You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisfies the Due Diligence Review criteria.
Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.
Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.
Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.
Governance clearly documents vendor-neutrality of project direction.
Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.
Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).
In the Kubewarden team we have only two roles that are applied for the whole project. These roles definition are defined in the GOVERNANCE.md file
Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).
Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.
If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.
All the Kubewarden subprojects follow the same governance and processes describe in all the topics listed in this submission.
Required
Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.
List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.
Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently. This can also be satisfied by completing a General Technical Review.
Document what the project does, and why it does it - including viable cloud native use cases. This can also be satisfied by completing a General Technical Review.
Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.
Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation. This can also be satisfied by completing a General Technical Review and capturing the output in the project's documentation.
Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)
As a Github hosted project, we rely on the Github authentication mechanisms. Most of the maintainers use two factor authentication and sign commits and tags with GPG keys
Document assignment of security response roles and how reports are handled.
Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)
Kubewarden Incubation Application
v1.6
This template provides the project with a framework to inform the TOC of their conformance to the Incubation Level Criteria.
Project Repo(s): https://github.com/kubewarden/community
Project Site: https://kubewarden.io
Sub-Projects: https://github.com/kubewarden/community?tab=readme-ov-file#repositories
Communication: #kubewarden on Kubernetes Slack, #kubewarden-dev on Kubernetes Slack, cncf-kubewarden-maintainers as mail username at lists.cncf.io.
Project points of contacts: https://github.com/orgs/kubewarden/teams/maintainers or cncf-kubewarden-maintainers as mail username at lists.cncf.io.
Incubation Criteria Summary for Kubewarden
Application Level Assertion
Adoption Assertion
The project has been adopted by the following organizations in a testing and integration or production capacity:
List adopters in ADOPTERS.md
Application Process Principles
Suggested
N/A
Required
cncf/sandbox#213
https://lists.cncf.io/g/cncf-toc/topic/results_from_sandbox/91754161?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,91754161,previd%3D1655255497954310253,nextid%3D1653320044101394801&previd=1655255497954310253&nextid=1653320044101394801
Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisfies the Due Diligence Review criteria.
https://docs.kubewarden.io/
https://github.com/kubewarden/community
Governance and Maintainers
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
Suggested
https://github.com/kubewarden/community/blob/main/GOVERNANCE.md
Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.
Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.
Governance clearly documents vendor-neutrality of project direction.
https://github.com/kubewarden/community/blob/main/GOVERNANCE.md
In the Kubewarden team we have only two roles that are applied for the whole project. These roles definition are defined in the GOVERNANCE.md file
https://github.com/kubewarden/community/blob/main/GOVERNANCE.md
All the Kubewarden subprojects follow the same governance and processes describe in all the topics listed in this submission.
Required
https://github.com/kubewarden/community/blob/main/MAINTAINERS.md
https://github.com/kubewarden/community/blob/main/MAINTAINERS.md
We use the CODEOWNERS file in all of the repositories. Some examples:
https://github.com/kubewarden/kubewarden-controller/blob/main/CODEOWNERS
https://github.com/kubewarden/docs/blob/main/CODEOWNERS
https://github.com/kubewarden/community/blob/main/CODE_OF_CONDUCT.md
https://github.com/kubewarden/community/blob/main/CODE_OF_CONDUCT.md
https://github.com/kubewarden/community?tab=readme-ov-file#repositories
Contributors and Community
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
Suggested
Required
We use GitHub for submitting issues and changes via PRs. Contributors can get in contact with us at #kubewarden-dev on the Kubernetes Slack server, as well as cncf-kubewarden-maintainers@lists.cncf.io. We also have the CONTRIBUTING.md file
We use #kubewarden-dev, #kubewarden on the Kubernetes Slack server, as well as cncf-kubewarden-maintainers@lists.cncf.io. These are linked in https://kubewarden.io. We also describe how to contribute to the project in the CONTRIBUTING.md file
https://github.com/kubewarden/community/tree/main?tab=readme-ov-file#community
We have our community calls listed in the CNCF calendar and in our community repository
https://github.com/kubewarden/community/blob/main/CONTRIBUTING.md
https://github.com/kubewarden/kubewarden-controller/blob/main/CONTRIBUTING.md
https://kubewarden.devstats.cncf.io/
https://kubewarden.devstats.cncf.io/d/74/contributions-chart?orgId=1
Engineering Principles
Suggested
We follow a montly release cadence. All the releases can be found in the Github repositories, including the release candidates. We also write a blog post for each release.
https://github.com/kubewarden/kubewarden-controller/releases
https://github.com/kubewarden/policy-server/releases
https://github.com/kubewarden/kwctl/releases
https://github.com/kubewarden/audit-scanner/releases
Required
We use Github milestones to define the roadmap for future releases. This can be found in the project board at the "Milestone" tab
https://github.com/orgs/kubewarden/projects/6/views/1
https://docs.kubewarden.io/explanations/architecture
https://github.com/kubewarden/helm-charts/blob/main/CONTRIBUTING.md
https://github.com/kubewarden/kubewarden-controller/blob/main/CONTRIBUTING.md#kubewarden-release-template
Security
Note: this section may be augmented by a joint-assessment performed by TAG Security.
Suggested
N/A
Required
https://github.com/kubewarden/community/blob/main/SECURITY.md
https://docs.kubewarden.io/disclosure
As a Github hosted project, we rely on the Github authentication mechanisms. Most of the maintainers use two factor authentication and sign commits and tags with GPG keys
This is described at the SECURITY.md file
Document Security Self-Assessment.
Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.
All the MUST and SHOULD must be achieved. See criteria in https://www.bestpractices.dev/en/criteria/0.
Current progress in https://www.bestpractices.dev/en/users/23101.
policy-server
commands and flags policy-server#810kwctl
commands and flags kwctl#851Ecosystem
Suggested
N/A
Required
https://github.com/kubewarden/community/blob/main/ADOPTERS.md
The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation: https://github.com/kubewarden/community/blob/main/ADOPTERS.md
Refer to the Adoption portion of this document.
Docs page listing the dependencies used: https://docs.kubewarden.io/reference/dependency-matrix
Additional Information
The text was updated successfully, but these errors were encountered: