►
From YouTube: CDF - TOC Meeting 2021-04-27
Description
For more Continuous Delivery Foundation content, check out our blog: https://cd.foundation/blog/
A
D
E
G
H
H
H
H
H
Here's
the
agenda,
please
add
other
things.
If
you
like,
we
have
one
discussion
topic.
I
want
to
try
to
make
time
for
for
carrie,
because
I
think
I
missed
it
when
he
added
this
and
it
unfairly
got
added
at
the
bottom
of
the
agenda.
So
apologies
terry,
but
we'll
try
to
move
quick
to
make
sure
we
get
some
time
to
go
over
your
question.
H
All
right,
any
other
stuff
feel
free
to
add
it
here,
and
we
will
jump
in
charter
and
elections
a
little
bit
more
discussion
here.
I
think
a
couple
of
these
look
like
copy
paste,
but
then
there's
this
middle
one,
which
is
new
right,
tracy,.
L
H
We
already
discussed
the
changes
last
week,
so
we
can
drop
this
part
yeah.
The
news
this
week
is
that
tracy
has
a
proposal
now
about
how
to
start
the
process
for
each
project
to
nominate
a
representative
and
then
to
elect
the
project
representatives.
So
let
me
pull
this
up.
D
Yeah-
and
I
thought
I'd
love
to
run
it
by
this
group
first
and
then
I
can
stick
things
in
a
github
issue
to
get
wider
commentary,
but
yeah
after
discussing
with
dan.
We
thought
it
would
be
great
to
get
the
the
ball
rolling
on
this
sooner
rather
than
later
on
project
representatives
for
the
toc.
H
D
J
And
this
is
for
the
the
the
four
positions
that
are
project
related
right.
Trying
to
remember
that.
D
Yes,
that's
right,
so
we
have.
The
charter
now
allows
for
four
elected
project
representatives
where
each
cdf
project
gets
to
put
forward
one
representative
for
their
project,
and
then
we
have
voting
to
to
pick
those.
So
we.
D
D
And
so
the
main
feedback
I'd
like
to
get
folks
from
each
of
the
projects
to
comment
on
what
we'd
be
asking
for
is
sort
of,
let's
say
a
two-week
period
where
the
projects
put
their
heads
together.
Typically
the
governing
board
or
the
technical
steering
committee
or
whatever
is
the
top
level
body
of
the
projects,
and
then
they
through
some
internal
process
of
their
own
choosing.
They
put
forward
one
candidate
to
run
at
the
cdf.
D
M
N
Logistically
create
a
vote.
We
can
also
have
our
candidates,
one
thing
that
we
need
some
time
to
organize
that.
So
it's
not
something
like
we
do
it
overnight.
Right.
M
N
Yeah,
we
are
using
a
platform
called
thieves
for
voting.
We
introduced
it
for
governance
elections.
Basically,
it's
a
system
which
uses
transferable
world
and
it's
quite
trendy
and
you
can
set
up
for
voting
in
a
few
minutes.
So
if
someone
is
interested,
I
can
show
how
to
use
it.
You
don't
need
special
account
and
as
long
as
voting
can
animus,
you
also
don't
need
to
like
collect
any
special
data.
M
Oh,
like
that
would
be
awesome
if
you
could
send
me
the
link
to
it.
Let
me
dig
through
it
and
if
I
need
your
help,
I'll
reach
out.
D
So,
like
any
sense
of
how
much
time
the
community
would
need
to
put
somebody
forward
like
in
in
many
cases,
I
would
imagine
the
candidate
is
a
member
of
the
the
top
body
like
the
governing
board,
so
that
they
can
act
as
a
bridge
from
cdf
to
to
the
project
itself.
N
Yes,
so
I
think
that
so
on
the
very
tight
schedule
we
would
need
one
week.
So
let's
say
we
send
call
from
nominations
today:
collect
feedback.
Then
the
voting
can
approve
the
final
candidate
at
the
next
governance
meeting.
It
will
be
next
wednesday
if
we
miss
this
time.
Then
yeah
jenkins
uses
open
governance
and
governance
meeting.
Is
our
end
decision
work?
C
I
think
timeline
sounds
good,
we'll
discuss
it
with
during
our
next
call,
with
our
community
meetup
on
what
the
thoughts
are.
H
Yeah,
I
can
just
explain:
they
have
a
five-member
governing
board
who
meets
pretty
regularly,
so
they
can.
They
should
be
able
to
figure
out
something
here.
I
guess
like
we're
kind
of
outsourcing
the
entire
selection
process
to
projects
here
right.
They
could
just
have
their
governing
boards
vote
and
pick
they
could.
P
H
D
Exactly
yeah
so
yeah
the
governing
board
could
decide
just
within
them.
Let's
say
tact
on.
If
it
was
five
people
they
could
just
get
together
and
just
pick
one
person
and
put
them
forward
or
they
could
open
it
up
to
all
contributors
to
vote
so
yeah
totally
up
to
the
communities
and
how
how
they
want
to
handle
it.
D
Okay
and
jenkins
x,
similar
because
they're,
not
quite
as
big
a
big
project.
A
So
I
I
imagine
it's
similar
that
that,
within
the
the
leadership
of
the
project,
they
will
be
able
to
select
someone.
D
Okay,
yeah,
no
that's
great
and
it
the
last
project
spinnaker.
Anyone
here
on
behalf
of
spinnaker,
otherwise
I
can
reach
out
to
the
the
governing
board
mailing
list.
L
D
D
Yeah,
if
you
keep
going
the
one
other
aspect
of
it,
so
what
one
side
is
getting
in
the
candidates
from
each
of
the
projects.
The
other
side
is
setting
out
the
voter
eligibility
and
in
general
we
were
looking
to
the
kubernetes
community
and
how
they
run
the
election.
D
So
I
think
if
in
doubt,
we're
going
to
use
what
they
have,
and
this
is
how
they
set
out
voter
eligibility
on
one
hand,
taking
contributions
from
all
the
projects
and,
on
the
other
hand,
also
making
an
allowance
for
folks
who
might
get
missed
by
that
system
to
to
be
submitted
through
through
a
form
for
contributions
that
aren't
tracked
through
through
github,
for
instance.
D
H
I
think
this
should
work
and
be
pretty
straightforward.
This
is
inspired
by
how
a
lot
of
other
projects
like
kubernetes
and
I
think
even
techton
and
k,
natives
and
other
things
run
their
elections.
D
A
H
Yeah,
I
think
people
can
submit
that
form
on
behalf
of
others.
I
don't
remember,
though,
I
see
no
issue
with
that.
D
Okay,
so
let's
clarify
that
that
the
form
is
it's
not
the
voter
themselves
who
has
to
fill
it
in,
but
anyone
can
on
behalf
of
a
community
member.
Q
And
has
artelia's
been
added
to
dev
stats?
I
know
there
was
a
to-do
item
on
that.
D
That's
true,
I
think
otilius
might
have
gone
straight
into
lfx
insights.
I
believe
there's
an
equivalent
query.
We
can
run
so
we
should
make
sure
we
we
run
it
from
both
insights
and
dev
stats.
H
Yeah,
so
there
will
be
a
list
of
all
of
the
voters
and
then
an
email,
if
I
remember,
and
how
kubernetes
and
other
projects
run
it.
There's
a
list
of
voters
and
emails
get
sent
to
the
addresses
that
we
have
on
file
which
we
should
have
for
everyone.
That's
contributed
because
of
the
cla
and
other
stuff
like
that.
C
D
With
the
illustrated
dates,
what
it
would
effectively
mean
is
we
would
kick
off
officially
next
monday
and
then
that
timing
actually
works
out.
So
the
winners,
well,
not
the
winners,
but
the
elected
office
are
announced
at
cdcon,
which
would
be
june
23rd
and
then
start
their
term
from
july
1st.
D
So
I
think
that
kind
of
ties
in
quite
nicely
with
our
event
and
with
the
half
year
halfway
mark
of
the
year,
which
works
well,
so
just
based
on
this
feedback.
I
think
it's
something
gail
and
I
can
go
ahead
and
start
working
on.
D
So
what
I'd
like
to
propose
is
that
I'll
I'll
send
some
written
details
in
the
mailing
list,
but
for
folks
who
are
connected
to
their
their
projects,
if
you
could
go
and
kick
off
the
discussions
as
soon
as
possible
and
and
then
we'll
look
to
officially
kick
things
off
on
may
3rd.
D
Okay
gail,
I
may
need
your
help,
then
yeah.
I
Yeah,
if
you
have
time,
if
you
look
afterwards,
if
you
want
to
slack
or
email
me
and
let
me
know
if
you're
missing
and
we'll
also
do
an
audit
as
well.
J
A
bunch
of
projects
oleg
has
been
glorious
at
doing
initial
whacking
of
mentors
for
review.
I
say
that
with
love.
He
was
very
polite
about
it.
I
think
we've
identified
a
couple
of
projects
that
didn't
meet
the
standards
and
kind
of
winnowing
it
down.
We
have
an
outstanding
question
and
actually
that
now
might
be,
I
think
I
heard
steven
tracy
an
outstanding
question
on
the
ortelius
project.
Steve
is
is
this:
is
this
person
someone
that
was
already
working
with
the
project.
Q
J
Q
J
Q
It's
a
person
that
is
in
university
in
morocco,.
J
Okay,
so
I
know
we
have
some
concerns
about
the
project.
We
also
have
limited
project
availability
outside
of
the
jenkins
space.
So
I'm
not
given
that
this
is
my
person,
my
only
second
time
with
the
gsoc
situation.
I
guess
oleg
I'd
love
to
hear.
Maybe
what
concerns
that
you
have
as
far
as
you
know,
whether
or
not
weaker
projects
impact
our
spots
allocation
or
how
this
stuff
kind
of
works.
N
Yes,
so
basically,
when
the
organizations
apply
for
slots,
they
send
me
two
numbers:
one
is
a
minimum
project
source
number
another
one
is
maximum
one,
so
the
minimum
one
is
basically.
What
is
our
preference
to
get?
We
are
not
going
to
get
this
number
and
maximum
is
a
absolute
number.
What
google
can
provide
so
historically
jenkins
used
to
receive
something
between
a
minimum
and
maximum
and
usually
closer
to
maximum
but
yeah?
J
So
I
mean
we
can
include
it
in
the
minimum
allocation
and
cross
our
fingers
and
then,
if
there's
for
whatever
reason.
J
That's
fine,
I'm
just
trying
you
know
I
I
don't
want
to
to
arbitrarily
exclude
anybody,
but.
N
We
want
to
reserve
slots
for
that.
Okay,
let's
include
this
in
our
application.
J
Right
and
if,
for
some
reason
we
we
get,
we
do
not
get
enough
slots
to
cover
all
the
projects
that
we've
requested
and
we'll
have
to
re-review
and
stack
rank.
D
Thanks
thanks,
everybody
admins
and
oleg
for
pushing
this
through
and
getting
us
to
the
stage.
H
H
All
right,
bob's
world
cfp
is
open.
This
definitely
is
a
dupe,
but
it's
always
good
to
keep
calling
these
out
on
purpose.
This
one
is
a
dupe
on
purpose
call
for
papers.
We
have
another
three
weeks
it
looks
like
may.
20Th
is
the
end
for
the
cfp.
H
Is
a
track
specific
for
cdf
stuff,
so
please
submit
there
unless
you
have
any
ideas.
H
Next,
one
bof:
what
is
a
bof
question.
B
D
And
I
I
think
I
can
share
an
update
here.
I
believe
we've
have
had
submissions
from
every
project
and
all
the
the
sigs,
and
I
think
we
managed
to
work
it
out
that
there
were
not
too
many
people
clamoring
for
the
same
spot,
so
everybody
got
their
first
choice
session
with
the
exception.
The
only
one
that's
not
fully
scheduled
yet
is
the
best
practices
sig
and
we've
got
a
couple
of
options
of
how
we
might
run
that
so
we're
seeing
if
we'll
keep
it
narrowly
focused
or
wider,
focused.
D
So
yeah
thanks
for
folks
who
volunteered
to
run
those,
and
I
think
I
should
start
seeing
those
in
the
schedule
and
jackie
I
didn't
do
you
want
to
give
it
just
a
general
other
city,
con
update
on
registrations.
B
Yeah
sure
so,
yes,
over
the
weekend,
we
crossed
the
2000
registration
marks.
So
as
of
today,
we
are
at
2043
folks
registered.
The
jenkins
contributor
summit
has
248
books.
Registered,
get
up.
Summit
has
864.
B
spinnaker
summit
is
at
5.92,
so
we're
really
healthy
in
registrations.
We
also
yesterday
had
some
more
requests
and
inquiries
on
like
some
startups
inquiring
on
sponsorship
sales,
but
as
of
right
now
we
are
projected
to
close
at
269
hundred.
If
those
additional
sponsorships
come
in
then
we'll
close
at
283.
B
So
we
would
have
met
our
goal
and
surpassed
it
by
eighty
three
thousand
dollars
best
case
scenario.
Otherwise,
it'll
be
about
69.5,
so
yeah
we're
doing
really
well
and
like
we
mentioned
just
scheduling
right
now
with
speakers
and
getting
them
to
start
scheduling
their
recording
session
with
with
tim
but
yeah.
I
think
that's
the
biggest
update
for
cbcon.
H
D
Thanks
for
those,
and
just
as
a
final
mention
for
folks
who
attend
the
outreach
meeting,
I
believe
next
tuesday
we
are
aiming
if
everything
goes
well
to
to
have
the
folks
from
hop
in
come
along
and
just
demo
some
of
the
the
latest
integration.
So
they
they
have
some
integrations
with
other
platforms
like
slido
and
miro
and
twitter.
D
So
we've
asked
them
for
a
walk
through.
So
we
can
start
to
think
through
the
the
whole
conference
experience
and
and
try
and
make
it
a
seamless
and
useful
for
people
and
interactive
as
possible.
K
The
the
hot
topic
of
conversation
for
the
mlp
sig
last
week
was
was
the
the
leaked
proposal
for
regulation
of
ai
and
machine
learning
in
the
eu,
and
I
don't
know
if
anyone
has
actually
had
a
look
at
it
or
seen
any
of
the
stories
around
it.
But
it's
it's
based
on
multiple
serious
misunderstandings
of
what
machine
learning
is
and
how
it
works,
and
it's
a
effectively
a
functional
ban
on
doing
machine
learning
in
the
european
union.
J
L
J
K
So
the
as
part
of
the
discussion,
a
question
was
raised
as
to
whether
we
should
be
getting
involved
in
the
discussions
to
try
and
help,
steer
and
educate
the
regulator
to
doing
something
a
bit
more
rational.
K
Yeah,
so
what
I
really
wanted
to
do
is
raise
that
as
a
as
a
point
of
discussion
to
say,
you
know
whether
that's
something
that
we
we
feel
the
cdf
should
be
getting
involved
in
or
whether
it's
something
that
we
want
to
be
clear
of,
and
you
know
how,
how
we
feel
these
sorts
of
issues
potentially
should
be
engaged
with
or
not.
D
Yeah,
no,
I
think,
like
being
able
to
reach
out
and
involve
folks
in
the
conversation,
would
be
great.
I
guess
my
questions
are
mostly
around
logistics
of
like
do.
We
know
who
those
folks
are.
Is
there
like?
Do
you
have
any
thoughts
on
how
we
would
engage,
or
is
this
something
we'd
have
to
go,
investigate
and
just
figure
out.
K
Typically,
with
these
sorts
of
challenges,
there
will
either
be
an
existing
mechanism
by
which
you
can
you
can
feed
back
information
to
to
this
particular
group,
or
it
involves
digging
to
find
out
who's
actually
working
on
this
and
then
making
contacts
and
actually
fighting
your
way
into
into
the
right
communication
groups.
K
R
K
Negotiating
token
to
try
and
rein
in
some
of
the
large
players
in
the
existing
marketplace.
So
it's
it's
not
entirely
clear.
Yet
whether
this
is
being
done
in
good
faith
or
whether
it's
just
part
of
a
different
negotiating
tactic.
D
K
K
Yeah
yeah,
so
there's
a
the
the
the.
The
brief
is
that
you,
you
would
have
to
get
third
party
accreditation
for
any
application
that
they
deemed
fell
foul
of
the
legislation
and
there
are
lots
of
challenges
involved.
You
know,
for
example,
you're
they're
thinking
about
this
as
a
as
an
immutable,
you
know
release,
so
you
would
get
accreditation
on
one
version
of
a
model
and
that
model
would
have
to
be
immutable,
so
you
couldn't
upgrade
the
model
without
having
to
go
through
the
accreditation
process
again.
K
So
it's
a
it's
a
long
way
off
understanding
how
things
actually
work
in
in
this
field,
and
it's
at
the
moment
it
looks
like
it's
going
to
trap
a
lot
of
applications
that
are
not
even
really
machine
learning
applications,
they're,
just
general
statistical
analysis.
J
K
D
I
think
this
is
something
I
I'll
go
and
just
cancel
with
folks
at
the
linux
foundation,
because
it
does
strike
me
as
this
is
a
kind
of
broader
industry
concern
and
with
the
likely
bodies,
like
the
lfai,
we'll
be
also
talking
and
thinking
about
this,
as
well
as
some
other
groups
which
have
some
overlap
in
this
area.
D
So
let
me
go
go
check
in
with
folks
and
see
if
there's
already
been
some
discussion
or
some
thoughts
on
this
and
then
based
on
that,
I
can
report
back
and
we
can
see
what
our
role
may
or
may
not
be.
K
K
D
Yeah
now
that's
interesting!
Yes,
if
you
could
send
me
to
some
of
the
links
and
also,
if
there's
any
links
on
on
kind
of
commentary,
that
kind
of
shares
that
perspective
or
captures
some
of
the
concerns
that
that
would
be
helpful.
C
D
J
I
suspect
there's
going
to
be
an
industry
response
and
probably
a
coalition
of
you
know
normally
enemies,
but
the
enemy
of
my
enemy
is
my
ally.
This
has
the
potential
for
huge
impact,
so
I
I
suspect,
the
linux
foundation
level
throwing
its
weight
behind.
That
is
the
most
likely
outcome,
but
we
should
watch
it.
H
All
right
thanks
everybody,
so
many
last
minute
topics
got
added.
Oh.
N
And
jenkins
yeah,
so
no
jing,
specifically
just
quick
update
for
others,
so
we
are
working
on
adopting
call
effect
security
for
the
genius
project.
We
hit
some
issues
with
regards
to
how
our
repository
is
organized
and
how
our
dependency
management
works.
J
That's
maybe
the
email
to
the
toc
or
what's
a
good
mailing,
alias.
N
But
yeah
lfx
security
is
currently
expected
if
you
use
other
linux
foundation,
services
like,
for
example,
community
bridge
hall
effects
mentorship
because
it's
a
part
of
the
dashboards.
Also,
if
you
want
to
have
current
transaction
initiative
again
known
points
called
effects
security.
Quite
specifically,
so
it
may
be
transitively
a
requirement
for
graduation
of
new
cdf
projects,
just
keep
it
in
mind,
but
yeah
in
general.
It's
just
sneak.
So
it's
licensed
scanning
dependencies
coming
some
code.
Analysis
all
is
reasonable.
If
you're
interested
to
adopt
it.
H
I
don't
know
if
tekton
or
anybody
uses
sneak
tacton
mostly
uses
like
the
distributors,
images
which
are
designed
to
not
need
a
scanner
which
is
rebuilding
fast
enough.
But
I
played
with
sneak
myself
occasionally.
N
E
So
so
for
typhoon,
I
I
checked
this
hosted
version
some
time
ago
and
it's
enabled
so
you
can
see
the
scanning
going
on
the
thing
that
I
was
missing.
There
was
a
kind
of
way
to
to
access
that
information
programmatically
if
you
will,
as
opposed
to
having
to
go
into
the
dashboard
and
look
at
the
maybe
the
issues
there,
but
still
it's
good
to
have
that
information.