►
From YouTube: CNCF SIG Contributor Strategy Governance WG 2020-08-04
Description
CNCF SIG Contributor Strategy Governance WG 2020-08-04
B
B
Oh,
hey,
do
you
know
you
know
allison
downey
from
kubernetes.
I
do
indeed
yeah
she's
moving
to
london.
C
Cool,
do
you
know
when
she's,
when
she's
actually
going
to
be
here.
B
Yeah,
it's
been
like
we
didn't
set
out
to
do
the
pod
slash
bubble
thing.
I
particularly
am
really
amused
with
that
big
concept
being
called
pods
for
obvious
reasons,
but
we've
ended
up
doing
it
anyway,
right,
because
the
only
friends
that
we
feel
really
comfortable
seeing
in
person
are
the
ones
who
we
know
are
not
terrifically
social.
C
Yep
yeah
there's
another
couple
that
live
in
our
neighborhood
that
are
like
that:
they're,
the
only
ones
that
we
see,
and
so
every
weekend
we've
been
just
getting
together
in
one
or
the
other's
houses
and
an
interestingly
enough
playing
pandemic.
A
B
You're
like
if
we
can't
defeat
it
in
reality,
we'll
defeat
it
on
the
on
the
game
table.
C
Yeah
so
we're
actually
playing
pandemic
legacy,
and
so
we
started
and
we
got
like
halfway
through
it
and
then
the
pandemic
started,
and
then
we
had
to
take
a
break
from
it
and
now
we're
back
to
finishing
the
second
half
of
legacy.
But
we've
played
three
or
four
weekends
in
our
row
and
you
know
we're
still
we're
still
not
done.
We
still
have
a
few
more
games
to
go.
B
E
E
House-
oh
it's
great,
it
is
great
to
see
everybody.
You
know,
for
you
know,
a
big
part
of
this
whole
open
source
thing
is
the
people,
and
I
I
relish
these
types
of
events
here
where
we're
getting
the
the
band
back
together
a
little
bit.
It's
nice
cool.
E
So
I'm
the
newly
minted
head
of
open
source
over
at
spotify,
so
I've
been
helping
to
spin
up
their
ospo.
They
already
had
a
pretty
awesome
group
of
people
internally
called
the
fossboard.
That's
been
sort
of
doing
all
of
the
functions
of
the
ospo.
That
includes
a
bunch
of
folks
like
lynn,
root
from
psf
and
a
couple
of
other
like
fast
stalwarts.
So
there's
a
lot
of
like
great
culture
and
tools
and
stuff
here,
and
I'm
just
here
to
sort
of
help
glue
it
all
together
nice
and
turn
it
yeah.
C
C
By
vmware
and
in
that
process
I
switched
from
running
our
kubernetes
contributor
strategy
to
to
the
open
source
program
office,
which
is
a
change
that
I
I
wanted
to
make
because
vmware
has
loads
people
doing
kubernetes
contributor
strategy.
They
didn't
need
me
as
one
more
I'm
happy
to
do
community
strategy
within
ospo.
So
that's
that's
what
I'm
doing
so.
It's
it's
been
pretty
fantastic.
I
love
it.
B
Well,
I
think
we've
got
the
people
that
we're
going
to
get
today,
there's
not
much
on
the
agenda,
so
I
think
people
were
not
excited
about
showing
up
the
april.
Are
you
able
to
hear
at
this
point
cool?
Okay?
I,
by
the
way
we
are
recording
the
usual
thing.
This
is
an
official
meeting,
the
cncf
we're
under
the
cncf
code
of
conduct
be
nice
and
then
let's
get
started
so.
B
Here
I
just
pinged
him:
let's
go
back
to
that
if
he
shows
up,
because
we
have
more
follow-up
to
doing
that,
to
make
it
a
real
proposal.
The
one
bit
was
for
anybody.
Wasn't
it
at
last
week's
general
contributor
strategy
meeting
the
general
sig
felt
that
we
could
actually
commit
to
following
up
with
spot
checks
of
the
annual
reviews
in
order
to
verify
badges,
which
was
one
of
the
sort
of
open
questions
the
so
and
then
we'll
talk
more
about
it.
C
Yeah,
so
I
would
say
there
are
probably
not
really
any
changes
since
since
last
week,
so
josh
you
signed
up
for
adding
something
about
rotation.
F
C
Oh
yeah,
I
thought
sorry,
I
thought
you
were
going
to
add
a
few
sentences
about
your
your
thoughts
on
rotation.
So
it
says.
D
C
B
D
C
C
C
So
if
once
that
gets
added,
if
people
are
okay
with
this,
I
think
what
I'll
do
I'll
just
give
it
another
quick
once
over,
and
then
I
can
just
pr
it
into
the
the
repo
as
a
resource.
C
B
Okay,
I
added
one
of
the
other
checklist
items
there,
the
what
is
governance
document.
B
A
lot
of
this
is
taken
from
the
chapter
that
I
wrote
for
the
open
source
way
with
rearranged
and
with
changes
made
to
make
it
more
specifically
applicable
to
the
cncf
the.
But
one
of
the
questions
that
comes
from
that
is,
I
do
have
any
licensing
restrictions,
because,
because
I
did
copy
and
paste
some
material
written
by
other
people
as
well,
it
was
it
was
a
collaborative
effort
and
the
open
source
way
is.
I
licensed
cc
sharealike.
B
H
B
B
E
B
Of
effort,
because,
basically
I
wrote
a
draft
brian
barenhausen
edited
it
and
his
contributions
are
under
cc
by
sa,
so
I
would
have
to
basically
undo
all
those
edits
which
would
be
painful.
H
Yeah
I
mean
I
just
I
my
personal
philosophy
is
like
you
wrote
it
clearly,
it's
you
know
up
to
a
certain
standard
that
we're
probably
all
pretty
comfortable
with
so
then
I
think
it's
just
a
question
of
like
having
the
the
legal
check
off
that
we're
doing
the
right
thing.
B
Cool
okay,
so
I
will
go
ahead
and
escalate
that
to
cncf
and
make
sure
there's
no
problem
with
cc
by
sa.
If
they're,
okay
with
that,
then
I
will
just
add
a
line
at
the
bottom
of
that
particular
file.
That
says
some
material
from
the
open
source
way.
B
D
B
B
Okay,
well,
if
people
have
other
thoughts,
if
people
can
have
anything
to
contribute
to
that,
obviously
we're
in
our
early
draft
stage.
B
Please
do
otherwise.
I
will
work
on
tying
in
the
rest
of
the
bits
of
the
advisory
folder
into
that,
so
we
have
lead-ins
to
everything
and
then
go
ahead
and
submit
it
as
a
resource.
Pr.
B
Okay,
so
let's
look
at
the
rest
of
content.
B
B
B
B
E
B
The
a
resource
list
is
actually
already
started
with
a
pr,
so
we
have
a
few
of
the
things
that
aren't
attributed
how
to
shut
down
archive
a
project.
B
Somebody
needs
to
follow
up
on
security
issue
handling
guidelines.
The
reason
why
this
falls
under
governance
working
group
is
picking
who
handles
security
issues
is
very
definitely
a
governance
issue,
particularly
it
becomes
a
governance
issue.
If
you
do
it
badly.
B
B
How
to
keep
your
communications
open?
This
would
be
sort
of
an
advisory,
particularly
an
important
advisory
for
projects
that
are
going
from
being
single
organization
to
multi-organization.
B
And
and
then
one
of
the
things
we
need
to
think
about
doing
is
adding
templates
for
all
of
the
things
that
we're
describing
that
should
go
into
the
new
project.
Template.
G
B
It's
the
idea
that
at
least
six
securities
should
be
involved
in
whoever
is
working
on
this
needs
to
ping
them
to
see.
If
they
have
advice
for
projects
you
know
ideally
it'll
turn
out
that
they
have
a
bunch
of
already
written
material
that
we
can
just
point
to
you
know
and
then
confine
ourselves
to
just
writing
up
a
thing
of
hey
here's,
how
here's
ways
you
can
choose
a
security
committee
because
part
of
it
we
have
to
look
over
things.
You
know
advice
like
hey
when
your
project
is
really
small.
B
Your
security
committee
will
probably
also
just
be
the
lead
maintainers,
but
as
the
project
gets
bigger
and
more
complicated,
you're,
probably
going
to
need
a
separate
security
team
and
here's
how
a
bunch
of
different
here's
how
some
projects
handle
that
I
mean
that's
the
governance
issue
that
we
absolutely
can't
leave
alone.
Hopefully,
sig
security
is
material
on
now.
Here's
how
that
team
should
behave
and
if
they
don't
already
have
that,
then
somebody
would
need
to
ask
them
to
actually
prepare
that.
B
H
H
B
The
it's
really
hard
to
have
given
the
times
I
try
to
avoid
setting
deadlines
on
things
that
are
not
tied
to.
This
is
true.
Yes,
external!
Do
or
die
deadlines
yeah.
As
long
as
we're
making
progress,
I
mean
because,
among
other
things,
honestly,
none
of
these
documents
will
ever
really
be
finished.
B
B
Now
and
then
we
can
just
keep
putting
pull
requests
against
those
to
improve.
G
I'll
add
myself
to
the
security
issue,
handling
guidelines,
one
in
sync
with
the
same
security
folks.
B
B
B
Okay,
so
there's
most
of
the
things,
then
we
can
sort
of
knock
out
all
this
advisory
stuff
and
then
we
can
start
on
some
of
the
requirements
stuff
and
we're
doing
it
in
that
order,
because
a
lot
of
the
requirements
stuff
will
be
like
you
need
to
do
this
and
here's
an
advisory
document
on
how
to
do
that.
C
The
other
question
I
have
for
you
is:
how
important
are
the
templates
versus
these
documents,
because,
obviously
all
of
these
documents
are
going
to
generate
templates?
Should
we
work
on
getting
a
core
set
of
docs
and
then
work
on
getting
a
course
out
of
templates,
or
should
we
do
them
in
parallel?
Any
thoughts.
B
I
I'd
say
in
parallel
is
fine,
I
would
say:
do
the
thing
that
you
feel
like
doing
at
the
time
like
if
you're
really
hot,
to
do
templates
and
you're
gonna
knock
out
a
bunch
of
templates
and-
and
you
know
make
prs
for
those,
then
do
it
right
and
if
you
feel
like
writing
instead
and
you
want
to
write
a
bunch
of
stuff,
then
do
it
given
how
much
content
we've
assigned
ourselves.
B
You
know,
and
so
I
was
saying,
we're
kind
of
leaving
off
the
requirements
stuff,
but
that's
a
very
soft
rule.
If
you
have
ideas
to
write
up
things
for
the
requirements,
particularly
some
of
the
requirements
that
we've
had
a
lot
of
discussion
about
already,
then
don't
don't
hold
back
because,
oh
I
need
to
do
this.
Other
document.
First.
B
Okay,
so
that
was
content
tracking
and
of
course
I
didn't
take
notes
for
any
of
that,
because
too
many
screens
are
there
other.
B
B
So
that's
still
pending
as
a
pull
request
and
then
we'll
have
something
that
we
can
add
stuff
to
beyond
that
we
don't
have
any
new
issues.
So
it's
just
all
this
content.
B
B
B
B
Don
well
wait
we're
waiting
for
one
bit
in
that
in
your
document
and
then
you
can
submit
as
a
pr
right,
yeah
exactly
okay,
hi
and
then
we
will
get
that
set
up
cool.