastaylor312: Checking back in here, anything else that can be checked off? |
These things are done
We are waiting on these:
|
Marking those off! |
We sent the transfer code for |
You are right! We are all set here! Marking that off. |
CII badge has been added and has an open PR to add to the readme: krustlet/krustlet#685 Also, the part about the LF footer on the webpage should be checked off as that has been added |
And PR to add to the landscape: cncf/landscape#2301 |
@thomastaylor312 - so very close! We'd like to get all project onboarding closed out by December 15th. Thanks! |
@amye We are still waiting on an answer about the license scanner. We have something in place that is built for Rust, but I don't know if it is "blessed" @flynnduism do you have access to the website analytics so we can pass those on? |
@thomastaylor312 re: license scanner, let me check with the Snyk team on their Rust support status now (it was in the early stage a few months ago). Alternatively, you may consider FOSSA - https://docs.fossa.com/docs/rust, but Rust is in Alpha there still. Can you share the details of your license scanner as well, please? FOSSA and Snyk are the preferred tools for us, but we are fine with granting an exception. |
@idvoretskyi |
@thomastaylor312 great, thanks. Can I see a sample report of it, please? I've just got a confirmation from Snyk that Rust support is not ready yet (ETA - H1'2022), so either your tool or FOSSA can be a good solution in your case. |
Yes I will go do that |
@idvoretskyi Here is the latest report: https://github.com/krustlet/krustlet/runs/4255117884?check_suite_focus=true You'll notice the failure from one of the MPL-2.0 licensed things we have that we have an open issue for to get an exception from the CNCF. You can see what we are checking for here: https://github.com/krustlet/krustlet/blob/main/deny.toml#L7-L61 |
Sounds good, thanks @thomastaylor312! I’ll let @caniszczyk comment, but I don’t see an issue here. |
Ok, if we need a license exception here, https://github.com/cncf/foundation/issues is the correct place for this. If there already is an issue created, that's fabulous, I'm just not seeing one. |
@amye Right here! cncf/foundation#172 |
aha! I knew I was missing it, I was lookjng for 'krustlet'. |
@jeefy - when you get a chance, can I have you check on the license scanning tool? Either Krustlet's or FOSSA will work. |
Marking as closed, we can help transfer FOSSA through Servicedesk |
Welcome to CNCF Project Onboarding!
This is an issue created to help onboard your project into the CNCF after the TOC has voted to accept your project.
We would like to complete onboarding within one month of acceptance.
From the project side, please ensure that you:
Things that CNCF will need from the project:
Things that the CNCF will do or help the project to do:
The text was updated successfully, but these errors were encountered: