►
Description
During this meeting, we discussed the process and timeline of the Tekton project graduation in the Continuous Delivery Foundation. We discussed how to do it before Kubekon, and did the application review
B
Today
is
October
4th
and
we
have
a
special
session
to
discuss
Tipton
graduation
in
the
continuous
delivery
Foundation
just
to
share
some
background
and
correct
me
if
I'm
wrong.
So
a
while
ago
we
had
a
discussion
about
graduation
criteria,
protection
where
we
basically
reviewed
the
steps
defined
in
our
life
cycle
and
Andrea,
went
ahead
and
put
the
criteria
declared
on
our
steps,
the
documented
basically
every
of
these
criteria
on
this
list.
B
So
we
have
this
issue
that
basically
includes
all
the
information
at
the
moment.
So
it's
not
just
a
graduation
criteria,
but
it's
also
well
the
graduation
application
itself.
At
least
this
is
how
I
perceive
it
and
there
were
a
few
open
questions.
So
one
of
the
questions
we
discussed
is
a
security
or
audit
which
was
recently
completed.
So
now
we
have
a
public
report
which
provides
information
about
the
audience
results,
but
yeah.
B
This
results
is
basically
you're,
all
good,
so
no
high
severity
issues,
it
matches
the
expectations
for
CDF
projects
and
from
the
security
just
standpoint.
We
are
also
good
what
else
was
remaining,
so
one
of
the
open
questions
was
which
again
got
brought
up
recently.
Is
the
scope
of
the
project
so
Andrea?
Would
you
like
to
summarize
the
current
state
for
the
scope
or
should.
C
A
C
B
B
D
B
D
B
D
C
B
C
C
But
it's
also
fine
to
keep
the
same
issue
if
you
prefer
to
do
so
yeah
and
yeah
so
based
on
the
private
stage
definition.
So
there
are
12
criteria
identified
and
I
also
created
a
project
in
detect
on
kind
of
maps.
All
this,
so
you
can
see
all
the
different
criterias
and
the
tasks
that
we
are
working
on
on
techno
side
and
I
use
the
code
like
C1
C2
C3,
for
the
different
criteria.
C
I
will
just
keep
going
through
and
if
there
are
questions,
if
you
stop
me
at
any
time,
please
or
comments
or
anything
in
terms
of
governance,
decision
making
and
releases,
we
have
so
I
have
a
documented
and
public
publicly
accessible
description
of
the
protest,
governance
decision
making
and
release
processes.
So
we
have
the
governance
documentation,
it's
quite
extensive.
We
have
documentation
for
the
decision
making
process.
C
We
have
documented
community-wide
release
policies
and
we
are
working
on
making
sure
that
every
single
project
have
releases
that
MD
file,
where
we
document
the
release
processes,
documentation
and
the
expectation
is
that
within
one
or
two
weeks
Top
This
will
be.
This
process
will
be
finished
on
our
site,
so
yeah.
So
it's
yeah.
That's
it
it's.
Basically
it's
done
for
the
core
project
which
is
pipeline,
but
it's
working
progress
for
the.
B
B
C
So
third
commitment
commit
us
from
two
or
more
orgs,
so
I
have
a
healthy
number
of
committers
from
at
least
your
organization,
so
we
have
24
companies
with
more
than
100
contribution
in
tecton
and
modern
analytic
companies
that
contributed
at
any
point
in
time
to
check
on
yeah
I,
put
a
link
to
the
dev
stat,
and
so
do
we
get
the
user
resource
for
this.
But
from
our
point
of
view
this
is
clean.
C
Governance
and
contributing
explicitly
Define
a
project,
governance
in
computer
process,
so
I
think
your
governance.nd
contributed.nd
and
owners.md,
and
so
we
are
definitely
green
on
all
of
these.
We
have
extensive
governance,
documentation.
We
have
community-wide
and
Project
Specific
contribution
guides
that
are
non-trivial.
C
The
entire
GitHub
organization
is
managed
in
git
and
we
use
owner
files
and
we
also
have
the
Emeritus
committers
in
there.
So
and
if
you
look,
if
you
look
into
the
all
the
all
these
in
the
presentation
so
they're
linked,
so
you
can
go
into
the
tecton
project
and
find
links
with
proof
of
the
different
items.
C
In
terms
of
adopters,
C5
I
have
a
public
list
of
project
adopters
for
at
least
the
primary
repo.
So
we
have
today
the
tecton.france
repo
with
a
number
of
adopters
in
there,
and
it's
a
bit
dated
in
terms
that
last
time
it
was
updated.
So
this
is
still
something
a
resource
that
we
have,
but
we
feel
maybe
it's
not
entirely
sufficient.
So
we
are
working
on
creating
an
adopters
file.
C
The
only
question
here
is
that
it
kind
of
depends
on
the
response
that
we
get
from
the
user
community,
so
we
are
reaching
out
to
companies
that
are
in
France
already
to
to
fill
in
this
adopters
file.
So
my
question
here
would
be
how
critical
the
TSC
think
this
is
to
have
an
adopters
list
and
how
extensive
it
should
be
in
terms
of
graduation.
D
If
you
put
that
adopters.md
file
out
there,
I
I've
got
people
using
this
stuff
that
I'll
get
them
to
add
their
name
or
I'll.
Add
it
for
them
and
we
can
just
get
that
file,
because
it's
just
the
the
standard
Mo
for
all
these
these
projects,
it's
really
cool.
You
all,
have
a
separate
repo
and
has
apparently
some
context
so
I'm
checking
it
out
and
that's
good,
but
just
having
that
adopters.md
yeah
a
little
simple
place
to
add
it
and
as
I
go
through
my
travel
y'all
are
using
tecton,
hey.
A
A
C
B
D
B
C
B
Say
many
entities,
including
countries,
delivery
foundation,
will
say
things
when
they
know
which
logos
they
can
use
for
public
pair,
because
sometimes
you
know,
for
example,
some
companies
that
use
Jenkins
or
Captain.
But
we
can't
use
their
logos
because
we
don't
have
externation
and
if
there
is
a
list
of
companies,
so
that
actually
do
give
this
agreement
with
Harps
a
lot.
B
B
C
C
So
next
one
is
the
open
source.
Sorry
opennesses
have
best
practices
badge,
so
this
is
a
basically
best
practices,
badge
application
that
you
can
apply
for
each
of
the
Techno
product
of
each
project
and
we
have
applied
for
several
of
the
Techno
projects,
so
the
The
Three
core
ones,
pipeline
triggers
and
chains
so
pipeline
triggers
have
achieved
it.
They
are
at
100,
so
they
have.
The
patch
today
triggers
is
that
around
88,
I,
think
and
yeah.
So
we
are
working
towards
getting
it
to
more
than
90
percent.
C
Tooling
dashboard
operator
inside
I
do
a
bit
behind,
but
we
are
working
on
those
and
it's
basically
going
through
questions.
There
are
a
lot
of
questions
that
are
very
specific
in
this
area
of
security,
so
we
are
basically
collecting
the
information
making
sure
that
we
don't
have
exceptions
in
terms
of
algorithm
use,
and
things
like
that.
So
we
expect
within
one
week
to
to
be
at
least
at
90,
for
this
six
repositories.
C
C
C
So
this
I
marked
the
screen
because
we
we
discussed
in
the
past
weeks
and
we
agreed
in
our
community
LTS
policy
and
Community
release
Cycles.
So
it's
basically
we
we
have
agreed
that
all
the
projects
in
tecton
will
have
four
releases
that
will
be
supported
for
a
period
of
a
year.
So
basically
we
are
aligning
with
the
same
model
used
by
a
project
like
kubernetes,
and
then
specific
project
may
have
extra
releases
and
that's
the
progress.
The
last
point
that
the
bullet
point
that
they
have
in
there
documentation
in
process
in
progress.
C
That's
basically
every
com.
Every
project
is
documenting
specifically
how
many
releases
they're
they're
doing
today,
but
every
everyone
so
Community
widely
agreed
on
these
four
releases
at
least
and
providing
long-term
support
so
one
year
support
for
these
four
releases
security
patches
and
these
kind
of
things.
C
C
C
C9
attractive
meters,
projects
that
are
able
to
attract
a
healthy
number
of
committers
on
the
basis
of
its
production
production,
usefulness,
not
simply
developers,
popularity
and
I
put
here
a
few
examples
of
companies
that
are
contributing
to
tectum
that
are
invested
in
tecton
and
they
use
it
for
production
so
like
IBM
red
at
Google,
VMware
relay
solo
wind.
At
this
more.
A
C
End
User
implementations:
it's
a
project
that
have
several
high
profile
or
well-known
end
user
implementation,
so
I
have
two
in
here
for
which
I
I
think
they're
satisfying
already,
but
we're
working
on
getting
more
so
solarwind
is
one
example
that
I
think
with
our
project
for
abiche
after
December's
attack
they
recreated
their
build
system
based
on
deckton,
so
I
think
that's
a
very
good
example
of
end
user
implementation.
The
other
thing
that
I
wanted
to
provide
here
is
that
IBM
is
a
vendor
for
tectum,
but
it's
also
an
end
user.
C
D
D
D
B
B
So
basically,
once
we
collect
the
stories,
we
can
send
it
out
to
Advocates
Etc
so
that
they
can
view
the
promote
them
or
Advocates
could
take
initiated
from
their
own
for
particular
stories.
So,
for
example,
if
you
know
about
such
implementation
integration,
you
can
drop
it
in
any
channel.
Implementations.
C
Yeah,
thanks
for
that,
and
and
thanks
all
like
for
the
steward
CI
and
yeah
I've
forgotten
about
it.
So
I
will
let
the
list
for
sure
all
right,
so
C11
project
has
underground
security.
Audit,
that's
yeah!
We
we
have
done
it.
I
was
completed,
it
was
done
in
March.
We
started
at
work
and
then
there
is
a
recent
blog
post
that
documents
the
results
with
the
entire
report
published
there.
So
that's
green
from
our
point
of
view
and
and
finally
doc
vote.
That's
the
last
requirement.
C
C
C
Much
about
no,
we
definitely
care
and
I
mean
we've
been
working
really
hard
to
to
get
this
ready
as
much
as
possible
and
also
put
together.
This
presentation
and
I've
got
a
summary
here
of
where
we
are
and
I
think.
Probably
the
adopter
sounds
quite
quite
good-funded
after
the
discussion
today,
the
open,
ssf
best
practices
badge
is
where
probably
we
need
to
do
most
of
the
work
and
C2
is
just
documenting
existing
processes
that
we
need
to
finish
the
documentation,
PR,
so
I'm
not
concerned
at
all
about
C2.
C
It's
just
a
matter
of
you
know,
crunching
the
pr
the
conditioned
PRS
I'm
less
concerned
after
the
talk
today
about
adopters
I
mean
I'm
not
concerned
about
getting
the
adopters
in.
It's
just
I,
didn't
I,
wasn't
sure
about
the
ETA.
For
that
and
for
the
badge
again,
it's
probably
just
crunching
through
the
last
percentage
of
the
batch.
C
So
in
terms
of
timeline,
so
we
have
all
these
requirements
which
are
met
these
three
that
are
in
process,
but,
as
you
can
see
from
the
the
line
is
today
October.
The
4th
I
mean
if
we
take
more
than
one
or
two
weeks
it
becomes
it
gets
into.
After,
like
October
17th
and
from
what
fatty
told
me.
If
we
want
to
present
to
announce
the
graduation
at
kubecon,
we
need
to
be
able
to
say
on
October
17th
latest
that
it
will
happen
so
that
we
have
enough
time
to
prepare.
C
You
know
all
the
pr
that
needs
to
be
done,
so
the
announcements
and
whatever
we
want
to
do
in
terms
of
media
interviews
or
yeah,
so
that
that
would
be
the
deadline.
And
that's
why
I
was
this.
C12
is
the
the
vote
and,
if
yes
assume
a
week
time
for
voting,
it
would
mean
that
we
should
start
voting
on
October
the
10th,
but
it
doesn't
quite
fit
with
a
getting
all
the
requirements.
C
C
B
B
I,
don't
think
it's
a
huge
deal
if
it's
staged
in
some
way
in
full
requests,
a
panic
review,
it's
even
better,
but
focus
on
ssf,
so
I
would
vote
for
giving
it
a
bit
of
slack
and
since
most
of
the
captain,
most
of
technical
components
are
already
passing
the
badge
except
a
few
ones.
I
would
be
okay
to
start
voting
without
full
completion.
D
I'll
let
the
market
speak.
My
vote
is
a
reflection
of
that.
I
have
no
problem
with
that.
Yes,
these
are
important,
open,
ssf
Edge,
and
thank
you
for
working
on
that
adopters
on
C
blocker
the
release
process.
Look,
these
These
are
known
knowns.
There
are
no
unknown
unknowns
here,
so
look
and,
and
the
number
of
people
that
are
offering
this
as
a
service
I
mean.
D
A
A
C
A
B
Yes,
so
for
sectional
making
exceptions
so
when
Jake's
was
created,
we
also
decided
to
go
for
this
position
without
having
a
formal
Security
review
by
third
party,
which
feels
magnitude
it's
more
important
than
all
these
three
items
combined
to
be
honest,
yeah.
The
reason
for
that
was
quite
clear
that
there
was
no
budget
the
and
there
was
significant
interest
from
some
of
the
parties
to
reach
graduated
stage
for
drinkers,
but
yeah
take
given
that
I.
Definitely
wouldn't
like
to
block
text
on
a
few
formalities
so
for
open
ssf.
B
It
would
be
nice
to
have
at
least
of
projects
so
that
somebody
could
review
them.
So,
basically
for
which
project
where
you
have
separate
open,
SSL
page,
it
would
be
nice
to
have
an
in
some
way
in
the
application.
We
should
I.
Guess
it's.
What
you're
working
on
Andrea
for
final
application
I
mean
so
we
would
need
a
final
application
and
I
think
it
would
be
one
of
the
items
right
there,
but
it's
I
think
it's
nice
that
not
everything
is
complete.
C
D
For
those
that
are,
will
you
put
sorry
good?
Oh
I'm,
sorry
Melissa,
you
just
made.
You
made
a
really
good
point
about
acknowledging
that
we're
stepping
out
of
process
and
if
you
could
add
that
to
your
vote
in
whatever
forum
I
would
very
much
appreciate
that,
because
I
I
think
acknowledging
that
is
important.
Yeah
don't
want
to
slow
it
down.
I
think
everybody's
on
board
with
this,
but
there
is
a
huge
amount
of
value
in
recognizing
hey.
D
B
So
basically,
what
I
would
recommend,
so
we
have
this
table
for
components
included
so
for
each
of
them,
I
would
recommend
I
didn't
open
as
a
base
link,
if
relevant,
because,
for
example,
for
Jenkins,
we
approached
it
differently.
We
just
have
one
open
one
page
for
the
entire
core,
and
but
here,
if
you
have
multiple
ones,
it
would
be
nice
to
just
have
it
here,
so
that
everyone
can
jump.
C
Yes,
what
I
would
propose-
maybe
I
can
make
a
new
item
so
because
this
was
about
you
know,
agreeing
on
the
criteria
and
I
can
make
a
new
item
and
you
know
follow
the
same.
Notation
I
had
on
the
on
the
presentation,
with
the
with
every
requirement:
C1
C2
Etc
and
then
for
each
of
them.
I
can
include
links
to
the
proof
so
for
the
open,
SSL
badge
I
can
have
the
links
to
the
to
the
patches,
relevant,
Badges
and
so
forth.
C
B
A
B
B
B
B
B
What
would
be
my
proposal
how
we
handle
it
for
tecton
and
I
believe
this
is
how
I
should
actually,
at
least
with
respect
to
the
handle
it
for
Jenkins.
That's
for
proposal
CA.
We
also
put
degradation
proposal
for
Tipton
by
and
I
will
do
the
same
for
Jenkins
so
that
they
in
this
folder.
We
can
find
all
this
information.
B
C
Do
you
think
yeah
it
works
for
me,
so
basically,
I
can
put
a
proposal
there.
I
can
I
can
write
a
markdown
with
a
list
of
Criterion
and
the
links
to
the
qualifying,
yeah,
criterias
and,
and
then
I,
don't
know.
But
then
the
vote
be
on
the
pr
itself
or
does
it
have
to
be
then
a
separate
boat
in
the
history
I
think
it
would
be
the
same
like
before
so
it.
B
B
Yeah,
so,
basically,
once
we
are
rigging,
somebody
most
likely
creates
a
threat
on
the
TLC
mailing
list.
With
all
the
summary,
we
saw
the
disclaimer
reference
regarding
the
status
for
open
cell
pages
and
we
officially
kick
off
the
boat
okay
and
for
them,
so
here
we
can
save
for
one
week.
What
would
be
my
recommendation
is
once
you
have
a
pull
request
with
the
proposal
we
can
initiate
a
public
comment
period
where
basically,
people
can
step
in
and
comment.
It
gives
a
bit
more
time
for
people
to
share
feedback
if
they
want
to.
B
A
B
B
B
C
B
B
B
B
B
B
Yeah
sounds
good
to
me
actually
yeah,
one
of
things.
We
could
also
put
a
dictum
project
review
there,
so
basically
a
similar
to
what
we
did
with
our
Studios
recently.
So
something
like
state
of
it,
the
union
Etc,
but
it's
totally
up
to
you
Andre.
So
if
you
feel
that
it
makes
sense-
and
we
could
also
put
it
on
the
agenda-
if
not
it's
not
a
mandatory
part
of
the
process.
B
Yeah,
so
we
introduced
the
concept
of
here
the
project
reviews,
so
we
had
one
presentation
by
our
Studios
when
basically
we
planted
this
presentation
in
September
but
yeah,
it's
postponed,
November
I,
believe,
but
theoretically
we
couldn't
do
the
same
product
just
to
show
the
current
state
Etc.
Basically,
where
the
project
stands,
would
it
be
something
interesting
for
you
or,
if
not
I,
think
it's
a
midship
of
a
short
notice.
C
B
B
A
B
B
Thank
you,
yeah,
sorry
again
for
the
previous
meeting,
I
totally
forgot
that
we
are
supposed
to
have
a
meeting
next
week,
so
I
will
make
sure
that
the
meeting
calendar
is
finally
up
to
date,
and
if
you
don't
see
a
meeting
so
I
believe
five
people
can
host
it
right
now
on
Reddit.
If
you
would
like
to
be
able
to
host
for
this
meeting,
just
ask
for
permissions
and.