├── .github
    ├── CODEOWNERS
    └── settings.yml
├── CONTRIBUTING.md
├── CONTRIBUTORS.md
├── EMERITUS.md
├── GROUPS.md
├── LICENSE
├── PRINCIPLES.md
├── PROJECT_LIFECYCLE.md
├── README.md
├── ROADMAP.md
├── docs
    ├── TOC_Meeting_Notes.md
    └── onboarding.md
├── elections
    ├── 2021
    │   ├── README.md
    │   └── voters.md
    ├── 2023
    │   ├── README.md
    │   └── voters.md
    └── 2024
    │   └── Voters.md
├── incubating
    └── README.md
├── process
    ├── README.md
    ├── graduation_criteria.md
    ├── new_project_onboarding.md
    ├── vacancies.md
    └── voting.md
├── projects
    ├── README.md
    ├── cdevents
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   ├── 2025-q1.md
    │   └── README.md
    ├── jenkins
    │   ├── 2024-q2-jenkins-jvm-adoption-stats.png
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   └── README.md
    ├── jenkinsx
    │   ├── 2024-q3.md
    │   ├── README.md
    │   ├── jenkins-x-2024-q2.md
    │   └── jenkins-x-2025-q1.md
    ├── ortelius
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   ├── 2024-q4.md
    │   ├── 2025-q1.md
    │   └── README.md
    ├── screwdriver
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   ├── 2025-q1.md
    │   └── README.md
    ├── shipwright
    │   ├── 2024-q2.md
    │   └── README.md
    ├── spinnaker
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   ├── 2025-q1.md
    │   └── README.md
    ├── tekton
    │   ├── 2024-q2.md
    │   ├── 2024-q3.md
    │   ├── 2025-q1.md
    │   └── README.md
    └── update-template.md
├── proposals
    ├── README.md
    ├── cdevents
    │   └── cdevents.md
    ├── ortelius
    │   ├── Ortelius-Architecture.png
    │   ├── OrteliusPipeline.png
    │   ├── dependencymap.jpg
    │   ├── diffview.jpg
    │   ├── impact.jpg
    │   └── ortelius.md
    ├── proposal_template.md
    ├── pyrsia
    │   ├── images
    │   │   ├── buildandverify.png
    │   │   ├── collaborate.png
    │   │   ├── dist-ledger.png
    │   │   ├── powerlines.png
    │   │   ├── slsa.png
    │   │   └── trustednodes.png
    │   ├── pyrsia-deps.md
    │   └── pyrsia_proposal.md
    ├── screwdriver
    │   ├── SDarch.png
    │   ├── SDpipeline.png
    │   └── screwdriver.md
    ├── shipwright
    │   └── shipwright.md
    └── tekton
    │   └── graduation.md
├── sigs
    ├── README.md
    ├── archived
    │   ├── sig-chinese-localization.md
    │   └── sig-security.md
    ├── best-practices-sig.md
    ├── proposed.md
    ├── sig-events.md
    ├── sig-interoperability.md
    ├── sig-mlops.md
    └── sig-software-supply-chain.md
└── working-groups
    └── README.md


/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @cdfoundation/toc
2 | 


--------------------------------------------------------------------------------
/.github/settings.yml:
--------------------------------------------------------------------------------
 1 | repository:
 2 |   # See https://developer.github.com/v3/repos/#edit for all available settings.
 3 | 
 4 |   # The name of the repository. Changing this will rename the repository
 5 |   name: toc
 6 | 
 7 |   # A short description of the repository that will show up on GitHub
 8 |   description:  "CDF Technical Oversight Committee (TOC) facilitates communication and collaboration among the Technical Projects"
 9 | 
10 |   # A URL with more information about the repository
11 |   homepage: https://cd.foundation/about/toc/
12 |   
13 |   # Collaborators: give specific users access to this repository.
14 |   # Note: changing this file will update the users visible in Github UI 
15 |   # see /governance/roles.md for details on write access policy
16 |   # note that the permissions below may provide wider access than needed for
17 |   # a specific role, and we trust these individuals to act according to their
18 |   # role. If there are questions, please contact one of the chairs.
19 | collaborators:
20 |   # TOC members
21 |   - username: oleg-nenashev
22 |     permission: admin
23 | 
24 |   - username: fdegir
25 |     permission: admin
26 |     
27 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contributing to the TOC [DRAFT]
 2 | 
 3 | ## Contributing Projects to CDF
 4 | 
 5 | If you're interested in contributing a project to the Continuous Delivery Foundation (CDF), please open up an issue here for discussion: https://github.com/cdfoundation/toc/issues
 6 | 
 7 | The full project proposal requirements is located [here](https://github.com/cdfoundation/toc/blob/master/PROJECT_LIFECYCLE.md#project-proposal-requirements).
 8 | 
 9 | ## TOC Contributors
10 | 
11 | There has been a call from CDF’s Technical Oversight Committee (TOC) for additional contributors and expertise to help evaluate potential projects and contribute to the CDF. The CDF TOC will refine how to get involved over time, however, here are some possible ways to contribute:
12 | 
13 | * Tech due diligence for projects
14 | * Time spent helping projects
15 | * Liaison with GB
16 | * CDF SIGs & working groups (various tasks)
17 | * Technical content for website
18 | 
19 | If you are interested in engaging in this way, we would encourage you to issue a pull request to [TOC Contributors](https://github.com/cdfoundation/toc/blob/master/CONTRIBUTORS.md) that you desire to become a TOC Contributor. Although there is not an actual limit of having one Contributor per company, we would encourage CDF member companies to designate an official TOC Contributor who is tasked with consulting internal experts and expressing a semi-official view on a given project.
20 | 
21 | This is not only about individual contribution.  It is also about rallying help from your employer, e.g., if you work for a CDF Member company. We're particularly interested in Contributors that can act as a focal point for tapping relevant expertise from their organizations and colleagues in order to engage with CDF discussions in a timely manner.
22 | 
23 | The TOC already has the pattern of encouraging non-members to make non-binding votes, so no change in the TOC charter is necessary to allow Contributors.
24 | 
25 | TOC [meetings](https://github.com/cdfoundation/toc/blob/master/README.md#communication) are only two hours a month, which are mainly taken up with project presentations. While Contributors are welcome to share their views during the meeting, the biggest opportunity is to comment on the TOC [mailing list](https://lists.cd.foundation/g/cdf-toc), on pull requests representing project applications and in voting.
26 | 


--------------------------------------------------------------------------------
/CONTRIBUTORS.md:
--------------------------------------------------------------------------------
 1 | # TOC Contributors
 2 | 
 3 | Find out more about the role of TOC contributors [here](CONTRIBUTING.md#toc-contributors)
 4 | 
 5 | Person | Organization | Other Affiliations | GitHub Username | Gitlab Username |
 6 | -- | -- | -- | -- | -- |
 7 | Ankit D Mohapatra | Dexai Robotics| Jenkins X maintainer | [@ankitm123](https://github.com/ankitm123) | |
 8 | Kara de la Marck | CDF | Linux Foundation, CDF Interoperability SIG, codebar.io | [@MarckK](https://github.com/MarckK) | |
 9 | Roxanne Joncas | CDF | Linux Foundation | [@zestyroxy](https://github.com/zestyroxy) | |
10 | Sudhindra Rao | JFrog | Pyrsia Core team | [@betarelease](https://github.com/betarelease) | |
11 | Terry Cox | Bootstrap | CDF MLOps SIG, CDF Best Practices SIG | [@tdcox](https://github.com/tdcox) | |
12 | Brad McCoy | Basiq | CDEvents, Ortelius, Keptn | [@bradmccoydev](https://github.com/bradmccoydev) | |
13 | 
14 | ## Project Representatives
15 | 
16 | Project representatives represent the CDF technical projects in the TOC as TOC contributors
17 | 
18 | Project | Person | GitHub Username
19 | -- | -- | --
20 | CDEvents | Emil Bäckmark | [@e-backmark-ericsson](https://github.com/e-backmark-ericsson)
21 | Jenkins | Oleg Nenashev | [@oleg-nenashev](https://github.com/oleg-nenashev)
22 | Jenkins X | Ankit D Mohapatra  | [@ankitm123](https://github.com/ankitm123)
23 | Ortelius | Steve Taylor | [@sbtaylor15](https://github.com/sbtaylor15)
24 | Pyrsia | Stephen Chin | [@steveonjava](https://github.com/steveonjava)
25 | Screwdriver | Vonny Jap | [@vonnyjap](https://github.com/vonnyjap)
26 | Shipwright | Enrique Encalada | [@qu1queee](https://github.com/qu1queee)
27 | Spinnaker | Cameron Motevasselani | [@link108](https://github.com/link108)
28 | Tekton | Andrea Frittoli | [@afrittoli](https://github.com/afrittoli)
29 | -- | -- | -- 
30 | 


--------------------------------------------------------------------------------
/EMERITUS.md:
--------------------------------------------------------------------------------
 1 | # TOC Contributors Emeritus
 2 | 
 3 | We would like to acknowledge previous TOC members and their huge contributions to our collective success:
 4 | 
 5 | ## TOC Chair
 6 | 
 7 | * Oleg Nenashev (Jenkins/Keptn) [Chair] - 31 June 2021 to 06 December 2022 [Elected]
 8 | * Dan Lorenc (Tekton, Google) [Chair] - 1 April 2020 to 31 June 2021 [TOC-appointed]
 9 | * Kohsuke Kawaguchi (Jenkins) [Chair] - 03/1/2019 to 02/29/2020  [GB-appointed]
10 | 
11 | ## TOC Members
12 | 
13 | * See the previous TOC members [here](https://github.com/cdfoundation/toc#toc-alumni)
14 | 
15 | ## TOC Contributors
16 | 
17 | We thank these members for their service to the CDF community.
18 | 


--------------------------------------------------------------------------------
/GROUPS.md:
--------------------------------------------------------------------------------
  1 | # CDF Working Groups and SIGs
  2 | 
  3 | This document proposes a process for managing the lifecycle of working groups in the Continuous Delivery Foundation.
  4 | 
  5 | ## Working Groups
  6 | 
  7 | ### Definitions
  8 | A Working Group is defined as a temporary group of collaborators focused on completing a defined task.
  9 | Examples of these could include:
 10 | 
 11 | * Authoring and publishing a white paper on a specific topic.
 12 | * Migrating a piece of legacy infrastructure to a new system.
 13 | * Researching and defining cross-CDF project policies.
 14 | * Planning and hosting an event.
 15 | 
 16 | Durations for a Working Groups should be <6 months, although extensions can be granted by the TOC for efforts that are making forward progress but need more time.
 17 | Longer term efforts are out of scope for the working group system, and should be handled by the SIG system.
 18 | 
 19 | #### Creation
 20 | 
 21 | To propose a working group, create an issue with the following information:
 22 | 
 23 | * A CDF TOC Sponsor willing to monitor progress against exit criteria.
 24 | * A proposed timeline toward reaching this criteria.
 25 | * Exit criteria, including details on the tasks or deliverables.
 26 | * A list of initial members, and a chair. There should be at least 2 different companies represented.
 27 | * Any resources needed from the CDF to accomplish the task.
 28 |   This can include funding, marketing, technical expertise or other resources.
 29 |   Note that some types of resources may require allocation from the Governing Board.
 30 | 
 31 | Approval of the Working Group is intended to be a lightweight process, requiring only a TOC Sponsor and one additional vote.
 32 | A proposal should be submitted in the form of a GitHub issue, and approval comes with two LGTMs from TOC members.
 33 | 
 34 | #### Ongoing Process
 35 | 
 36 | The Sponsor must take an active role in understanding the exit criteria, monitoring the group against it and ensuring forward progress continues.
 37 | 
 38 | The WG is expected to send out updates to the TOC mailing list at least quarterly.
 39 | 
 40 | The Sponsor must escalate any issues quickly to the TOC for assistance.
 41 | Potential issues include a lack of resources, lack of funding, decision making or other. 
 42 | 
 43 | The Chair must escalate if the Sponsor is not able to meet these commitments while a Working Group is in session.
 44 | 
 45 | #### Interaction
 46 | 
 47 | Working Groups receive the following from the CDF:
 48 | * GitHub organizations or repositories to track work.
 49 | * Funding and other resources specified in the proposal and allocated by the relevant groups.
 50 | * Email lists, chat groups or other communication channels. Groups.io naming convention for email lists e.g. cdf-wg-<some-group>@list.cd.foundation
 51 | * CDF provides governance rules such as [Code of Conduct](CODE_OF_CONDUCT.md).
 52 | 
 53 | The Working Group is disbanded under the following conditions:
 54 | * Exit criteria are met.
 55 | * The Sponsor decides the Working Group is no longer required or effective.
 56 | * The initial timeline has expired, and no extension has been granted.
 57 | 
 58 | ## SIGs
 59 | 
 60 | ### Definitions
 61 | A Special Interest Group is defined as a long-term group of collaborators interested in a specific theme, within the scope of the CDF.
 62 | Examples of these could include technical areas like:
 63 | * Security
 64 | * Compliance
 65 | * Productivity
 66 | * Or other areas related to running the foundation, like:
 67 |   * Event Planning
 68 |   * Project Infrastructure
 69 | 
 70 | SIGs should meet regularly, with no defined lifetime.
 71 | 
 72 | ### Creation
 73 | Recurring meetings, especially in a large foundation and across companies are expensive.
 74 | Proportional care must be taken in establishing long-term recurring meetings to ensure they are scoped correctly and have the required interest to remain productive for everyone.
 75 | 
 76 | To propose a SIG, create an issue with the following information:
 77 | * A brief (1-2 sentence) overview of the SIG charter.
 78 | * A CDF TOC Sponsor willing to regularly monitor the SIG and ensure it remains useful and productive
 79 | * A proposed meeting schedule, with a sample agenda
 80 | * Details on any outcomes, or deliverables
 81 | * A list of initial members, and a chair. There should be at least 3 different companies represented
 82 | * Any resources needed from the CDF to accomplish the task.
 83 |   This can include funding, marketing, technical expertise or other resources.
 84 |   Note that some types of resources may require allocation from the Governing Board.
 85 | 
 86 | Approval of the SIG  is intended to be a more heavyweight process, requiring a majority vote from the TOC.
 87 | A proposal should be submitted in the form of a GitHub issue, and a vote is conducted following standard TOC procedure.
 88 | 
 89 | ### Ongoing process
 90 | 
 91 | The Sponsor must take an active role in understanding the desired outcomes of the SIG, and monitoring the recurring meetings and communications.
 92 | 
 93 | The SIG is expected to send out updates to the TOC mailing list at least quarterly.
 94 | 
 95 | The Sponsor must escalate any issues quickly to the TOC for assistance.
 96 | Potential issues include a lack of resources, lack of attendance, or other.
 97 | 
 98 | The Chair must escalate if the Sponsor is not able to meet these commitments while a SIG is in session.
 99 | 
100 | The SIG should rotate chairs at least bi-annually to ensure neutral leadership.
101 | 
102 | ### Interaction
103 | 
104 | SIGs receive the following from the CDF:
105 | * GitHub organizations or repositories to track work.
106 | * Email lists, chat groups or other communication channels. Groups.io naming convention for email lists e.g. cdf-sig-<some-group>@list.cd.foundation
107 | * Infrastructure for recurring meetings
108 | * CDF provides governance rules such as [Code of Conduct](CODE_OF_CONDUCT.md).
109 | 
110 | SIGs can make regular requests for resources from the CDF TOC, including funding, marketing or technical expertise, and project or technical infrastructure.
111 | 
112 | The SIG is disbanded under the following conditions:
113 | * The SIG is no longer required or relevant. It has accomplished all desired goals.
114 | * The Sponsor decides the Working Group is no longer required or effective.
115 | * Attendance consistently drops below the requirement of 3 participating companies, as assessed by the sponsor or TOC.
116 | 
117 | ### SIG Onboarding Checklist
118 | 
119 | This is the checklist for new SIGs
120 |  * Create GitHub repo
121 |  * Create GitHub team for the sig (cochairs should manage the team)
122 |  * Create slack channel (or rename existing channel to reflect sig name)
123 |  * Create groups.io mailing list
124 |  * SIG co-chairs to get access to CDF calendar to modify events
125 |  * Create SIG playlist on Youtube
126 |  * Announcement blog post/press release 
127 |  * Recommend scheduling a podcast: https://cd.foundation/podcast/
128 | 
129 | ### SIG Archival Checklist
130 | 
131 | * Archival must be agreed upon by the TOC
132 | * Move the SIG markdown in this repo from `sigs` to `sigs/archived`
133 | * Move the SIG in the `README.md` from ["current sigs"](./sigs/README.md#current-sigs) to ["archived sigs"](./sigs/README.md#archived-sigs)
134 | * Archive the GitHub repository (from the repository settings)
135 | * Archive the Slack channel
136 | * Archive mailing list
137 | * Remove access to the calendar for SIG co-chairs (unless they may keep because of other roles)


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 |                                  Apache License
  2 |                            Version 2.0, January 2004
  3 |                         http://www.apache.org/licenses/
  4 | 
  5 |    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
  6 | 
  7 |    1. Definitions.
  8 | 
  9 |       "License" shall mean the terms and conditions for use, reproduction,
 10 |       and distribution as defined by Sections 1 through 9 of this document.
 11 | 
 12 |       "Licensor" shall mean the copyright owner or entity authorized by
 13 |       the copyright owner that is granting the License.
 14 | 
 15 |       "Legal Entity" shall mean the union of the acting entity and all
 16 |       other entities that control, are controlled by, or are under common
 17 |       control with that entity. For the purposes of this definition,
 18 |       "control" means (i) the power, direct or indirect, to cause the
 19 |       direction or management of such entity, whether by contract or
 20 |       otherwise, or (ii) ownership of fifty percent (50%) or more of the
 21 |       outstanding shares, or (iii) beneficial ownership of such entity.
 22 | 
 23 |       "You" (or "Your") shall mean an individual or Legal Entity
 24 |       exercising permissions granted by this License.
 25 | 
 26 |       "Source" form shall mean the preferred form for making modifications,
 27 |       including but not limited to software source code, documentation
 28 |       source, and configuration files.
 29 | 
 30 |       "Object" form shall mean any form resulting from mechanical
 31 |       transformation or translation of a Source form, including but
 32 |       not limited to compiled object code, generated documentation,
 33 |       and conversions to other media types.
 34 | 
 35 |       "Work" shall mean the work of authorship, whether in Source or
 36 |       Object form, made available under the License, as indicated by a
 37 |       copyright notice that is included in or attached to the work
 38 |       (an example is provided in the Appendix below).
 39 | 
 40 |       "Derivative Works" shall mean any work, whether in Source or Object
 41 |       form, that is based on (or derived from) the Work and for which the
 42 |       editorial revisions, annotations, elaborations, or other modifications
 43 |       represent, as a whole, an original work of authorship. For the purposes
 44 |       of this License, Derivative Works shall not include works that remain
 45 |       separable from, or merely link (or bind by name) to the interfaces of,
 46 |       the Work and Derivative Works thereof.
 47 | 
 48 |       "Contribution" shall mean any work of authorship, including
 49 |       the original version of the Work and any modifications or additions
 50 |       to that Work or Derivative Works thereof, that is intentionally
 51 |       submitted to Licensor for inclusion in the Work by the copyright owner
 52 |       or by an individual or Legal Entity authorized to submit on behalf of
 53 |       the copyright owner. For the purposes of this definition, "submitted"
 54 |       means any form of electronic, verbal, or written communication sent
 55 |       to the Licensor or its representatives, including but not limited to
 56 |       communication on electronic mailing lists, source code control systems,
 57 |       and issue tracking systems that are managed by, or on behalf of, the
 58 |       Licensor for the purpose of discussing and improving the Work, but
 59 |       excluding communication that is conspicuously marked or otherwise
 60 |       designated in writing by the copyright owner as "Not a Contribution."
 61 | 
 62 |       "Contributor" shall mean Licensor and any individual or Legal Entity
 63 |       on behalf of whom a Contribution has been received by Licensor and
 64 |       subsequently incorporated within the Work.
 65 | 
 66 |    2. Grant of Copyright License. Subject to the terms and conditions of
 67 |       this License, each Contributor hereby grants to You a perpetual,
 68 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 69 |       copyright license to reproduce, prepare Derivative Works of,
 70 |       publicly display, publicly perform, sublicense, and distribute the
 71 |       Work and such Derivative Works in Source or Object form.
 72 | 
 73 |    3. Grant of Patent License. Subject to the terms and conditions of
 74 |       this License, each Contributor hereby grants to You a perpetual,
 75 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 76 |       (except as stated in this section) patent license to make, have made,
 77 |       use, offer to sell, sell, import, and otherwise transfer the Work,
 78 |       where such license applies only to those patent claims licensable
 79 |       by such Contributor that are necessarily infringed by their
 80 |       Contribution(s) alone or by combination of their Contribution(s)
 81 |       with the Work to which such Contribution(s) was submitted. If You
 82 |       institute patent litigation against any entity (including a
 83 |       cross-claim or counterclaim in a lawsuit) alleging that the Work
 84 |       or a Contribution incorporated within the Work constitutes direct
 85 |       or contributory patent infringement, then any patent licenses
 86 |       granted to You under this License for that Work shall terminate
 87 |       as of the date such litigation is filed.
 88 | 
 89 |    4. Redistribution. You may reproduce and distribute copies of the
 90 |       Work or Derivative Works thereof in any medium, with or without
 91 |       modifications, and in Source or Object form, provided that You
 92 |       meet the following conditions:
 93 | 
 94 |       (a) You must give any other recipients of the Work or
 95 |           Derivative Works a copy of this License; and
 96 | 
 97 |       (b) You must cause any modified files to carry prominent notices
 98 |           stating that You changed the files; and
 99 | 
100 |       (c) You must retain, in the Source form of any Derivative Works
101 |           that You distribute, all copyright, patent, trademark, and
102 |           attribution notices from the Source form of the Work,
103 |           excluding those notices that do not pertain to any part of
104 |           the Derivative Works; and
105 | 
106 |       (d) If the Work includes a "NOTICE" text file as part of its
107 |           distribution, then any Derivative Works that You distribute must
108 |           include a readable copy of the attribution notices contained
109 |           within such NOTICE file, excluding those notices that do not
110 |           pertain to any part of the Derivative Works, in at least one
111 |           of the following places: within a NOTICE text file distributed
112 |           as part of the Derivative Works; within the Source form or
113 |           documentation, if provided along with the Derivative Works; or,
114 |           within a display generated by the Derivative Works, if and
115 |           wherever such third-party notices normally appear. The contents
116 |           of the NOTICE file are for informational purposes only and
117 |           do not modify the License. You may add Your own attribution
118 |           notices within Derivative Works that You distribute, alongside
119 |           or as an addendum to the NOTICE text from the Work, provided
120 |           that such additional attribution notices cannot be construed
121 |           as modifying the License.
122 | 
123 |       You may add Your own copyright statement to Your modifications and
124 |       may provide additional or different license terms and conditions
125 |       for use, reproduction, or distribution of Your modifications, or
126 |       for any such Derivative Works as a whole, provided Your use,
127 |       reproduction, and distribution of the Work otherwise complies with
128 |       the conditions stated in this License.
129 | 
130 |    5. Submission of Contributions. Unless You explicitly state otherwise,
131 |       any Contribution intentionally submitted for inclusion in the Work
132 |       by You to the Licensor shall be under the terms and conditions of
133 |       this License, without any additional terms or conditions.
134 |       Notwithstanding the above, nothing herein shall supersede or modify
135 |       the terms of any separate license agreement you may have executed
136 |       with Licensor regarding such Contributions.
137 | 
138 |    6. Trademarks. This License does not grant permission to use the trade
139 |       names, trademarks, service marks, or product names of the Licensor,
140 |       except as required for reasonable and customary use in describing the
141 |       origin of the Work and reproducing the content of the NOTICE file.
142 | 
143 |    7. Disclaimer of Warranty. Unless required by applicable law or
144 |       agreed to in writing, Licensor provides the Work (and each
145 |       Contributor provides its Contributions) on an "AS IS" BASIS,
146 |       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 |       implied, including, without limitation, any warranties or conditions
148 |       of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 |       PARTICULAR PURPOSE. You are solely responsible for determining the
150 |       appropriateness of using or redistributing the Work and assume any
151 |       risks associated with Your exercise of permissions under this License.
152 | 
153 |    8. Limitation of Liability. In no event and under no legal theory,
154 |       whether in tort (including negligence), contract, or otherwise,
155 |       unless required by applicable law (such as deliberate and grossly
156 |       negligent acts) or agreed to in writing, shall any Contributor be
157 |       liable to You for damages, including any direct, indirect, special,
158 |       incidental, or consequential damages of any character arising as a
159 |       result of this License or out of the use or inability to use the
160 |       Work (including but not limited to damages for loss of goodwill,
161 |       work stoppage, computer failure or malfunction, or any and all
162 |       other commercial damages or losses), even if such Contributor
163 |       has been advised of the possibility of such damages.
164 | 
165 |    9. Accepting Warranty or Additional Liability. While redistributing
166 |       the Work or Derivative Works thereof, You may choose to offer,
167 |       and charge a fee for, acceptance of support, warranty, indemnity,
168 |       or other liability obligations and/or rights consistent with this
169 |       License. However, in accepting such obligations, You may act only
170 |       on Your own behalf and on Your sole responsibility, not on behalf
171 |       of any other Contributor, and only if You agree to indemnify,
172 |       defend, and hold each Contributor harmless for any liability
173 |       incurred by, or claims asserted against, such Contributor by reason
174 |       of your accepting any such warranty or additional liability.
175 | 
176 |    END OF TERMS AND CONDITIONS
177 | 
178 |    APPENDIX: How to apply the Apache License to your work.
179 | 
180 |       To apply the Apache License to your work, attach the following
181 |       boilerplate notice, with the fields enclosed by brackets "[]"
182 |       replaced with your own identifying information. (Don't include
183 |       the brackets!)  The text should be enclosed in the appropriate
184 |       comment syntax for the file format. We also recommend that a
185 |       file or class name and description of purpose be included on the
186 |       same "printed page" as the copyright notice for easier
187 |       identification within third-party archives.
188 | 
189 |    Copyright 2023 The cdfoundation Authors
190 | 
191 |    Licensed under the Apache License, Version 2.0 (the "License");
192 |    you may not use this file except in compliance with the License.
193 |    You may obtain a copy of the License at
194 | 
195 |        http://www.apache.org/licenses/LICENSE-2.0
196 | 
197 |    Unless required by applicable law or agreed to in writing, software
198 |    distributed under the License is distributed on an "AS IS" BASIS,
199 |    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 |    See the License for the specific language governing permissions and
201 |    limitations under the License.
202 | 


--------------------------------------------------------------------------------
/PRINCIPLES.md:
--------------------------------------------------------------------------------
 1 | # CDF TOC Principles v1.0
 2 | 
 3 | ## What We're Looking For
 4 | We are looking for high-quality projects that improve all aspects of the general practice of "Continuous Delivery" for all software development, such as CI, QA, deployment, and SRE. We want to drive the modernization of Continuous Delivery, but make this available to everyone.
 5 | 
 6 | ## Foundation Goals
 7 | Copied from [the charter document](https://github.com/cdfoundation/charter/blob/master/CHARTER.md) as the starting point:
 8 | 
 9 | 1. believes in the power of Continuous Delivery to empower developers and teams and to produce high quality software more rapidly;
10 | believes in the open source solutions collectively addressing the whole software delivery lifecycle;
11 | 1. fosters and sustains the ecosystem of open-source, vendor neutral projects through collaborations and interoperability; and
12 | 1. advocates this idea and encourages collaborations among practitioners to share and improve their practices.
13 | 
14 | 
15 | ## Technical Vision of Continuous Delivery
16 | Software has eaten the world, and the appetite for better software is so bottomless that some engineers feel like something needs to be sacrificed to keep up with the demand. At the CDF, we refuse to do that. Security, reliability, velocity: Pick Three!  The TOC “believes in the power of Continuous Delivery to empower developers and teams and to produce high quality software more rapidly,” because Continuous Delivery practices should result in strict improvements across all three dimensions for developers. They should not have to choose between moving fast and not breaking things.
17 | 
18 | **Security**: Vulnerabilities everywhere can have outsized impact on end users. Delivery is one of the first and most important places to inject and enforce best practices around security. We need to respect this opportunity and drive the industry forward to provide better, more secure software for everyone.
19 | 
20 | **Velocity**: Continuous Delivery practices have been known to improve the velocity of software development for a long time. Helping people adopt these practices, and helping projects further increase velocity will help the industry deliver more value to users faster.
21 | 
22 | **Reliability**: Continuous Delivery is about accepting that bugs will slip through cracks, and controlling the risk and the damage of changes. It prefers smaller frequent incremental changes to control the risk, then building a defense in depth that contains the damage.
23 | 
24 | ## Software That Enables Such Continuous Delivery
25 | To help “practitioners to share and improve their practices,” the TOC upholds these values, and we seek projects that share them:
26 | 
27 | **Pragmatic**: The most important attribute of a project is how useful it is to actual practitioners. Purity in design and implementation comes second to solving real-world problems for them.
28 | 
29 | **Maintainable**: The software we write today needs to grow and change over time. We prefer solutions that save us time in the long run vs tactical savings that build technical debt.
30 | 
31 | **Portable**: The choices we make for Continuous Delivery today may not make sense tomorrow. Users should be empowered to change their decisions with minimal friction.
32 | 
33 | **Platform/stack agnostic**: Continuous Delivery applies to all software development, not just practitioners on a particular platform or stack. We have an overall goal to help them modernize, but adopting Continuous Delivery even on "legacy" stacks will help this modernization process go even faster.
34 | 
35 | **Overall ecosystem fit**: Continuous Delivery is a broad space and no "one tool" can solve everything for everyone. Projects should fit into the broader ecosystem - whether through plugin-style extensibility,  explicit interface exposure/usage, or something else.
36 | 
37 | ## Communities That Produce Such Software
38 | In order to “foster and sustain the ecosystem of open-source, vendor neutral projects through collaborations and interoperability,” the TOC values these characteristics in the communities that produce the projects, and we seek communities that share these values:
39 | 
40 | **Governance**: Transparent governance with a clear path for new contributors to become maintainers, and for maintainers to become project leaders.
41 | 
42 | **Collaboration**: A community that is willing to interact with and listen to other projects and people with different thoughts, skill sets, specialities, senorities, and backgrounds, and let those influence the direction.
43 | 
44 | **Openness**: A community that is open, transparent, accessible, and operates independently of specific partisan interests. A community that accepts all contributors based on the merit of their contributions. A community whose decisions are transparent.
45 | 
46 | **Fairness**: A community that seeks to avoid undue influence, bad behaviours, and/or “pay-to-play” decision-making.
47 | 
48 | ## Greater Whole
49 | The whole should be greater than the sum of all parts. A successful CDF should provide be a single place to look for best practices, guidance and documentation as well as tooling and projects. Practitioners looking to improve their delivery practices should have to look no further than the resources provided by the CDF, regardless of their software stack, platform or industry.
50 | 
51 | **Benefits**: The CDF should not be a "grab-bag" of projects, and projects do not need to be hosted in the CDF to interoperate with projects that are in the CDF. Projects in the CDF should either provide a unique benefit to the CDF or uniquely benefit from being in it.
52 | 
53 | ## Revision History
54 | * Version 1.0: 2019-03-29
55 |     * Approved by TOC on 2019-04-23
56 | 


--------------------------------------------------------------------------------
/PROJECT_LIFECYCLE.md:
--------------------------------------------------------------------------------
  1 | ## I. Overview
  2 | 
  3 | This governance policy describes how an open source project can formally join the foundation via the Project Lifecycle Process defined in this document. It describes the Stages a project may be admitted under and what the criteria and expectations are for a given stage, as well as the acceptance criteria for a project to move from one stage to another. It also describes the Annual Review Process through which those changes will be evaluated and made. 
  4 | 
  5 | Project progression - movement from one stage to another - allows projects to participate at the level that is most appropriate for them given where they are in their lifecycle. Regardless of stage, all projects benefit from a deepened alignment with existing projects, and access to mentorship, support, and foundation resources.
  6 | 
  7 | ## II. Project Lifecycle Process
  8 | 
  9 | ### Introduction
 10 | This governance policy sets forth the proposal process for projects to be accepted into the foundation. The process is the same for both existing projects which seek to move into the Foundation and new projects to be formed within the Foundation.
 11 | 
 12 | Every project will start at incubation and can progress toward graduation on its own timeline.
 13 | 
 14 | ### Submitting proposals
 15 | 
 16 | Projects must be formally proposed via GitHub by submitting a pull request to this repository.
 17 | See the [Project Proposals](./proposals) directory for the previous proposals and the template.
 18 | 
 19 | ### Project Proposal Requirements
 20 | Project proposals submitted should provide the following information to the best of their ability:
 21 | 
 22 | * name of project
 23 | * project description (what it does, why it is valuable, origin and history)
 24 | * statement on alignment with foundation charter's mission
 25 | * link to *current* Code of Conduct (if one is adopted already)
 26 | * sponsor from TOC, if identified (a sponsor helps mentor projects)
 27 | * project license 
 28 | * source control (GitHub by default)
 29 | * issue tracker (GitHub by default)
 30 | * external dependencies (including licenses)
 31 | * release methodology and mechanics
 32 | * names of initial committers, if different from those submitting proposal
 33 | * briefly describe the project's leadership team and decision-making process
 34 | * link to any documented governance practices
 35 | * preferred maturity level (see _Stages_ below)
 36 | * list of project's official communication channels (slack, irc, mailing lists)
 37 | * link to project's website 
 38 | * links to social media accounts
 39 | * existing financial sponsorship
 40 | * infrastructure needs or requests 
 41 | 
 42 | ### Project Acceptance Process
 43 | 
 44 | * Projects are required to present their proposal at a TOC meeting
 45 | * The TOC may ask for changes to bring the project into better alignment with the foundation (adding a governance document to a repository or adopting a Code of Conduct, for example).
 46 |  * The project will need to make these changes in order to progress further.
 47 | * Projects are accepted via a 2/3 supermajority vote of the TOC.
 48 | * The proposal document will be finalized as a project charter. This charter document must be included in the project's main repository.
 49 | * The TOC will determine the appropriate initial stage for the project. The project can apply for a different stage via the review process. 
 50 | 
 51 | ## III. Stages - Definitions & Expectations
 52 | 
 53 | Every project has an associated maturity level. Proposed projects should state their preferred maturity level.
 54 | 
 55 | Representatives from all projects may attend TOC meetings and contribute work regardless of their stage. 
 56 | 
 57 | ### Incubation Stage
 58 | 
 59 | **Definition** 
 60 | 
 61 | The Incubation Stage is for projects that are interested in reaching broad adoption and have identified a growth plan for doing so. Incubation Stage projects will receive mentorship from the TOC and are expected to actively develop their community of contributors, governance, project documentation, and other variables identified in the growth plan that factor in to broad success and adoption.
 62 | 
 63 | A project's progress toward its growth plan goals will be reviewed on a yearly basis.
 64 | 
 65 | **Examples**
 66 | 
 67 | 1. Projects that have developed new growth targets or other community metrics for success.
 68 | 1. Projects that are looking to create a lifecycle plan (maintainership succession, contributor programs, version planning, etc.)
 69 | 1. Projects that need more active support from the Foundation or TOC mentorship in order to reach their goals. 
 70 | 
 71 | **Expectations**
 72 | 
 73 | Projects in the Incubation Stage are generally expected to move out of the Incubation stage over time. Depending on their growth plans, projects may cycle through Incubation or Graduation stage as needed.  
 74 | 
 75 | **Acceptance Criteria**
 76 | 
 77 | To be considered for Incubation Stage, the project must meet the following requirements:
 78 | 
 79 | * 2 TOC sponsors to champion the project and provide mentorship as needed
 80 | * A presentation at a meeting of the TOC
 81 | * Adherence to the foundation's IP Policy
 82 | * Upon acceptance, At Large projects must list their status prominently on their website/README
 83 | * Development of a growth plan, to be done in conjunction with their project mentor(s) at the TOC.
 84 | * Document that it is being used successfully in production by at least two independent end users which, in the TOC’s judgement, are of adequate quality and scope.
 85 | * Demonstrate a substantial ongoing flow of commits and merged contributions.
 86 | * Demonstrate that the current level of community participation is sufficient to meet the goals outlined in the growth plan.
 87 | * Since these metrics can vary significantly depending on the type, scope and size of a project, the TOC has final judgement over the level of activity that is adequate to meet these criteria.
 88 | * Receive a two-thirds supermajority vote of the TOC to move to Incubation Stage. 
 89 | 
 90 | ### Graduated Stage
 91 | 
 92 | **Definition**
 93 | 
 94 | The Graduated Stage is for projects that have reached their growth goals and are now on a sustaining cycle of development, maintenance, and long-term support. Graduated Stage projects are used commonly in enterprise production environments and have large, well-established project communities.     
 95 | 
 96 | **Examples**
 97 | 
 98 | 1. Projects that have publicly documented release cycles and plans for Long Term Support ("LTS").
 99 | 1. Projects that have themselves become platforms for other projects.
100 | 1. Projects that are able to attract a healthy number of committers on the basis of its production usefulness (not simply 'developer popularity').
101 | 1. Projects that have several, high-profile or well known end-user implementations.
102 | 
103 | **Expectations**
104 | 
105 | Graduated Stage projects are expected to participate actively in TOC proceedings. They receive ongoing financial and marketing support from the Foundation, and are expected to cross promote the foundation along with their activities.
106 | 
107 | **Acceptance Criteria**
108 | 
109 | To graduate from Incubating status, a project must meet the Incubation stage criteria plus:
110 | 
111 |  * Have a defined governing body which consists of members from at least 2 different companies.
112 |  * Have a documented and publicly accessible description of the project's governance, decision-making, and release processes.
113 |  * Have a healthy number of committers from at least two organizations. A committer is defined as someone with the commit bit; i.e., someone who can accept contributions to some or all of the project.
114 |  * Explicitly define a project governance and committer process. This is preferably laid out in a GOVERNANCE.md file and references a CONTRIBUTING.md and OWNERS.md file showing the current and emeritus committers.
115 |  * Have a public list of project adopters for at least the primary repo (e.g., ADOPTERS.md or logos on the project website).
116 |  * Other metrics as defined by the applying Project during the application process in cooperation with the TOC.
117 |  * Have achieved and maintained a [OpenSSF Best Practices Badge](https://bestpractices.coreinfrastructure.org/).
118 |  * Receive a 2/3 supermajority vote from the TOC to move to Graduated stage.
119 |  
120 | ### Emeritus Stage (Archive)
121 | 
122 | **Definition**
123 | 
124 | Emeritus projects are projects which the maintainers feel have reached or are nearing end-of-life. Emeritus projects have contributed to the ecosystem, but are not necessarily recommended for modern development as there may be more actively maintained choices. The Foundation appreciates the contributions of these projects and their communities, and the role they have played in moving the ecosystem forward. 
125 | 
126 | **Examples**
127 | 
128 | 1. Projects that are "complete" by the maintainers' standards.
129 | 1. Projects that do not plan to release major versions in the future.
130 | 
131 | **Expectations**
132 | 
133 | Projects in this stage are not in active development. Their maintainers may infrequently monitor their repositories, and may only push updates to address security issues, if at all. Emeritus projects should clearly state their status and what any user or contributor should expect in terms of response or support. If there is an alternative project the maintainers recommend, it should be listed as well. The foundation will continue to hold the IP and any trademarks and domains, but the project does not draw on foundation resources. 
134 | 
135 | **Acceptance Criteria**
136 | 
137 | Projects may be granted Emeritus status via a 2/3 vote from the TOC.
138 | 
139 | ## IV. Annual Review Process
140 | 
141 | The TOC shall develop an annual review process to determine whether projects are in the stage that accurately reflects their needs and goals. 
142 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # CDF TOC
 2 | 
 3 | The role of the CDF Technical Oversight Committee (TOC) is to facilitate communication and collaboration among the Technical Projects. The TOC will be responsible for:
 4 | 
 5 | - coordinating collaboration among Technical Projects, including development of an overall technical vision for the community;
 6 | 
 7 | - making recommendations to the Budget Committee of resource priorities for Technical Projects;
 8 | 
 9 | - electing annually a chairperson to preside over meetings, set the agenda for meetings, ensure meeting minutes are taken and who will also serve on the Governing Board as the TOC’s representative (the "TOC Representative");
10 | 
11 | - creating, maintaining and amending project lifecycle procedures and processes, subject to the approval of the Governing Board; and
12 | 
13 | - such other matters related to the technical role of the TOC as may be communicated to the TOC by the Governing Board.
14 | 
15 | ## Governance
16 | 
17 | - The [charter](https://github.com/cdfoundation/charter/blob/master/CHARTER.md) under which CDF operates
18 | - Additional [policies](./process) defined by the TOC
19 | 
20 | ## Members
21 | 
22 | - Andrea Frittoli, [@afrittoli](https://github.com/afrittoli), (Tekton, IBM) - 1 July 2023 to 30 June 2025 [Elected project seat]
23 | - Jason McIntosh, [i@jasonmcintosh](https://github.com/jasonmcintosh), (Spinnaker, Harness) - 15 Oct 2024 to 14 Oct 2026 [Elected project seat]
24 | - Mark Waite, [@MarkEWaite](https://github.com/MarkEWaite), (Jenkins, CloudBees) - 1 July 2023 to 30 June 2025 [Elected project seat]
25 | - Tracy Ragan, [@tracyragan](https://github.com/tracyragan), (Ortelius, DeployHub) - 15 Oct 2024 to 14 Oct 2026 [Elected project seat]
26 | - Damian Curry, [@damiancurry](https://github.com/damiancurry), (NGINX Inc.) - 1 July 2024 to 30 June 2025 [Elected End User Seat]
27 | - Steve Taylor, [@sbtaylor15](https://github.com/sbtaylor15), (Ortelius, DeployHub) - 1 July 2024 to 30 June 2025 [Elected End User seat]
28 | - Benjamin Powell, [@xibz](https://github.com/xibz), (Apple) - 1 July 2024 to 30 June 2026 [Elected GB seat]
29 | - Carlos Tadeu Panato Jr, [@cpanato](https://github.com/cpanato), (Chainguard) - 1 July 2024 to 30 June 2026 [Elected GB seat]
30 | - Garima Bajpai, [@bajpaigarima](https://github.com/bajpaigarima), (DevOps Community of Practice) - 1 July 2024 to 30 June 2026 [Elected GB seat]
31 | 
32 | ### TOC Contributors
33 | 
34 | We thank all commmunity members who participate in the Technical Oversight Committee activities
35 | and represent their projects/SIGs/companies there.
36 | See the list of TOC Contributors [here](./CONTRIBUTORS.md).
37 | 
38 | ### TOC Alumni
39 | 
40 | - Kohsuke Kawaguchi (Jenkins) - 03/1/2020 to 02/28/2021
41 | - James Strachan (Jenkins-X) - 03/1/2020 to 02/28/2021
42 | - Isaac Mosquera (Spinnaker) - 08/1/2020 to 02/28/2021
43 | - Tara Hernandez (Google) - 05/1/2020 to 04/30/2021
44 | - Yoav Landman (JFrog) - 04/20/2020 to 04/30/2021
45 | - Andy Glover (Spinnaker) - 03/1/2020 to 08/1/2020
46 | - Dan Lorenc (Tekton, Chainguard) - 1 April 2021 to 31 March 2022 (TOC-appointed)
47 | - Fatih Degirmenci (Interoperability SIG, Ericsson) - 1 April 2021 to 31 March 2022 (End-user-appointed)
48 | - Garima Bajpai (Ortelius, Canada DevOps Community of Practice) - 1 July 2021 to 30 June 2022 [GB appointed Ambassador Chair]
49 | - Jason Hall (Tekton/Shipwright, Red Hat) -  1 July 2021 to 30 June 2022 [Elected GB seat]
50 | - Justin Abrahms (eBay) - 1 May 2022 - 1 May 2023 (Elected End User Seat)
51 | - Emil Bäckmark (Ericsson) - 1 May 2022 - 1 May 2023 (Elected End User Seat)
52 | - Jithin Emmanuel (Screwdriver, Yahoo Inc) - 1 July 2021 to 30 June 2023 [Elected project seat]
53 | - Oleg Nenashev, (Jenkins/WireMock/OpenFeature, WireMock Inc) - 1 July 2021 to 30 June 2023 [Elected project seat]
54 | - Alan Dong, [@adong](https://github.com/adong), (Screwdriver, Yahoo) - 1 July 2023 to 30 June 2025 [Elected project seat]
55 | - Dadisi Sanyika, [@dsanyika](https://github.com/dsanyika), (Apple Inc.) - May 1, 2023 to May 1, 2024 [Elected End User Seat]
56 | - Neil McGonigle, [@McGon-Fid](https://github.com/McGon-Fid), (Fidelity Investments) - May 1, 2023 to May 1, 2024 [Elected End User Seat]
57 | - Melissa McKay, [@mjmckay](https://github.com/mjmckay), (JFrog) - 1 July 2021 to 01 July 2024 [Elected GB seat]
58 | - Robert Reeves, [@r2liquibase](https://github.com/r2liquibase),  (Liquibase) - 1 July 2022 to 01 July 2024 [Elected GB seat]
59 | 
60 | Updated website for TOC: <https://cd.foundation/about/toc/>
61 | 
62 | ## Projects
63 | 
64 | See the [process for contributing a project here](https://github.com/cdfoundation/toc/blob/master/PROJECT_LIFECYCLE.md).
65 | 
66 | See the current [CDF projects here](https://cd.foundation/projects/).
67 | 
68 | ## Communication
69 | 
70 | The TOC communication happens via a public mailing list: <https://lists.cd.foundation/g/cdf-toc>
71 | 
72 | The meeting agenda is hosted here: [TOC Agenda](https://docs.google.com/document/d/1uBHar55fTInWF9Li4t0lyG3tTC8BRLU0FfBfsgk_Jrs/edit?ts=5c9580be#heading=h.en8cy6hno0c6)
73 | 
74 | The meeting minutes are here: [TOC Meeting Notes](docs/TOC_Meeting_Notes.md)
75 | 
76 | The public calendar is here: [CDF Public Calendar](https://calendar.google.com/calendar/embed?src=linuxfoundation.org_mhf0kmgedn67ihni8r129avp24%40group.calendar.google.com&ctz=America%2FLos_Angeles)
77 | 
78 | The community also uses [Slack for additional collaboration opportunities](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg)
79 | 
80 | ## Documents
81 | 
82 | - [Principles](PRINCIPLES.md)
83 | - [Onboarding](docs/onboarding.md)
84 | - [TOC Roadmap](https://github.com/cdfoundation/toc/projects/7)
85 | - [Project Lifecycle](PROJECT_LIFECYCLE.md)
86 | - [Code of Conduct](https://github.com/cdfoundation/.github/blob/main/CODE_OF_CONDUCT.md)
87 | 
88 | ## Project Guidance
89 | 
90 | - [Copyright notice recommendations](https://github.com/cdfoundation/foundation/blob/main/CDF%20Copyright.md)
91 | - [Project Website guidelines](https://github.com/cdfoundation/foundation/blob/main/CDF%20Project%20Website%20Guidelines.md) for mentioning companies while maintaining neutrality
92 | - [Telemetry and Data Collection Policy](https://www.linuxfoundation.org/en/telemetry-data-policy/)
93 | 


--------------------------------------------------------------------------------
/ROADMAP.md:
--------------------------------------------------------------------------------
1 | # CDF TOC Roadmap
2 | 
3 | The CDF Technical Oversight Committee (TOC) has a public roadmap that lists all the key initiatives being handled by the committee.
4 | The roadmap is implemented as a GitHub Project and reviewed at the [TOC meetings](https://github.com/cdfoundation/toc#communication).
5 | 
6 | [See the Roadmap Here](https://github.com/cdfoundation/toc/projects/7)
7 | 
8 | 


--------------------------------------------------------------------------------
/docs/onboarding.md:
--------------------------------------------------------------------------------
  1 | # TOC Onboarding
  2 | 
  3 | ## Quick links
  4 | 
  5 | - [TOC Onboarding](#toc-onboarding)
  6 |   - [Quick links](#quick-links)
  7 |   - [Introduction](#introduction)
  8 |   - [Setting Things Up](#setting-things-up)
  9 |     - [Contributing](#contributing)
 10 |     - [Communication](#communication)
 11 |     - [Meetings](#meetings)
 12 |   - [Recommended Reading](#recommended-reading)
 13 |   - [Tips and Tricks](#tips-and-tricks)
 14 |   - [Start Contributing](#start-contributing))
 15 | 
 16 | # Introduction
 17 | 
 18 | As documented on the [charter](https://github.com/cdfoundation/charter/blob/master/CHARTER.md#7-technical-oversight-committee-toc), the role of the CDF TOC is to facilitate communication and collaboration among the Technical Projects.
 19 | The voting members of the TOC consists of nine members and voting members of the TOC will be elected or appointed, as applicable, to such positions.
 20 | 
 21 | Additionally, community members can contribute to CDF TOC as [TOC Contributors](https://github.com/cdfoundation/toc/blob/master/CONTRIBUTING.md#toc-contributors).
 22 | 
 23 | This document provides few steps that are required by TOC Voting Members and TOC Contributors to follow in order to contribute to the TOC and ease their onboarding experience.
 24 | 
 25 | # Setting Things Up
 26 | 
 27 | ## Contributing
 28 | 
 29 | ### GitHub
 30 | 
 31 | CDF repositories, including the TOC repository, is hosted on GitHub under [CDFoundation Organization](https://github.com/cdfoundation).
 32 | In order for you to contribute to CDF TOC or any other CDF repository either as a voting member or TOC Contributor, you must have an account on GitHub.
 33 | You can create a GitHub account by following [this link](https://github.com/join).
 34 | 
 35 | CDF TOC Voting Members will be added to **toc** GitHub Team upon completion of elections.
 36 | Similarly, CDF TOC Contributors will be added to **toc-contributors** GitHub Team when a new community members joins as a TOC Contributor.
 37 | It is important to make sure your GitHub handles are documented on [TOC Readme](https://github.com/cdfoundation/toc#members) and [TOC Contributors](https://github.com/cdfoundation/toc/blob/master/CONTRIBUTORS.md).
 38 | 
 39 | As a CDF TOC Voting Member or CDF TOC Contributor, [CDF TOC repository](https://github.com/cdfoundation/toc) is where you will be spending most of your time so please keep an eye on/star/watch this repo.
 40 | 
 41 | ### Google Docs
 42 | 
 43 | Some groups within CDF such as TOC use Google Docs for collaboration so it is important to have access to documents located on Google Docs.
 44 | 
 45 | ### HackMD
 46 | 
 47 | Some groups within CDF such as SIGs use [HackMD](https://hackmd.io/team/cdfoundation?nav=overview) so it would be beneficial for you to have an account on HackMD to contribute to the documents developed there.
 48 | If you would like to join the CDF Team on HackMD, please create an issue in [Foundation repo](https://github.com/cdfoundation/foundation/issues).
 49 | 
 50 | You can see the list of documented developed on HackMD using [this link](https://hackmd.io/@cdfoundation/Sy6QIeu3c).
 51 | 
 52 | ## Communication
 53 | 
 54 | CDF Community uses two main mediums for communication, maillist and Slack.
 55 | 
 56 | ### Maillist
 57 | 
 58 | It is important for TOC Voting Members and TOC Contributors to sign up to [cdf-toc maillist](https://lists.cd.foundation/g/cdf-toc) since this maillist is used for discussions, important announcements, meeting calls, and voting.
 59 | 
 60 | ### Slack
 61 | 
 62 | CDF TOC and community at large uses Slack for additional collaboration opportunities.
 63 | It is important TOC Voting Members and TOC Contributors to join **#toc** channel on [CDF Slack](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) in order to take part in discussions and reach out to fellow community members.
 64 | 
 65 | ## Meetings
 66 | 
 67 | CDF TOC meets on a bi-weekly basis on Bevy and CDF Meetings are listed on public Google Calendar.
 68 | 
 69 | - [CDF Public Calendar](https://calendar.google.com/calendar/embed?src=linuxfoundation.org_mhf0kmgedn67ihni8r129avp24%40group.calendar.google.comh)
 70 | - [CDF TOC Chapter on Bevy](https://community.cd.foundation/technical-oversight-committee-toc/)
 71 | 
 72 | ### Bevy
 73 | 
 74 | In order for TOC Voting Members and TOC Contributors to join CDF TOC Meetings, an account on Bevy is required.
 75 | You can create an account on CDF Bevy using [this link](https://community.cd.foundation/).
 76 | Please make sure to complete your profile, including your fullname, title, and affiliation.
 77 | 
 78 | Once you created your account on Bevy, please run a [pre-call test](https://tokbox.com/developer/tools/precall/) to make sure you are all set for your first meeting.
 79 | Some community members reported that Bevy might behave strangely if you have multiple cameras.
 80 | If you experience issues and have multiple cameras, you might want to try disabling all the cameras except the one you will be using during the meetings that take place on Bevy.
 81 | 
 82 | ### Meeting Calendar
 83 | 
 84 | All CDF Community Meetings are listed on [CDF Public Calendar](https://calendar.google.com/calendar/embed?src=linuxfoundation.org_mhf0kmgedn67ihni8r129avp24%40group.calendar.google.com&ctz=UTC)(Note the timezone which is UTC.)
 85 | You can subscribe the calendar if you would like to see community meetings on your calendar of choosing.
 86 | 
 87 | ### Meeting Agenda and Notes
 88 | 
 89 | CDF TOC develops the meeting agenda and takes notes on [this Google Doc](https://docs.google.com/document/d/1uBHar55fTInWF9Li4t0lyG3tTC8BRLU0FfBfsgk_Jrs/edit?ts=5c9580be#heading=h.en8cy6hno0c6) collaboratively.
 90 | You can bookmark the document for ease of access.
 91 | 
 92 | ### LFX
 93 | 
 94 | In order to use any LF Managed Service, you must create an account and community profile.
 95 | Having account is required for receiving invites to CDF Governing Board Strategy Sessions.
 96 | You could learn more about how to create an account on [this link](https://docs.linuxfoundation.org/lfx/sso/create-an-account).
 97 | 
 98 | # Recommended Reading
 99 | 
100 | There are various documents that are important and beneficial to read as you are getting ready to contribute to CDF TOC.
101 | 
102 | * [CDF Charter](https://github.com/cdfoundation/charter/blob/master/CHARTER.md)
103 | * [CDF TOC Readme](https://github.com/cdfoundation/toc#cdf-toc)
104 | * [CDF TOC Principles](https://github.com/cdfoundation/toc/blob/master/PRINCIPLES.md)
105 | * [Project Lifecycle](https://github.com/cdfoundation/toc/blob/master/PROJECT_LIFECYCLE.md)
106 | * [Code of Conduct](https://github.com/cdfoundation/.github/blob/main/CODE_OF_CONDUCT.md)
107 | * [SIGs](https://github.com/cdfoundation/toc/tree/master/sigs)
108 | * [Blog Guidelines](https://github.com/cdfoundation/foundation/blob/master/blog-guidelines.md)
109 | * [Slack Guidelines](https://github.com/cdfoundation/foundation/blob/master/slack-guidelines.md)
110 | 
111 | Additionally, CDF TOC has a roadmap which can be seen and contributed to from [this link](https://github.com/cdfoundation/toc/projects/7).
112 | 
113 | # Tips and Tricks
114 | 
115 | Here are few tips and tricks that would make your TOC onboarding experience better.
116 | 
117 | * Regularly join TOC Meetings
118 | * Star/watch [CDF TOC Repository](https://github.com/cdfoundation/toc)
119 | * Bookmark
120 |   * [CDF TOC Maillist](https://lists.cd.foundation/g/cdf-toc)
121 |   * [CDF TOC Meeting Agenda and Notes](https://docs.google.com/document/d/1uBHar55fTInWF9Li4t0lyG3tTC8BRLU0FfBfsgk_Jrs/edit?ts=5c9580be#heading=h.en8cy6hno0c6)
122 |   * [CDF Public Calendar](https://calendar.google.com/calendar/embed?src=linuxfoundation.org_mhf0kmgedn67ihni8r129avp24%40group.calendar.google.com&ctz=UTC)
123 | * Don't forget to run a [pre-call test](https://tokbox.com/developer/tools/precall/) on Bevy
124 | * Install Zoom as some groups use Zoom for their meetings
125 | * Explore channels on [CDF Slack](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) and join them
126 | * Explore other repositories hosted under [CDFoundation Organization](https://github.com/cdfoundation) and start/watch the ones you are interested to follow and contribute
127 | * Check out [CDF Projects](https://cd.foundation/projects/)
128 | * Take a look at [CDF Landscape](https://landscape.cd.foundation/) to see CD landscape as well as CDF Participating Organizations
129 | * Say hi to fellow community members and introduce yourself
130 | 
131 | # Start Contributing
132 | 
133 | Here are various ways to contribute
134 | 
135 | * Fix a typo, update an outdated document, add new tip to help others who might face a similar issue as yourself
136 | * Take meeting minutes, contribute topics to the agenda
137 | * Join SIG and project meetings
138 | * Sponsor new SIGs if needed
139 | * Pick an item from CDF TOC Roadmap and contribute to it
140 | * Improve processes and procedures or propose new ones if you find community needs such a process
141 | 
142 | Welcome and happy contributing!
143 | 


--------------------------------------------------------------------------------
/elections/2021/README.md:
--------------------------------------------------------------------------------
 1 | # 2021 CDF TOC Elections
 2 | 
 3 | ## Purpose
 4 | 
 5 | The role of this election is to elect the following Technical Oversight Committee (TOC) seats:
 6 |    * Four (4) Project seats 
 7 |       * Each CDF project may nominate a project representative to run for these seats. The seats are elected by CDF project contributors. 
 8 |    * Two (2) General seats 
 9 |       * Anyone meeting the candidate criteria may run for these seats. These seats are elected by the CDF Governing Board.
10 | 
11 | ## TOC Overview
12 | 
13 | The role of the elected TOC representatives is to be part of the team responsible for the technical vision, project oversight and technical community decisions for the CDF. 
14 | The vision of the CDF is to be the most trusted community that supports organizations in becoming high performing software delivery organizations while leveraging open source and open practices, and continuously improving their pursuit of software delivery excellence. 
15 | 
16 | For 2021, CDF has a key goal to 'Cultivate growth and adoption of our portfolio of open source projects' which includes:
17 |   - Establish a roadmap for CDF that highlights best practices for software delivery  https://github.com/cdfoundation/toc/issues/27 (working with CDF strategy committtee)
18 |   - Growing the CDF OSS Project Portfolio by attracting and onboarding 4 new projects that fit within the roadmap
19 |   - Set a high standard for existing project growth, adoption and community development e.g. through security audits, mentoring programs, graduation process, maintainer feedback, etc 
20 | 
21 | The TOC will be responsible for:
22 |   - coordinating collaboration among Technical Projects, including development of an overall technical vision for the community;
23 | 
24 |   - making recommendations to the Budget Committee of resource priorities for Technical Projects;
25 | 
26 |  -  electing annually a chairperson to preside over meetings, set the agenda for meetings, ensure meeting minutes are taken and who will also serve on the Governing Board as the TOC’s representative (the "TOC Representative");
27 | 
28 |   - creating, maintaining and amending project lifecycle and working group/SIG procedures and processes
29 | 
30 |   - communicating and collaborating with other CDF communitiese e.g End User Council, CDF Ambassadors 
31 |   
32 |   - helping meet the project related goals set out for the CD.Foundation by the Governing board
33 | 
34 | ## Timeline
35 | 
36 | | Date  | Event | Details  |
37 | | ----- | ----- | -------- |
38 | | May 5 | Nominations open | Projects begin choosing candidates. General seat nominations open |
39 | | May 14 | Project seats Nominations in | Deadline for project nominations |
40 | | May 24 | General seats Nominations in | Deadline for general nominations |
41 | | May 24 | Voter registration closes | Closing date to register to vote |
42 | | May 28 | Candidates announced | Nominated candidates profiles made public |
43 | | May 28 | Voting opens | Ballots are sent to eligible voters | 
44 | | June 11 | Voting closes | Last day to submit a ballot | 
45 | | June 23 | Announcement | Successful representatives announced | 
46 | | July 1 | Term Begins | New reps beging their term | 
47 | 
48 | 
49 | ## Candidates Eligibility
50 | 
51 |   * Project seats - each CDF project nominates one representative to run for a project seat.  The candidate should meet the criteria listed below (in general seats) and ideally will be part of the projects governing board or technical steering committee (but this is not a strict requirement). Each project is free to choose its candidate in whichever manner fits best for their community. 
52 |   * General seats - these are open to any individual who meets the following criteria
53 |   	-	i. commit that they have the available bandwidth to make the time to invest in the CDF TOC,
54 |   	-	ii. technical background with experience of continuous delivery and open source technologies 
55 |   	-	iii. good communication skills with experience of participating in open source communities 
56 |     - iv. operate neutrally in discussions and put the goals and success of CDF in balance with corporate objectives or any particular project in CDF.
57 | 
58 | ## Candidate Nominations
59 |    * Project seats - project representatives will be contacted to nominate their candidate. 
60 |    * General seats - please fill out the [TOC General Seats Nomination Form](https://docs.google.com/forms/d/e/1FAIpQLSdFhcdxv0Hc5ask4OU2foqZgYW1PSWK5TMbcv-txpfd8urrWg/viewform). Anyone may nominate a candidate and self-nominations are accepted.  
61 | 
62 | ## Voter Eligibility
63 |   * Project seats - eligible voters will be
64 |      - People who had 10 or more commits to any CDF project over the past year (prior to May 1 2021), via data in [LFX Insights](https://insights.lfx.linuxfoundation.org/projects/cdf-f/active-contributor?time=%7B%22from%22:%22now-1y%22,%22type%22:%22datemath%22,%22to%22:%22now%22%7D). 
65 |      - People who have submitted the [voter registration form](https://forms.gle/XXRyXkQvy1LK9eBp9) and are accepted by the election officers. This is to ensure we have voters whose contributions may not be captured through the above methodology. Individuals are able to submit voter form on behalf of other individuals. 
66 |   * General seats - these will be voted on by members of the [CDF governing board](https://cd.foundation/about/governing-board/)  
67 | 
68 | ## Voting Process
69 | Individuals listed in [voters.md](voters.md) will receive a ballot via email. If you are
70 | not on that list you can use the [voter registration form](https://forms.gle/XXRyXkQvy1LK9eBp9) to ask
71 | to participate in the election.
72 | 
73 | Elections will be held using time-limited, ranked voting via OPA Vote. 
74 |  * The 4 top vote getters for project elections will be elected to the Project seats.
75 |  * The 2 top vote getters for general elections will be elected to the General seats.
76 | 
77 | ## Election Officers
78 | 
79 | - Gale McCommons, Linux Foundation
80 | - Tracy Miranda, Continuous Delivery Foundation
81 | - Fatih Degirmenci, Ericsson 
82 | 


--------------------------------------------------------------------------------
/elections/2021/voters.md:
--------------------------------------------------------------------------------
  1 | For any feedback or corrections (e.g. bot accounts, duplicates) please contact the Election Officers elections@cd.foundation
  2 | 
  3 | ### Voters with No Email
  4 | 
  5 | The following voters are members with sufficient contributions to vote, but have no email address attached to their git commits.  As such, we will be unable to mail them ballots. 
  6 | 
  7 | - Yulia Gaponenko
  8 | 
  9 | ### Eligible Voters
 10 | 
 11 | - A Groshek
 12 | - A. Jard
 13 | - “Carbonetes”
 14 | - “mitkama”
 15 | - Álvaro Iradier
 16 | - Aaron Fay
 17 | - accelq
 18 | - Adam Jordens
 19 | - Aditya Sirish
 20 | - adiv sukonik
 21 | - Adrien Lecharpentier
 22 | - ads14331
 23 | - Advinst
 24 | - Ahmed Musallam
 25 | - Aimee Ukasick
 26 | - aiotcms
 27 | - Akram Ben Aissi
 28 | - Alan
 29 | - Alan Dong
 30 | - Alan Greene
 31 | - Alan Quach
 32 | - Aleksi Simell
 33 | - Alex Earl
 34 | - Alexandre Gomes
 35 | - Alexandru Maxim
 36 | - alfian-sken
 37 | - Ali Karaca
 38 | - aliaandersen
 39 | - Allan Burdajewicz
 40 | - allisaurus
 41 | - Alon Chanukov
 42 | - Alvin Stanescu
 43 | - Amine Mesbahi
 44 | - andau
 45 | - Andrea Frittoli
 46 | - andreas
 47 | - Andreas Mandel
 48 | - Andreas Stiglmeier
 49 | - Andrei Zuica
 50 | - Andrew Bayer
 51 | - ankitm123
 52 | - Anton Horodchuk
 53 | - Anton Krasovsky
 54 | - Antonio Muñiz
 55 | - aravindmd
 56 | - Örjan Sjöholm
 57 | - Arnaud Héritier
 58 | - Arnaud TAMAILLON
 59 | - arne
 60 | - aroberts
 61 | - Arthur Pessoa
 62 | - Asif Shaikh
 63 | - atdigdug
 64 | - Ayan Goel
 65 | - Aytunc BEKEN
 66 | - Baptiste Mathus
 67 | - Bar Belity
 68 | - Basil Crow
 69 | - Bastian Germann
 70 | - Ben Fletcher
 71 | - benebsiny
 72 | - Benedikt Spranger
 73 | - bertold
 74 | - Bertold Kolics
 75 | - Bilal Al-Shahwany
 76 | - Bill Collins
 77 | - Billy Lynch
 78 | - blesuer
 79 | - brian
 80 | - bruno.cantisano
 81 | - bryanateoan
 82 | - bsudhir9383
 83 | - Cai Cooper
 84 | - Cameron Braid
 85 | - Cameron Fieber
 86 | - Cameron Motevasselani
 87 | - Carolyn Mabbott
 88 | - Carroll Chiou
 89 | - Casey Duquette
 90 | - caseyhebebrand
 91 | - Cedric Ziel
 92 | - Cesar Augusto Sanchez
 93 | - Chiarng Lin
 94 | - chillaq
 95 | - chini mukhopadhyay
 96 | - Chinikins
 97 | - Chmouel Boudjnah
 98 | - Chris Berry
 99 | - Chris Kilding
100 | - Chris Mellard
101 | - Chris Smalley
102 | - Chris Thielen
103 | - Christian Del Monte
104 | - Christie Wilson
105 | - Christopher Orr
106 | - Clarck Robinson
107 | - Conrad Fripp
108 | - Cory Bennett
109 | - Cyrille Le Clerc
110 | - Damian Sniezek
111 | - Damian Szczepanik
112 | - Damian Szczepanik
113 | - Damien Coraboeuf
114 | - Dan Lorenc
115 | - Dana Maxfield
116 | - Daniel Anechitoaie
117 | - Daniel Beck
118 | - Daniel Heid
119 | - Daniel Helfand
120 | - Daniel Peach
121 | - Daniel Reynaud
122 | - Daniel Rodriguez Hernandez
123 | - Darío Villadiego
124 | - Dave Dorbin
125 | - Dave Gallant
126 | - David Byron
127 | - David Conneely
128 | - David Schott
129 | - Dennis Gu
130 | - Dennis Gu
131 | - Denys Digtiar
132 | - Devin Nusbaum
133 | - Dibyo Mukherjee
134 | - DieAkuteSense
135 | - Diego Campos
136 | - Dima Brusilovsky
137 | - Dimitri Tenenbaum
138 | - Divyansh42
139 | - Divyesh Chandra
140 | - DKL
141 | - dlorenc
142 | - Dmitriy Shamatrin
143 | - Dominik Stadler
144 | - Don McCasland
145 | - Крапивин Андрей Викторович
146 | - dtbaum
147 | - Ed Serbin
148 | - eddycharly
149 | - Edgar Garcia
150 | - Eduard Tita
151 | - efhjnw0
152 | - eitana
153 | - Emil Bäckmark
154 | - Emilio Escobar
155 | - Emily Burns
156 | - Eric Zimanyi
157 | - Erik Munson
158 | - 陈加兴
159 | - Evaristo Gutiérrez
160 | - evernat
161 | - Félix Queiruga
162 | - Fabian Lehmann
163 | - fabiodcasilva
164 | - fbelzunc
165 | - fdegir
166 | - Federico Barcelona
167 | - Felipe
168 | - Fernando Freire
169 | - Florian Orpelière
170 | - Florian Schmaus
171 | - florian.veaux
172 | - Francisco Javier Fernandez Gonzalez
173 | - Frieder Heugel
174 | - Fritz Elfert
175 | - Gabe Montero
176 | - Gal Yardeni
177 | - galemccommons
178 | - Gareth Evans
179 | - Gareth Evans
180 | - Gavin Fenton
181 | - Gavin Mogan
182 | - Gavin Mogan
183 | - Genesis Thomas
184 | - George Sklias
185 | - German Muzquiz
186 | - ghannamz
187 | - Giulia Del Bravo
188 | - Glauco Vinicius
189 | - Glib Briia
190 | - Gong Yi
191 | - Greg Comstock
192 | - Greg Dritschler
193 | - guga4ka
194 | - Guillermo Simmross
195 | - Gustaf Lundh
196 | - Guy Sheffer
197 | - Guybrush
198 | - Hüseyin Cansız
199 | - Hampus Johansson
200 | - Hamza Amin
201 | - Hardy Ferentschik
202 | - harshitvasu
203 | - hcansiz
204 | - Heiko Thiel
205 | - heinemann
206 | - Henri Koskenranta
207 | - Hervé Le Meur
208 | - hieule2ntq
209 | - Hongli Lai
210 | - Hudson CI
211 | - Hui Jun Ng
212 | - Ian Coffey
213 | - Ibuki
214 | - Ignacio Roncero Bazarra
215 | - Igor Filin
216 | - ikedam
217 | - ilandn
218 | - imonteroperez
219 | - insightvmci-r7
220 | - Isaac Shabtay
221 | - isic
222 | - ispasov
223 | - Ivan
224 | - Ivan Fernandez Calvo
225 | - Ivan Spasov
226 | - Jørgen Jervidalo
227 | - Jacek Marzec
228 | - Jacque Salinas
229 | - Jaiswal
230 | - James Lafferty
231 | - James McShane
232 | - James Nord
233 | - James Rawlings
234 | - James Strachan
235 | - Jason Hall
236 | - Jaydeep Sannake
237 | - jcavanagh
238 | - Jeff Thompson
239 | - Jeremias Wiedmann
240 | - Jesse Glick
241 | - Jeyrs Chabu
242 | - JFrog Pipelines Step
243 | - jha-cloudbees
244 | - Jim Klimov
245 | - Jitendar Singh
246 | - Jithin Emmanuel
247 | - JJ Asghar
248 | - jloisel
249 | - Joachim Kuhnert
250 | - Johannes Hintermaier
251 | - John Flynn
252 | - Jon Goering
253 | - Jonas Pettersson
254 | - Jose Blas Camacho Taboada
255 | - Joseph Petersen
256 | - Josh Soref
257 | - jstrachan
258 | - Justin Field
259 | - Justin Harringa
260 | - Justin Klemm
261 | - jweingarten
262 | - Kamil Golinski
263 | - Kanstantsin Shautsou
264 | - Kara de la Marck
265 | - Karl
266 | - Karsten Jeschkies
267 | - KasperHeyndrickx
268 | - Keisuke Kumada
269 | - keke
270 | - Kenneth Rogers
271 | - Kevin McDermott
272 | - Kevin Richter
273 | - Kevin Woo
274 | - Kezhi Xiong
275 | - khelil
276 | - Khurram Baig
277 | - kiam
278 | - kkawahar
279 | - klu909
280 | - Kohsuke Kawaguchi
281 | - Krzysztof Kacprzak
282 | - Lakshmi Narasimhan T V
283 | - Lakshminarasimhan Parthasarathy
284 | - Liam Newman
285 | - Lion Kosiuk
286 | - liumazi
287 | - liuwei
288 | - LoadFocus
289 | - long song
290 | - Lorin Hochstein
291 | - Luca Milanesio
292 | - Luis Pollo
293 | - Lukas Kirner
294 | - Luther Tegtmeier
295 | - Mads Jensen
296 | - Mads Mohr Christensen
297 | - Maggie Neterval
298 | - Magnus Bäck
299 | - Majd
300 | - Manabu McCloskey
301 | - marc Tranzer
302 | - Marcel Mueller
303 | - Mari Halkoaho
304 | - Mark Cox
305 | - Mark Vulfson
306 | - Mark Waite
307 | - Marky Jackson
308 | - Martin Goyot
309 | - Mathieu Delrocq
310 | - mathurpranjal
311 | - Matrozov
312 | - Mats Faugli
313 | - Matt Moore
314 | - Matt Santa
315 | - Matt Sicker
316 | - Matthew Murphy
317 | - Matti Varanka
318 | - mattmurp
319 | - Max Goltzsche
320 | - Maxime Mazet
321 | - max-kilian
322 | - Mez Pahlan
323 | - Michael Neale
324 | - Michael Plump
325 | - Michaela Borzechowski
326 | - micnncim
327 | - Miguel González
328 | - mike cirioli
329 | - Mitja
330 | - mmalicki-deviniti
331 | - Mohamed EL Habib
332 | - morad
333 | - myuser
334 | - Napoleon Santana
335 | - Navnath
336 | - nestor.salceda
337 | - Nicholas Elliot
338 | - Nicolas Cohen
339 | - Nikhil Thomas
340 | - Nikita Bedmutha
341 | - Nikolas Falco
342 | - Nima Kaviani
343 | - nre
344 | - Oleg Nenashev
345 | - Oleksii V
346 | - olivergondza
347 | - Olivier Lamy
348 | - Or Geva
349 | - Oron Nadiv
350 | - Parag Sanjay Bhingre
351 | - Paramjit Singh
352 | - Patrick Lee Scott
353 | - Patrik Greco
354 | - Paul Allen
355 | - Paul S. Schweigert
356 | - Pavel
357 | - Pavel Sorokin
358 | - Peng Li
359 | - Peter Darton
360 | - Pierre Beitz
361 | - Pierre Tasci
362 | - Pierson Yieh
363 | - Piotr Paczyński
364 | - Piradeep Kandasamy
365 | - Piyush Garg
366 | - PRADEEP KUMAR
367 | - pramodanarase
368 | - Prashant Verma
369 | - pratap0007
370 | - Prathibha Datta Kumar
371 | - Pratik Jagrut
372 | - Pritam Paul
373 | - Priti Desai
374 | - PuneetPunamiya
375 | - qabuild
376 | - QMetryDev
377 | - Raúl Vázquez
378 | - Raccoon
379 | - Radek Antoniuk
380 | - radeva
381 | - Raihaan Shouhell
382 | - Ramon Leon
383 | - Rani
384 | - Raphael Pionke
385 | - René Pfeuffer
386 | - res0nance
387 | - Richard Bywater
388 | - Richard Otte
389 | - rick
390 | - Rishabh Budhouliya
391 | - rmpestano
392 | - Rob Fletcher
393 | - Rob Zienert
394 | - Robert Sandell
395 | - robertstreche
396 | - robinsoc
397 | - Rohan Chougule
398 | - RoniSegal
399 | - Ronny Perinke
400 | - Rosalind Benoit
401 | - Roxanne Joncas
402 | - s1mple_zj
403 | - Sairam Rekapalli
404 | - salaboy
405 | - salmanmak
406 | - Sarah Witt
407 | - saville
408 | - savitaashture
409 | - sbuhary
410 | - Scott
411 | - Sebastian Sdorra
412 | - Sebastian Westemeyer
413 | - selvavignesh.m
414 | - SergeiButylin
415 | - Sergetron
416 | - Sergey Oplavin
417 | - Sergey Slabnov
418 | - Sharon Jerop Kipruto
419 | - Shivam Mukhade
420 | - SHxKM
421 | - Shyam M
422 | - Simon Symhoven
423 | - simonsymhoven
424 | - Sladyn
425 | - Sleepy-GH
426 | - sorin
427 | - stchar
428 | - Stefan Birkner
429 | - Stefan Spieker
430 | - stephly07
431 | - Steve Hill
432 | - strangelookingnerd
433 | - sue445
434 | - Sumit Sarin
435 | - Sunil Thaha
436 | - sunweisheng
437 | - Supratik Das
438 | - Suresh Kumar
439 | - T Hernandez
440 | - tanmoyguha-hcl
441 | - Tara Hernandez
442 | - Taylor Daugherty
443 | - tdcox
444 | - Ted Gelpi
445 | - Terry Cox
446 | - Thabo Krick
447 | - Thomas de Grenier de Latour
448 | - Thompson, Brian
449 | - Thorsten Hoeger
450 | - Tiffany K
451 | - Tim
452 | - Tim Brown
453 | - Tim Jacomb
454 | - Tim Van Holder
455 | - timja
456 | - TimSVector
457 | - Tobias Gruetzmacher
458 | - tofuatjava
459 | - Tomas Bjerre
460 | - Tomas Westling
461 | - Tomasz Sęk
462 | - Tomek Szmytka
463 | - Torsten Walter
464 | - torstenwalter
465 | - Tyler Camp
466 | - tzachs
467 | - Ullrich Hafner
468 | - Valerii Rulevskyi
469 | - VE Dev
470 | - Vibhav Bobade
471 | - Victor Martinez
472 | - Vignesh Murugesan
473 | - vikas.chaudhary
474 | - vinamra28
475 | - Vincent Behar
476 | - Vincent Demeester
477 | - Vincent Hou
478 | - Vincent Latombe
479 | - vladt
480 | - Vorndam
481 | - Wadeck Follonier
482 | - Watermeyer, Stephan
483 | - wawanawna
484 | - Willem Borgesius
485 | - Xenogents
486 | - Xinru Zhang
487 | - xuzhang3
488 | - Yahav Itzhak
489 | - Yang Chen
490 | - Yanjun Shi
491 | - yolandadu
492 | - Yoshiyuki Watanabe
493 | - Youssef El Houti
494 | - Yuchen Cheng
495 | - yuege01
496 | - Zbynek Konecny
497 | - ziweifan
498 | - Zixuan Liu
499 | - zmanxiang
500 | 


--------------------------------------------------------------------------------
/elections/2023/README.md:
--------------------------------------------------------------------------------
  1 | # 2023 CDF TOC Elections
  2 | 
  3 | ## Purpose
  4 | 
  5 | The terms of several [TOC members](https://github.com/cdfoundation/toc#members) expire during 2023 as listed below.
  6 | * Two (2) Elected End User Seats (expires May 1, 2023)
  7 |   * End user representatives can be nominated by anyone. The seats are elected by CDF End User Member organizations.
  8 | * Four (4) Elected Project Seats (expires 30 June 2023)
  9 |   * Each CDF project may nominate a project representative to run for these seats. The seats are elected by CDF project contributors.
 10 | 
 11 | This document describes the process to follow and documents the timeline for the elections.
 12 | 
 13 | ## TOC Overview
 14 | 
 15 | The role of the elected TOC representatives is to be part of the team responsible for the technical vision, project oversight and technical community decisions for the CDF.
 16 | The vision of the CDF is to be the most trusted community that supports organizations in becoming high performing software delivery organizations while leveraging open source and open practices, and continuously improving their pursuit of software delivery excellence.
 17 | 
 18 | As documented in the [CDF Charter](https://github.com/cdfoundation/charter/blob/main/CHARTER.md#7-technical-oversight-committee-toc), the TOC is responsible for:
 19 | * coordinating collaboration among Technical Projects, including development of an overall technical vision for the community;
 20 | * making recommendations to the Budget Committee of resource priorities for Technical Projects;
 21 | * electing annually a chairperson to preside over meetings, set the agenda for meetings, ensure meeting minutes are taken and who will also serve on the Governing Board as the TOC’s representative (the "TOC Representative");
 22 | * creating, maintaining and amending project lifecycle procedures and processes, subject to the approval of the Governing Board; and
 23 | such other matters related to the technical role of the TOC as may be communicated to the TOC by the Governing Board.
 24 | 
 25 | ## End User Representative Elections
 26 | 
 27 | Two (2) CDF Elected End User Seats are up for election for one (1) year term, 1 May 2023 through 1 May 2024.
 28 | 
 29 | ### Timeline
 30 | 
 31 | | Date    | Event                         | Details
 32 | | ------- | ----------------------------- | -------
 33 | | April 3 | Election Process starts       | CDF community is notified regarding the start of election process
 34 | | April 7 | Nominations open              | Start of CDF community nominating their candidates using the medium shared by the CDF Staff
 35 | | April 21| Nominations close             | Last date for CDF community to nominate their candidates
 36 | | April 22| Voting opens                  | Ballots are sent to eligible voters
 37 | | April 30| Voting closes                 | Last day to submit a ballot
 38 | | May 1   | Announcement                  | Successful end user representatives announced
 39 | | May 1   | Term Begins                   | New end user representatives begin their term
 40 | 
 41 | ### Candidates Eligibility
 42 | 
 43 | Anyone in CDF community can nominate others as the CDF TOC End User Representatives.
 44 | Candidates can be anyone who represents an end user organization regardless of the organization's CDF membership however, the candidates should meet the criteria listed below and ideally contributing to the CDF.
 45 | 
 46 | * commit that they have the available bandwidth to make the time to invest in the CDF TOC,
 47 | * technical background with experience of continuous delivery and open source technologies
 48 | * good communication skills with experience of participating in open source communities
 49 | * operate neutrally in discussions and put the goals and success of CDF in balance with corporate objectives or any particular project in CDF
 50 | 
 51 | ### Candidate Nominations
 52 | 
 53 | Nomination periods will be announced on corresponding maillists (e.g., member maillists) as well as CDF Slack.
 54 | 
 55 | ### Voter Eligibility
 56 | 
 57 | Only voting contacts of the CDF End User Member organizations are eligible to vote in this election.
 58 | 
 59 | ### Voting Process
 60 | 
 61 | Voting contacts of the CDF End User Member organizations will receive a ballot via email.
 62 | Elections will be held using time-limited, [ranked voting](https://www.opavote.com/methods/ranked-choice-voting) via OPA Vote.
 63 | 
 64 | ### Election Officers
 65 | 
 66 | * Andrea Frittoli, IBM
 67 | * Michelle Martineau, Linux Foundation
 68 | * Fatih Degirmenci, Continuous Delivery Foundation
 69 | 
 70 | ## Project Representative Elections
 71 | 
 72 | Four (4) CDF Elected Project Representative Seats are up for election for two (2) years term, 1 July 2023 to 30 June 2025.
 73 | 
 74 | ### Timeline
 75 | 
 76 | | Date    | Event                             | Details
 77 | | ------- | --------------------------------- | -------
 78 | | May 4   | Election Process starts           | CDF TOC Project Representatives are notified regarding the start of election process
 79 | | May 15  | List of eligible voters published | List of eligible voters is determined using LFX Insights and announced
 80 | | May 15  | Voter Registration opens          | Opening date to register to vote
 81 | | May 22  | Project Nominations open          | Start of projects nominating their candidates in GitHub CDF 'foundation' Repo
 82 | | May 26  | Voter Registration closes         | Closing date to register to vote
 83 | | June 5  | Project Nominations close         | Last date for projects to nominate their candidates
 84 | | June 8  | Candidates announced              | Nominated candidates are announced
 85 | | June 12 | Voting opens                      | Ballots are sent to eligible voters
 86 | | June 26 | Voting closes                     | Last day to submit a ballot
 87 | | June 28 | Announcement                      | Successful project representatives announced
 88 | | July 1  | Term Begins                       | New project representatives beging their term
 89 | 
 90 | ### Candidates Eligibility
 91 | 
 92 | Each CDF project nominates one (1) representative to run for a project seat.
 93 | The candidate should meet the criteria listed below and ideally will be part of the projects governing board or technical steering committee (but this is not a strict requirement).
 94 | 
 95 | * commit that they have the available bandwidth to make the time to invest in the CDF TOC
 96 | * technical background with experience of continuous delivery and open source technologies
 97 | * good communication skills with experience of participating in open source communities
 98 | * operate neutrally in discussions and put the goals and success of CDF in balance with corporate objectives or any particular project in CDF
 99 | 
100 | Each project is free to choose its candidate in whichever manner fits best for their community.
101 | 
102 | ### Candidate Nominations
103 | 
104 | [CDF TOC Project Representatives](https://github.com/cdfoundation/toc/blob/main/CONTRIBUTORS.md#project-representatives) will be contacted to nominate their candidate.
105 | Additionally, the start of the election process will be announced on corresponding maillists (e.g., cdf-toc) as well as CDF Slack.
106 | 
107 | The nominations must be made under [this GitHub issue](https://github.com/cdfoundation/foundation/issues/442) in the [CDF foundation repository](https://github.com/cdfoundation/foundation).
108 | 
109 | The nominations must contain the information below.
110 | 
111 | * Name of the Candidate
112 | * Project which the Candidate is Nominated By
113 | * Candidate Title
114 | * Candidate Affiliation
115 | * Candidate Bio
116 | * Nomination Statement
117 | 
118 | ### Voter Eligibility
119 | 
120 | Eligible voters will be
121 | 
122 | * people who had 10 or more commits to any CDF project over the past year (prior to May 1 2023), via data in LFX Insights.
123 |   * If people don't have LFid, they won't be able to vote. The GitHub handle must be associated with their preferred email address. (Please see [here](https://cd.foundation/blog/staff/2022/11/08/update-your-lfid-for-lfx/) to learn how to do this.)
124 | * people who have submitted [the voter registration form](https://docs.google.com/forms/d/e/1FAIpQLSdsxCadKwauQ4EHjaNihGtVQJQ027ECsXBZACU7WqXm4dBMCw/viewform) and are accepted by the election officers.
125 |   * This is to ensure we have voters whose contributions may not be captured through the above methodology. Individuals are able to submit voter form on behalf of other individuals.
126 | 
127 | The list of eligible voters is available in [voters.md](voters.md).
128 | 
129 | ### Voting Process
130 | 
131 | Individuals listed in [voters.md](voters.md) and individuals who are accepted as voters by the election officers will receive a ballot via email.
132 | If you are not on that list you can use [the voter registration form](https://docs.google.com/forms/d/e/1FAIpQLSdsxCadKwauQ4EHjaNihGtVQJQ027ECsXBZACU7WqXm4dBMCw/viewform) to ask to participate in the election.
133 | 
134 | Elections will be held using time-limited, [ranked voting](https://www.opavote.com/methods/ranked-choice-voting) via OPA Vote.
135 | 
136 | The 4 top vote getters for project elections will be elected to the Project seats.
137 | 
138 | ### Election Officers
139 | 
140 | * Lori Lorusso, JFrog
141 | * Michelle Martineau, Linux Foundation
142 | * Fatih Degirmenci, Continuous Delivery Foundation
143 | 


--------------------------------------------------------------------------------
/elections/2023/voters.md:
--------------------------------------------------------------------------------
  1 | # Eligible Voters
  2 | 
  3 | The below list contains the GitHub IDs/names of anyone who had 10 or more
  4 | commits to any CDF project over the past year (between May 1, 2022 and April
  5 | 30, 2023).
  6 | 
  7 | For any feedback or corrections (e.g. bot accounts, duplicates) please contact
  8 | the Election Officers elections@cd.foundation
  9 | 
 10 | * abayer
 11 | * accelq
 12 | * Adam Kaplan
 13 | * adamgardnerit
 14 | * Aditya Hatwar
 15 | * Adrien Lecharpentier
 16 | * Adrien Lecharpentier
 17 | * Alan Ghelardi
 18 | * Alan Greene
 19 | * Alan Dong
 20 | * Albert Vaca Cintora
 21 | * Aleksi Simell
 22 | * Alex Harford
 23 | * Alexander Brandes
 24 | * Alexander Straube
 25 | * Alexey Venderov
 26 | * Allan Burdajewicz
 27 | * amine
 28 | * Andrea Frittoli
 29 | * ankitm123
 30 | * Ankur Kumar
 31 | * Anna Karyakina
 32 | * Antoine Neveux
 33 | * Apoorv Mahajan
 34 | * Arnab Maity
 35 | * Arnold van Wijnbergen
 36 | * Arun Pandurangan
 37 | * Arvind Singharpuria
 38 | * ashikka
 39 | * Austin Zhao
 40 | * Ayana Yokota
 41 | * aytuncbeken
 42 | * aziz.joubi
 43 | * babadofar
 44 | * Rory Baker
 45 | * Basavaraju Girriamma
 46 | * Basil Crow
 47 | * Bastian Doetsch
 48 | * Benoit Guerin
 49 | * Billy Lynch
 50 | * Brad McCoy
 51 | * Brian Saville
 52 | * Bruno Dillenseger
 53 | * Bruno Verachten
 54 | * Bryson Gibbons
 55 | * Cameron Motevasselani
 56 | * Carroll Chiou
 57 | * Cesar Augusto Sanchez
 58 | * Chadi El Masri
 59 | * Chas Honton
 60 | * Chitrang Patel
 61 | * Chris Mc
 62 | * Christian Del Monte
 63 | * Christopher McArthur
 64 | * Chuang Wang
 65 | * ckreisl
 66 | * Clarck Robinson
 67 | * Corey Daley
 68 | * cpwr-devops
 69 | * Curveen Khoo
 70 | * Cyrille Le Clerc
 71 | * DaGeRe
 72 | * Damian Szczepanik
 73 | * Damien Duportal
 74 | * Damir Suleymanov
 75 | * Dan Neduva
 76 | * Dana Maxfield
 77 | * danechitoaie
 78 | * Daniel Anechitoaie
 79 | * Daniel Heid
 80 | * Daniel Nurmi
 81 | * daniel virasto
 82 | * Dario Nuevo
 83 | * David Bendory
 84 | * David Byron
 85 | * David Georg Reichelt
 86 | * David Trowbridge
 87 | * Dayanand Sagar
 88 | * Denys Digtiar
 89 | * Devin Nusbaum
 90 | * Dibyo Mukherjee
 91 | * dipanshu
 92 | * Dmitriy Shamatrin
 93 | * Dmitry_Platonov
 94 | * Dmytro Dovbii
 95 | * Dominik Jantschar
 96 | * Dominik Stadler
 97 | * Donghui Wang
 98 | * Eason
 99 | * EBIBO
100 | * Eddy Filip
101 | * Enrique Eduardo Encalada Olivas
102 | * Elliott Frisch
103 | * Emil Bäckmark
104 | * Emma Munley
105 | * Eng Zer Jun
106 | * Erik Sternerson
107 | * Erwin Morrhey
108 | * Eva Habeeb Allah
109 | * Evgeny Klimov
110 | * Fabian Kaupp
111 | * Fatih Degirmenci
112 | * Felix Belzunce Arcos
113 | * Filipe Roque
114 | * Florian Orendi
115 | * francisf
116 | * Frieder Heugel
117 | * Fritz Elfert
118 | * Gai Lazar
119 | * gailazar300
120 | * garethjevans
121 | * Gavin Mogan
122 | * Geri Ochoa
123 | * Glen
124 | * Glib Briia
125 | * Gavin McDonald
126 | * gongy
127 | * Guy Brand
128 | * Harshad Dhaygude
129 | * Haruka Kawamura
130 | * Hector Danilo Hurtado Olaya
131 | * Hervé Le Meur
132 | * Idan Hauser
133 | * Ihor Sychevskyi
134 | * ikedam
135 | * Ilaygoldman
136 | * Ivan Leon
137 | * Jagruti Tiwari
138 | * Jason Hall
139 | * Jasper Yue
140 | * Jayadeep KM
141 | * Jean-Marc Meessen
142 | * Jeevan Reddy Ragula
143 | * Jeremy Smith
144 | * Jerome Ju
145 | * Jerome Prinet
146 | * Jerop Kipruto
147 | * jglick
148 | * Jim Klimov
149 | * Jiri Vanek
150 | * Jithin Emmanuel
151 | * jloisel
152 | * Joeri Sykora
153 | * Jonas Bamberger
154 | * Jonathan Leitschuh
155 | * Joong Hyuk Im
156 | * Jørgen Jervidalo
157 | * Jose B Camacho Taboada
158 | * José Pereda
159 | * Joseph Petersen
160 | * Joseph Petersen
161 | * judovana
162 | * Justin Abrahms
163 | * kalpshekhar
164 | * Kanstantsin Shautsou
165 | * Kara de la Marck
166 | * Karol Harezlak
167 | * KeremOzben
168 | * POASUGOH
169 | * Khurram Baig
170 | * Kiran Godishala
171 | * Kris Stern
172 | * Karl Skewes
173 | * Ivan Fernandez Calvo
174 | * Kyle Cronin
175 | * Lee Bernick
176 | * Liam Neville
177 | * liuwei
178 | * lprimak
179 | * Luiz Carvalho
180 | * Luke Addison
181 | * Magnus Bäck
182 | * Manas Kumar Das
183 | * Marcin Flis
184 | * Mark Waite
185 | * Markus Winter
186 | * Mårten Svantesson
187 | * Martin Goyot
188 | * Martin Kosicky
189 | * Martin Reinhardt
190 | * mat1e
191 | * Mathieu Delrocq
192 | * Matt Gogerly
193 | * Matthias Diester
194 | * Matti Varanka
195 | * Matti Wilhelmi
196 | * Maura E. Ardden
197 | * Mauro Javier Giamberardino
198 | * mcohen11
199 | * Melissa Bauer
200 | * Michael Dailey
201 | * Michael DOUBEZ
202 | * Michael Kemmerzell
203 | * Michael Tughan
204 | * micmarti85
205 | * Moderne
206 | * Mulgish
207 | * mvecha
208 | * Naresh Rayapati
209 | * Neeraja Potluri
210 | * nekoimi
211 | * Nicholas Elliot
212 | * Nick Carpenter
213 | * Nik Reiman
214 | * Nikhil Thomas
215 | * Nikolas Falco
216 | * Niv Keidan
217 | * nre
218 | * offa
219 | * Okafor Peace
220 | * oleg-nenashev
221 | * Oleksandr Vasyliev
222 | * Oleksii Vasylkivskyi
223 | * Oliver Gondža
224 | * Olivier Lamy
225 | * Oluwajuwon Aderibole
226 | * Örjan Sjöholm
227 | * Osama Magdy
228 | * Otávio Fernandes
229 | * ovidiupopa07
230 | * Paul Allen
231 | * Pavel Shukhman
232 | * Pedro Bueno
233 | * Philipp Straubinger
234 | * Pierre Beitz
235 | * Piyush Garg
236 | * Pradeep Kumar
237 | * Prakash Jagatheesan
238 | * pramodc0777
239 | * Prashant Verma
240 | * Pritam Paul
241 | * Priti Desai
242 | * Priya Wadhwa
243 | * Puneet Punamiya
244 | * Pushkar Pandey
245 | * pvincent
246 | * qsdf33
247 | * Quan Zhang
248 | * R. BELLO
249 | * Radek Antoniuk
250 | * Radim Vansa
251 | * Rahul Somasunderam
252 | * Raihaan Shouhell
253 | * rainerm
254 | * Rajat Gupta
255 | * René Scheibe
256 | * repolevedavaj
257 | * res0nance
258 | * Richard Kosegi
259 | * Riliane
260 | * Robert Sandell
261 | * robinsoc
262 | * Roxanne Joncas
263 | * Rustam Atai
264 | * Ryosuke Iwanaga
265 | * Sacha Wharton
266 | * Sacha Wharton
267 | * Saihttam0606
268 | * Sasa Zivkov
269 | * Sascha Schwarze
270 | * savitaashture
271 | * sboardwell
272 | * Sergei Butylin
273 | * shamlymhd
274 | * shanming.sun
275 | * Sheridan C Rawlins
276 | * Shiv Pratap Verma
277 | * Shubham
278 | * Shyam Baitmangalkar
279 | * Simon Matthews
280 | * Simon Symhoven
281 | * simonsymhoven
282 | * skumar
283 | * Alex Earl
284 | * Shivam Mukhade
285 | * Sorin Florea
286 | * Spliterash
287 | * Stefan Spieker
288 | * Stefan Wolf
289 | * Stephen
290 | * Steve Arch
291 | * Steve Hill
292 | * Steve Taylor
293 | * Steven Zimmer
294 | * steven-terrana
295 | * sthorve
296 | * Sudhindra Rao
297 | * surenpi
298 | * tarekbadrshalaan
299 | * Taylor Daugherty
300 | * tdcox
301 | * tdraebing
302 | * Thabo Krick
303 | * Thomas Neidhart
304 | * Thomas Draebing
305 | * Thomas Reinicke
306 | * Tiffany K
307 | * Tim
308 | * Tim Brown
309 | * Tim Jacomb
310 | * Tim Van Holder
311 | * TimSVector
312 | * Tobias Gruetzmacher
313 | * Tom Hobson
314 | * Tom Hombergs
315 | * Tomas Bjerre
316 | * Tomas Westling
317 | * topikachu
318 | * TracyRagan
319 | * Tyler Camp
320 | * Ulli Hafner
321 | * Utkarsh Sharma
322 | * vaibhjai
323 | * Valentin Delaye
324 | * Varun Singhai
325 | * vinamra28
326 | * vincenpt
327 | * Vincent Demeester
328 | * Vincent Latombe
329 | * Vishal-Chaudhary
330 | * Volodymyr Bokbo
331 | * Watermeyer
332 | * xin.li
333 | * Xinru Zhang
334 | * Xuefei Han
335 | * yahavi
336 | * yakirk
337 | * Yaroslav Afenkin
338 | * Yawen Luo
339 | * ydong
340 | * Yiming Gong
341 | * yogesh khandelwal
342 | * Yongxuan Zhang
343 | * YuvalNahari
344 | * Zack_Aayush
345 | * Zbynek Konecny
346 | * Zhao Xiaojie
347 | * 永胜
348 | 
349 | # Additional Voters
350 | 
351 | Voter registration requests for the below community members were submitted by themselves or others and accepted as voters by the election
352 | officer Lori Lorusso after the review with CDF staff.
353 | 
354 | * bhar19
355 | * dsanyika
356 | * ibu1224
357 | * kumada626
358 | * m-linner-ericsson
359 | * Saim Safdar
360 | * Tony Carrato
361 | * yk634
362 | * y-oksaku
363 | 


--------------------------------------------------------------------------------
/elections/2024/Voters.md:
--------------------------------------------------------------------------------
  1 | # Eligible Voters
  2 | The below list contains the GitHub IDs/names of anyone who had 10 or more commits to any CDF project over the past year (between May 1, 2023 and August 30, 2024).
  3 | For any feedback or corrections (e.g. bot accounts, duplicates) please contact the Election Officers elections@cd.foundation
  4 | 
  5 | 76932416+asaha123@...
  6 | 
  7 | asaha123
  8 | 
  9 | felixonmars
 10 | 
 11 | chncaption
 12 | 
 13 | felixonmars@...
 14 | 
 15 | howardjohn
 16 | 
 17 | Dirc
 18 | 
 19 | bradmccoydev
 20 | 
 21 | mike-serchenia
 22 | 
 23 | rgormley
 24 | 
 25 | nikhita
 26 | 
 27 | rochaporto
 28 | 
 29 | TheFoxAtWork
 30 | 
 31 | owen+github@...
 32 | 
 33 | cdaley@...
 34 | 
 35 | adnanrahic
 36 | 
 37 | AudMonte01
 38 | 
 39 | DBoag
 40 | 
 41 | emmamunley@...
 42 | 
 43 | sergey@...
 44 | 
 45 | vbatts
 46 | 
 47 | vbatts@...
 48 | 
 49 | xinredhat
 50 | 
 51 | rvema
 52 | 
 53 | rvema@...
 54 | 
 55 | 41922797+scr-oath@...
 56 | 
 57 | joejstuart
 58 | 
 59 | thameezb
 60 | 
 61 | mdstrauss91@...
 62 | 
 63 | rbo
 64 | 
 65 | squakez
 66 | 
 67 | Ilona.Shishov@...
 68 | 
 69 | RafaeLeal
 70 | 
 71 | acornett21
 72 | 
 73 | michaelsauter
 74 | 
 75 | jpower432
 76 | 
 77 | sherine-k
 78 | 
 79 | gansheer
 80 | 
 81 | Tomcli
 82 | 
 83 | gbucknel
 84 | 
 85 | seankhliao
 86 | 
 87 | alan-ghelardi
 88 | 
 89 | melnikalex
 90 | 
 91 | priyawadhwa
 92 | 
 93 | sriram-lmnd
 94 | 
 95 | skandragon
 96 | 
 97 | minhoryang@...
 98 | 
 99 | prestonvasquez
100 | 
101 | shankar-pentyala
102 | 
103 | KeisukeYamashita
104 | 
105 | EmmaMunley
106 | 
107 | anotherchrisberry
108 | 
109 | houdini91
110 | 
111 | rebalag
112 | 
113 | Arhell
114 | 
115 | BastiaanN
116 | 
117 | vbehar
118 | 
119 | rolfedh@...
120 | 
121 | sergiy_kulanov@...
122 | 
123 | appu@...
124 | 
125 | loosebazooka
126 | 
127 | guoguangwu@...
128 | 
129 | dmart
130 | 
131 | drGrove
132 | 
133 | ggalloro
134 | 
135 | karthikjeeyar
136 | 
137 | minhoryang
138 | 
139 | amiralavi7@...
140 | 
141 | shindu666@...
142 | 
143 | peteanusergiuAzDirect
144 | 
145 | mentlak0
146 | 
147 | chmouel@...
148 | 
149 | jisoolee
150 | 
151 | AshitaSingamsetty
152 | 
153 | mwessend@...
154 | 
155 | matzew
156 | 
157 | professorabhay
158 | 
159 | freefood89@...
160 | 
161 | izeye
162 | 
163 | izeye@...
164 | 
165 | obowersa
166 | 
167 | Mohamed-AH
168 | 
169 | miguelangat
170 | 
171 | codeWithUtkarsh
172 | 
173 | dogonthehorizon
174 | 
175 | ciurescuraul
176 | 
177 | freefood89
178 | 
179 | tkikuchi07f@...
180 | 
181 | 97105818+t-kikuc@...
182 | 
183 | t-kikuc
184 | 
185 | chmouel
186 | 
187 | bdellegrazie
188 | 
189 | cameron@...
190 | 
191 | lukeaddison785@...
192 | 
193 | emil.backmark@...
194 | 
195 | ppitonak
196 | 
197 | chriscannon
198 | 
199 | katmutua
200 | 
201 | SergK
202 | 
203 | nabuskey
204 | 
205 | davidumea
206 | 
207 | david.andersson@...
208 | 
209 | sabhardw@...
210 | 
211 | tchuinkoufongue@...
212 | 
213 | jvz
214 | 
215 | coreydaley
216 | 
217 | Roming22
218 | 
219 | roman-kiselenko
220 | 
221 | benjamin_j_powell@...
222 | 
223 | zeus@...
224 | 
225 | rpajay
226 | 
227 | SD-13
228 | 
229 | waveywaves
230 | 
231 | tomhobson@...
232 | 
233 | tomhobsonleeds@...
234 | 
235 | VadimDez
236 | 
237 | mad-briller
238 | 
239 | dmitris
240 | 
241 | dmitris@...
242 | 
243 | andy.block@...
244 | 
245 | rbuysse
246 | 
247 | otaviof
248 | 
249 | a7i
250 | 
251 | sabre1041
252 | 
253 | wooseung-sim
254 | 
255 | jordigilh
256 | 
257 | raballew
258 | 
259 | xbcsmith
260 | 
261 | dan-han-101
262 | 
263 | QubitPi
264 | 
265 | kmjayadeep@...
266 | 
267 | joshuasimon-taulia
268 | 
269 | mathew-fleisch
270 | 
271 | vjda
272 | 
273 | Neetuj
274 | 
275 | amarozone
276 | 
277 | lmilbaum
278 | 
279 | kmjayadeep
280 | 
281 | 97948659+rjalander@...
282 | 
283 | jglick
284 | 
285 | aprindle@...
286 | 
287 | jvinamra776@...
288 | 
289 | mjmckay
290 | 
291 | matheuspaesp@...
292 | 
293 | jitendar-singh
294 | 
295 | rolfedh
296 | 
297 | IlonaShishov
298 | 
299 | stuartwdouglas
300 | 
301 | natifridman
302 | 
303 | afrittoli@...
304 | 
305 | bingomanatee
306 | 
307 | lunarwhite
308 | 
309 | 57584831+lunarwhite@...
310 | 
311 | karlskewes
312 | 
313 | james.mcshane@...
314 | 
315 | jmcshane
316 | 
317 | isibeni
318 | 
319 | afflom
320 | 
321 | barnabei.jennifer@...
322 | 
323 | dlbewley
324 | 
325 | aaron-prindle
326 | 
327 | gijs@...
328 | 
329 | GijsvanDulmen
330 | 
331 | simon.kaegi@...
332 | 
333 | skaegi
334 | 
335 | ovidiupopa07
336 | 
337 | cfieber
338 | 
339 | babadofar
340 | 
341 | sayan-biswas
342 | 
343 | rinckm
344 | 
345 | ileixe
346 | 
347 | skyf0l
348 | 
349 | testwill
350 | 
351 | olensmar
352 | 
353 | karl.skewes@...
354 | 
355 | dprangnell
356 | 
357 | jkhelil
358 | 
359 | nicolasbernard
360 | 
361 | hutchic
362 | 
363 | valen-mascarenhas14
364 | 
365 | siamaksade
366 | 
367 | impactbchang@...
368 | 
369 | KristianOellegaard
370 | 
371 | github@...
372 | 
373 | AverageMarcus
374 | 
375 | fhopfensperger
376 | 
377 | dibyo@...
378 | 
379 | imjasonh
380 | 
381 | apoorvmahajandd
382 | 
383 | apoorvajagtap4@...
384 | 
385 | info@...
386 | 
387 | 23282107+rjtch@...
388 | 
389 | Redeltaz
390 | 
391 | f.hopfensperger@...
392 | 
393 | encaladaenrique@...
394 | 
395 | BoyChai
396 | 
397 | robert-blackman
398 | 
399 | mikecroft
400 | 
401 | concaf
402 | 
403 | zhouhaibing089
404 | 
405 | chuangw6
406 | 
407 | QuanZhang-William
408 | 
409 | Yongxuanzhang
410 | 
411 | lbernick
412 | 
413 | Pangjiping
414 | 
415 | MarkEWaite
416 | 
417 | jasonmcintosh
418 | 
419 | bobcatfish
420 | 
421 | Maximilien-R
422 | 
423 | drewbailey
424 | 
425 | basavaraju013@...
426 | 
427 | dhaus@...
428 | 
429 | dhaus67
430 | 
431 | avinal@...
432 | 
433 | Basavaraju-G
434 | 
435 | mazzy89
436 | 
437 | bigkevmcd
438 | 
439 | 
440 | kevydotvinu
441 | 
442 | jalander.ramagiri@...
443 | 
444 | difranca
445 | 
446 | rupalibehera
447 | 
448 | this.terrycox@...
449 | 
450 | 
451 | tdcox
452 | 
453 | eddiewebb
454 | 
455 | 
456 | cmotevasselani@...
457 | 
458 | adam.kaplan@...
459 | 
460 | vincent@...
461 | 
462 | adong
463 | 
464 | ayushsatyam146
465 | 
466 | 6519811+mattgogerly@...
467 | 
468 | ctadeu@...
469 | 
470 | jerop
471 | 
472 | mattmoor
473 | 
474 | encalada@...
475 | 
476 | dibyom
477 | 
478 | garethahealy
479 | 
480 | danielfbm
481 | 
482 | nicolasff
483 | 
484 | zoran@...
485 | 
486 | zregvart
487 | 
488 | 37423+hackmd-hub[bot]@...
489 | 
490 | Sachin-Itagi
491 | 
492 | qingliu@...
493 | 
494 | HaroonSaid
495 | 
496 | laszlo@...
497 | 
498 | robervexcel
499 | 
500 | jgrumboe
501 | 
502 | aleskandro
503 | 
504 | 
505 | divyansh42
506 | 
507 | billy@...
508 | 
509 | jkandasa@...
510 | 
511 | 1844673+wlynch@...
512 | 
513 | adambkaplan
514 | 
515 | rvazquezglez
516 | 
517 | mattgogerly
518 | 
519 | lucarval@...
520 | 
521 | sudhishmk
522 | 
523 | xibz
524 | 
525 | bendory
526 | 
527 | bendory@...
528 | 
529 | gabemontero
530 | 
531 | zchengjoey@...
532 | 
533 | chengjoey
534 | 
535 | edgarulg
536 | 
537 | pritidesai
538 | 
539 | e-backmark-ericsson
540 | 
541 | link108
542 | 
543 | rjalander
544 | 
545 | jervi
546 | 
547 | sanopsmx
548 | 
549 | openshift-merge-robot
550 | 
551 | dippynark
552 | 
553 | TracyRagan
554 | 
555 | kbaig@...
556 | 
557 | lcarva
558 | 
559 | dbyron@...
560 | 
561 | scr-oath
562 | 
563 | kirangodishala
564 | 
565 | kristofferchr
566 | 
567 | wlynch
568 | 
569 | apoorvajagtap
570 | 
571 | Skisocks
572 | 
573 | sachajw
574 | 
575 | matthias.diester@...
576 | 
577 | ppunamiy@...
578 | 
579 | Marten.Svantesson@...
580 | 
581 | HeavyWombat
582 | 
583 | sashture@...
584 | 
585 | savitaashture
586 | 
587 | arthur@...
588 | 
589 | JordanGoasdoue
590 | 
591 | avinal
592 | 
593 | christosarvanitis
594 | 
595 | jithine
596 | 
597 | ramessesii2
598 | 
599 | sbtaylor15
600 | 
601 | piyush-garg
602 | 
603 | vdemeest@...
604 | 
605 | l-qing
606 | 
607 | andrea.frittoli@...
608 | 
609 | dbyron-sf
610 | 
611 | steve@...
612 | 
613 | tracy@...
614 | 
615 | davidB
616 | 
617 | yuzp1996
618 | 
619 | tomhobson
620 | 
621 | jkandasa
622 | 
623 | chitrangpatel
624 | 
625 | khrm
626 | 
627 | pratap0007
628 | 
629 | vinamra28
630 | 
631 | qu1queee
632 | 
633 | SaschaSchwarze0
634 | 
635 | msvticket
636 | 
637 | PuneetPunamiya
638 | 
639 | afrittoli
640 | 
641 | AlanGreene
642 | 
643 | vdemeester
644 | 
645 | sbtaylor15@...
646 | 


--------------------------------------------------------------------------------
/incubating/README.md:
--------------------------------------------------------------------------------
1 | # CDF Incubating Projects
2 | 
3 | See the list of the CDF projects [here](https://cd.foundation/projects/).
4 | 


--------------------------------------------------------------------------------
/process/README.md:
--------------------------------------------------------------------------------
 1 | # TOC Policies
 2 | 
 3 | This folder contains policies defined and maintained by the TOC that complement the [CDF Foundation Charter][charter].
 4 | 
 5 | - [New Project Onboarding](./new_project_onboarding.md)
 6 | - [Project Graduation Criteria](./graduation_criteria.md)
 7 | - [TOC Voting](./voting.md)
 8 | - [TOC Vacancies](./vacancies.md)
 9 | 
10 | [charter]: https://github.com/cdfoundation/charter/blob/master/CHARTER.md


--------------------------------------------------------------------------------
/process/graduation_criteria.md:
--------------------------------------------------------------------------------
1 | # CDF Graduation Criteria
2 | 
3 | | WARNING: See the actual information about the project lifecycle and graduation criteria [here](/PROJECT_LIFECYCLE.md) |
4 | | --- |
5 | 
6 | 


--------------------------------------------------------------------------------
/process/new_project_onboarding.md:
--------------------------------------------------------------------------------
 1 | # CDF Project Onboarding
 2 | 
 3 | This is a high level overview of onboarding for new CDF projects that have been accepted into the foundation by the technical oversight committee.
 4 | The listed actions should happen shortly after the project is accepted,
 5 | with a longer but reasonable grace period for legal actions like trademark and patent transfer.
 6 | 
 7 | ## Community
 8 | 
 9 | * Code of Conduct - The project should introduce an inclusive code of conduct if it does not already exist.
10 |    It is recommended to adopt [Contributor Covenant](https://www.contributor-covenant.org/) and document the Continuous Delivery Foundation as the escalation level next to the project
11 | * Recommended: Delegate a representative to the Continuous Delivery Foundation that would participate in the CDF TOC mailing list and other foundation events
12 | 
13 | ## Technical & Infrastructure
14 | 
15 | * Domain Transfer - project-related domains should be transferred to the Linux Foundation via an issue created here https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/group/19
16 | * Github Repos - project-related repositories must be located in a neutral LF Github organization. The current GitHub organization owner must invite the user "thelinuxfoundation" (no quotes) as an owner.  GitHub’s documentation for how to do that is here: https://docs.github.com/en/organizations/managing-organization-settings/transferring-organization-ownership
17 | * Zoom account - projects may request a zoom sub-account for scheduling community meetings. Please submit a ticket to [CDF Helpdesk](https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/group/19), identifying key community members who should have access.
18 | 
19 | ## Legal
20 | 
21 | * Licenses: the CDF only permits [OSI licenses][osi-licenses]. Projects may decide which OSI permitted license(s) to adopt for the source code and other content produced by project community. 
22 | * Intellectual Property: projects may decide their preferred approach, typically enforcing a Developer Certificate of Origin (DCO) or a Contributor License Agreement (CLA). The Linux Foundation offers a CLA service via [LFX/EasyCLA][easycla] which projects may decide to adopt. Projects may also adopt.
23 | 
24 | ### Trademarks and Service marks
25 | 
26 | * Any registered marks for the project must be transferred to the Linux Foundation.
27 | * Marks that are not registered can benefit from a certain degree of protection: a common law trademark provides protection for a symbol, logo, product name, or other words or marks that identify the source of goods or services before it is registered with the state or federal government. If someone began using a confusingly similar mark with similar goods/services, it may be possible to enforce those common law rights (e.g., cease and desist letter, law suit).
28 | 
29 | ## Outreach & Marketing
30 | 
31 | * A press release announcing the new project will be put out by CDF. Please identify key messaging and community members to provide quotes and email pr@cd.foundation
32 | * Podcast - projects are welcome to do a kickoff episode on The Pipeline Podcast, more detail here: https://cd.foundation/podcast/
33 | * CDF Landscape - add the project to the [CDF Landscape](https://github.com/cdfoundation/cdf-landscape) for better visibility
34 | 
35 | 
36 | [osi-licenses]: https://opensource.org/licenses/
37 | [easycla]: https://lfx.linuxfoundation.org/tools/easycla/


--------------------------------------------------------------------------------
/process/vacancies.md:
--------------------------------------------------------------------------------
 1 | # Vacancies Policy
 2 | 
 3 | These policy cover the cases of TOC members changing affiliation and temporarily or permanently leaving the TOC. For any case that cannot be resolved through this policy, the CDF Governing Board may decide how to proceed.
 4 | 
 5 | ## Leave of Absence
 6 | 
 7 | Any member of the TOC is welcome to take leave from being a TOC member, for any reason (which they are not required to disclose). The leave must be communicated to the other TOC members via an email to the TOC email list. The actions taken will depend on both of:
 8 | 
 9 | 1. The length of the leave: whether this is greater or less than approximately (at the discretion of the other TOC members) 1/4 of their total term
10 | 1. Whether their seat will be up for election during the period of their leave
11 | 
12 | If the leave is less than or equal to 1/4 of the TOC member's total term, and their seat will not be up for re-election during that time, the TOC member may select someone to be an acting TOC member for the length of the leave. This person must meet the candidate eligibility requirements for the specific TOC seat, as defined in the [CDF Charter][charter], section 7.c.
13 | 
14 | If the length of the leave is greater than 1/4 of the total term, or their seat will be up for election during the leave period, the TOC member will be required to [step down from their seat](#stepping-down).
15 | 
16 | ## Stepping down
17 | 
18 | If a TOC member is no longer able to perform the TOC duties, the TOC member must inform the TOC via an email to the [TOC email list][toc-ml].
19 | 
20 | The candidate with the next most votes from the previous election for that seat will be offered the seat, provided that person otherwise qualifies to join the TOC. This process will continue until the seat is filled.
21 | 
22 | In case this fails to fill the seat, a special election for that position will be held as soon as possible, unless the regular TOC election is less than 7 weeks away. Eligible voters from the most recent election will vote in the special election. Eligibility will not be redetermined at the time of the special election. Any replacement TOC member will serve out the remainder of the term for
23 | the person they are replacing, regardless of the length of that remainder.
24 | 
25 | ## Change in affiliation
26 | 
27 | If a TOC member moves companies, that member must notify the TOC via an email to the [TOC email list][toc-ml]. That TOC member may remain a member unless: 
28 | 
29 | * the move places the member in conflict with the TOC composition rules, or
30 | * the TOC member (at her/his determination) will no longer be able to perform their TOC duties. 
31 | 
32 | [charter]: https://github.com/cdfoundation/charter/blob/master/CHARTER.md
33 | [toc-ml]: https://lists.cd.foundation/g/cdf-toc


--------------------------------------------------------------------------------
/process/voting.md:
--------------------------------------------------------------------------------
1 | # Voting
2 | 
3 | In various situations the CDF TOC shall hold a vote. These votes can happen on the phone, email, or via a voting service, when appropriate. TOC members can either respond "agree, yes, +1", "disagree, no, -1", or "abstain". A vote passes depending on the requirements placed on the activity in the charter. An abstain vote equals not voting at all.
4 | 


--------------------------------------------------------------------------------
/projects/README.md:
--------------------------------------------------------------------------------
 1 | # CDF Projects
 2 | 
 3 | This folder includes various documents related to the [projects][cdf-projects] hosted by the CDF:
 4 | 
 5 | - [CDEvents](cdevents)
 6 | - [Jenkins](jenkins)
 7 | - [JenkinsX](jenkinsx)
 8 | - [Ortelius](ortelius)
 9 | - [Screwdriver](screwdriver)
10 | - [Shipwright](shipwright)
11 | - [Spinnaker](spinnaker)
12 | - [Tekton](tekton)
13 | 
14 | ## Project Updates
15 | 
16 | Project provide a quarterly update to the TOC by proposing a PR to this repo in their respective folder, using the [template](update-template.md) provided:
17 | 
18 | ```text
19 | cp update-template.md <project-name>/<YYYYMM>-update.md
20 | ```
21 | 
22 | [cdf-projects]: https://cd.foundation/projects/


--------------------------------------------------------------------------------
/projects/cdevents/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # CDEvents Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | CDEvents released its [fourth version](https://cd.foundation/blog/2024/04/16/cdevents-v04/), which includes support for links between events, new ticket events as well as custom events.
 6 | 
 7 | ## Adoption updates
 8 | 
 9 | The JReleaser project adopted CDEvents.
10 | 
11 | ## Contribution trends
12 | 
13 | The project benefits from a [steady stream of contributions](https://cdevents.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=20240401%2Fy&to=20240701%2Fy&var-period=m&var-metric=contributions&var-repogroup_name=All&var-country_name=All&var-company_name=All&var-company=all) to the spec and SDKs.
14 | Experimental projects like the webhook adapter and visualization tool have been progressing too.
15 | 
16 | The CDEvents project has been on-boarded on LFX insight. The data is not publicly accessible yet.
17 | 
18 | ## Community updates
19 | 
20 | The community agreed to set-up a new Working Group dedicated to the architecture and development tools required to consume and benefit from CDEvents.
21 | 
22 | ## Security updates
23 | 
24 | CDEvents enabled dependabot on the spec and SDK repos to keep all dependencies up to date.
25 | 
26 | ## Infrastructure updates
27 | 
28 | No infrastructure costs this quarter.


--------------------------------------------------------------------------------
/projects/cdevents/2024-q3.md:
--------------------------------------------------------------------------------
 1 | # CDEvents Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | The CDEvents Rust SDK was [released](https://github.com/cdevents/sdk-rust/releases/tag/cdevents-sdk-v0.1.0).
 6 | The community created a new [Implementation Working Group](https://github.com/cdevents/implementation-wg) which
 7 | focuses on the tools and architecture for adopting CDEvents and generating value.
 8 | The first use case the working group is considering is that of
 9 | [security automation](https://github.com/cdevents/implementation-wg/blob/main/docs/security_automation.md): using
10 | events to add security features to existing CI/CD workflows without having to edit the original pipeline definitions.
11 | 
12 | ## Contribution trends
13 | 
14 | After the summer break, the community is now back in full swing with active work going into
15 | planning and implementation of the next release as well as the implementation working group.
16 | Detailed stats are available on [LFX](https://insights.lfx.linuxfoundation.org/foundation/cdf/overview/github?project=cdevents&routedFrom=Github&dateFilters=Last%20Quarter&dateRange=2024-07-01%20to%202024-09-30&compare=PP&granularity=week&hideBots=true).
17 | 
18 | ## Community updates
19 | 
20 | CDEvents participated in Hacktoberfest 2024.This year we received some really good quality contributions to our docs.
21 | We still have a many tasks that could use some love, ranging from docs to work on SDKs and more, so please keep your
22 | contributions coming even after Hacktoberfest!
23 | 


--------------------------------------------------------------------------------
/projects/cdevents/2025-q1.md:
--------------------------------------------------------------------------------
 1 | # CDEvents Update
 2 | 
 3 | The CDEvents team has been working on improving the sustainability of the SDKs and documentation.
 4 | After investigating various technologies, [asyncapi](https://github.com/asyncapi/spec) has been selected
 5 | as the new modelling language that will be used by the project.
 6 | 
 7 | In future, SDKs and JSONschemas will be generated from a single asyncapi source of truth.
 8 | 
 9 | ## Fun facts
10 | 
11 | CDEvents was featured on "The CD Pipeline" Techstrong.tv video series [episode #16](https://techstrong.tv/videos/cd-pipeline/embracing-open-source-with-cdevents-the-cd-pipeline-ep16).


--------------------------------------------------------------------------------
/projects/cdevents/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://docs.google.com/presentation/d/16bsZ4Dg8_BcfQ1askew0-HljaJJ5BwLmun4nZT_7kUw/edit?usp=sharing)
4 | - [Q2 2024](2024-q2.md)
5 | - [Q3 2024](2024-q3.md)
6 | - [Q1 2025](2025-q1.md)


--------------------------------------------------------------------------------
/projects/jenkins/2024-q2-jenkins-jvm-adoption-stats.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/projects/jenkins/2024-q2-jenkins-jvm-adoption-stats.png


--------------------------------------------------------------------------------
/projects/jenkins/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Jenkins Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | Jenkins continued its pattern of releasing a [new version](https://www.jenkins.io/changelog/) every week and a [new long term support version](https://www.jenkins.io/changelog-stable/) every 4 weeks.
 6 | New features are summarized in the [Jenkins tutorials playlist](https://www.youtube.com/playlist?list=PLvBBnHmZuNQJeznYL2F-MpZYBUeLIXYEe) on [CloudBees TV](https://www.youtube.com/@CloudBeesTV).
 7 | 
 8 | ## Adoption updates
 9 | 
10 | Jenkins controller installations reporting to the Jenkins statistics system varied during the last three months between 285 000 and 297 000.
11 | Controller installation counts continue to remain relatively steady as they have for the last few years.
12 | 
13 | ## Contribution trends
14 | 
15 | Jenkins has been accepted in [Google Summer of Code 2024](https://summerofcode.withgoogle.com/programs/2024/projects) for [5 projects](https://www.jenkins.io/blog/2024/05/01/google-summer-of-code-congrats-and-welcome/).
16 | The projects include:
17 | 
18 | * [Manage GitHub permissions as code](https://www.jenkins.io/projects/gsoc/2024/project-ideas/automating-rpu-for-jenkinsci-organization/)
19 | * [Using OpenRewrite recipse for plugin modernization](https://www.jenkins.io/projects/gsoc/2024/project-ideas/using-openrewrite-recipes-for-plugin-modernization-or-automation-plugin-build-metadata-updates/)
20 | * [Implementing UI for Jenkins infra statistics](https://www.jenkins.io/projects/gsoc/2024/project-ideas/implementing-ui-for-jenkins-infra-statistics/)
21 | * [Enhancing an existing LLM model with domain specific Jenkins knowledge](https://www.jenkins.io/projects/gsoc/2024/project-ideas/enhancing-an-existing-llm-model-with-domain-specific-jenkins-knowledge/)
22 | * [Improve maintainability for the repository permissions](https://www.jenkins.io/projects/gsoc/2024/projects/improving-maintainability-of-rpu)
23 | 
24 | Thanks to the GSoC organization administrators for Jenkins, [Kris Stern](https://www.jenkins.io/blog/authors/krisstern/), [Alyssa Tong](https://www.jenkins.io/blog/authors/alyssat/), and [Bruno Verachten](https://www.jenkins.io/blog/authors/gounthar/).
25 | Thanks in advance to the GSoC lead mentors, [Alexander Brandes](https://www.jenkins.io/blog/authors/notmyfault/), [Valentin Delaye](https://www.jenkins.io/blog/authors/jonesbusy), and [Kris Stern](https://www.jenkins.io/blog/authors/krisstern/).
26 | Extra special thanks in advance to the contributors, Danyang Zhao, Sridhar Sivakumar, Shlomo Dahan, Nour Almulhem, and Phillipp Glanz.
27 | 
28 | The Jenkins project is also mentioned in other Google Summer of Code projects, including:
29 | 
30 | * [Ceph](https://summerofcode.withgoogle.com/programs/2024/projects/SG1yEXSM) - 2 projects
31 | * [Linux Foundation](https://summerofcode.withgoogle.com/programs/2024/projects/dtZ1xm2i) - kworkflow testing improvements
32 | 
33 | The count of individual contributors to Jenkins decreased from a peak of 600 to 500 as reported by the [Linux Foundation DevStats project](https://jenkins.devstats.cd.foundation/d/7/companies-contributing-in-repository-groups?orgId=1).
34 | This is a common pattern that we've seen each year during the transition from Google Summer of Code candidate evaluation to Google Summer of Code implementation.
35 | 
36 | ## Community updates
37 | 
38 | The [Jenkins contributor spotlight](https://contributors.jenkins.io/) continues to highlight key Jenkins contributors.
39 | The most recent spotlight is [Kevin Martens](https://contributors.jenkins.io/pages/contributors/kevin-martens/) - Jenkins documentation officer.
40 | 
41 | The [Jenkins community site](https://community.jenkins.io/) (donated by Discourse) continues to allow users to help each other.
42 | 
43 | Several Jenkins special interest groups continue their active development, including:
44 | 
45 | * [User experience SIG](https://community.jenkins.io/tag/sig-ux)
46 | * [Platform SIG](https://community.jenkins.io/tag/sig-platform)
47 | * [Documentation SIG](https://community.jenkins.io/tag/sig-docs)
48 | * [Infrastructure team](https://community.jenkins.io/tag/sig-infra)
49 | 
50 | ## Governance updates
51 | 
52 | The Jenkins governance board meets regularly and provides [meeting notes and recordings](https://community.jenkins.io/tag/governance) on the Jenkins community site.
53 | 
54 | ## Security updates
55 | 
56 | The [Jenkins security team](https://www.jenkins.io/security/) continues to track security issues, report vulnerabilities, and resolve security issues.
57 | 
58 | Security advisories were published in March, April, and May, including:
59 | 
60 | * [2 May 2024](https://www.jenkins.io/security/advisory/2024-05-02/) - 4 plugins
61 | * [17 Apr 2024](https://www.jenkins.io/security/advisory/2024-04-17/) - Jenkins core
62 | * [20 Mar 2024](https://www.jenkins.io/security/advisory/2024-03-20/) - Jenkins core
63 | * [6 Mar 2024](https://www.jenkins.io/security/advisory/2024-03-06/) - 12 plugins
64 | 
65 | When reporting a security issue, please follow our [issue reporting guidelines](https://www.jenkins.io/security/reporting/).
66 | 
67 | ## Infrastructure updates
68 | 
69 | The Jenkins infrastructure team meets weekly and shares the [meeting recordings and meeting notes](https://community.jenkins.io/tag/sig-infra) on the Jenkins community site.
70 | 
71 | Jenkins infrastructure cloud costs are spread between multiple donors, including:
72 | 
73 | * Continuous Delivery Foundation
74 | * CloudBees Inc.
75 | * Microsoft Azure
76 | * AWS
77 | * DigitalOcean
78 | 
79 | Cloud costs are tracked in detail by the Jenkins infrastructure team.
80 | The year to date expenses are in budget and are planned to remain in budget for the rest of 2024.
81 | 
82 | ## Fun facts
83 | 
84 | The Spring Security project has announced the [31 Aug 2024 end of life of Spring Security 5.8](https://spring.io/blog/2024/03/01/support-timeline-announcement-for-spring-framework-6-0-x-and-5-3-x) along with end of life of Spring Framework 5.3.
85 | Spring Security 6 requires Java 17 and Jakarta EE 9.
86 | The Jenkins project is preparing for its upgrade from Spring Security 5.8 to Spring Security 6 and for its upgrade to require Java 17 as the minimum Java version for Jenkins.
87 | We expect to require Java 17 in Jenkins weekly before the end of June 2024 and to require Java 17 in the long term support release at the end of October 2024.
88 | 
89 | ![Java virtual machine adoption statistics for Jenkins controllers](2024-q2-jenkins-jvm-adoption-stats.png "Java Versions Used by Jenkins")


--------------------------------------------------------------------------------
/projects/jenkins/2024-q3.md:
--------------------------------------------------------------------------------
  1 | # Jenkins Update
  2 | 
  3 | ## Features and releases
  4 | 
  5 | The Jenkins [2+2+2 Java support plan](https://www.jenkins.io/blog/2023/11/06/introducing-2-2-2-java-support-plan/) that was introduced in November 2023 has completed a major milestone.
  6 | Jenkins weekly [2.463](https://www.jenkins.io/changelog/2.463/) and Jenkins LTS [2.479.1](https://www.jenkins.io/changelog-stable/2.479.1/) have dropped support for Java 11.
  7 | They both support Java 17 and Java 21.
  8 | Java 25 support is the next major milestone, planned for shortly after its release in late 2025.
  9 | 
 10 | Jenkins continued its pattern of releasing a [new version](https://www.jenkins.io/changelog/) every week and a [new long term support version](https://www.jenkins.io/changelog-stable/) every 4 weeks.
 11 | New features are summarized in the [Jenkins tutorials playlist](https://www.youtube.com/playlist?list=PLvBBnHmZuNQJeznYL2F-MpZYBUeLIXYEe) on [CloudBees TV](https://www.youtube.com/@CloudBeesTV).
 12 | 
 13 | ## Grants and Awards
 14 | 
 15 | [AWS](https://aws.amazon.com/opensource/) has provided two $60,000 cloud credit grants to the Jenkins project for Jenkins infrastructure.
 16 | The Jenkins project is moving their primary continuous integration server, [ci.jenkins.io](https://ci.jenkins.io) to AWS in order to use the donation.
 17 | 
 18 | [Microsoft Azure](https://azure.microsoft.com/en-us/solutions/open-source) has provided a [$60,000 cloud credit grant](https://www.jenkins.io/blog/2024/07/26/microsoft-donates-to-jenkins/) to the Jenkins project for Jenkins infrastructure.
 19 | The Jenkins project has used the Microsoft Azure credits to successfully complete a major upgrade project that concluded with the [2.479.1](https://www.jenkins.io/changelog-stable/2.479.1/) release 30 Oct 2024.
 20 | We've upgraded from Spring Security 5 to Spring Security 6, from Eclipse Jetty 10 to Eclipse Jetty 12, and from Java Enterprise Edition 8 to Jakarta Enterprise Edition 9.
 21 | 
 22 | [Alpha-Omega](https://alpha-omega.dev/) has funded a 3 month project to [improve the implementation of Jenkins Content Security Policy](https://www.jenkins.io/blog/2024/10/04/content-security-policy-grant/).
 23 | The [first progress report](https://www.jenkins.io/blog/2024/11/01/jenkins-csp-project-update/) is available.
 24 | It provides a summary of the results from the first month of the project.
 25 | The 3 month project will conclude at the end of December 2024.
 26 | 
 27 | [Jenkins mirror sponsors](https://www.jenkins.io/blog/2024/06/13/thanks-mirror-sponsors/) have expanded to now include general purpose mirror hosting in 13 locations around the world:
 28 | 
 29 | * Belgium - [Belnet](https://ftp.belnet.be/mirror/jenkins/)
 30 | * China - [Tsinghua University](https://mirrors.tuna.tsinghua.edu.cn/jenkins/)
 31 | * Germany - [University of Aachen](https://ftp.halifax.rwth-aachen.de/jenkins/)
 32 | * India - [Sahil Dhiman](https://2.mirrors.in.sahilister.net/jenkins/)
 33 | * Japan - [Jing Luo](https://repo.jing.rocks/jenkins/)
 34 | * Japan - [Yamagata university](https://ftp.yz.yamagata-u.ac.jp/pub/misc/jenkins)
 35 | * Singapore - [Freedif](https://mirror.freedif.org/jenkins/)
 36 | * Singapore - [Servana](https://sg.mirror.servanamanaged.com/jenkins/)
 37 | * Taiwan - [OSSPlanet](https://mirror.ossplanet.net/jenkins/)
 38 | * Taiwan - [Taiwan Digital Streaming Co.](https://mirror.twds.com.tw/jenkins/)
 39 | * United States - Oregon State University Open Source Lab ([New York City](https://ftp-nyc.osuosl.org/pub/jenkins/) and [Chicago](https://ftp-chi.osuosl.org/pub/jenkins/plugins/))
 40 | * United States - [XMission](https://mirror.xmission.com/jenkins/)
 41 | 
 42 | We also have two mirror hosts that are dedicated to their specific countries:
 43 | 
 44 | * Romania - [Hostico](https://mirrors.hostico.ro/jenkins/)
 45 | * Russia - [Yandex](https://mirror.yandex.ru/mirrors/jenkins/)
 46 | 
 47 | Organizations that are willing to host a Jenkins mirror should submit a ticket to the [Jenkins infrastructure help desk](https://github.com/jenkins-infra/helpdesk/issues?q=is%3Aissue+mirror+label%3Amirrors.jenkins.io+is%3Aclosed).
 48 | 
 49 | ## 2024 Board and Officer Elections
 50 | 
 51 | Voting is in progress for the [2024 Jenkins Board and Officer elections](https://www.jenkins.io/blog/2024/10/03/jenkins-election-candidates/).
 52 | [Nominations](https://www.jenkins.io/blog/2024/08/01/board-officer-election-announcement/) were accepted from August 1, 2024 through September 15, 2024.
 53 | [Voter registrations](https://www.jenkins.io/blog/2024/09/25/board-officer-election-announcement/) were accepted from September 16, 2024 through October 31, 2024.
 54 | Voting will conclude November 30, 2024 with the announcement of 3 new members of the board and new officers.
 55 | 
 56 | ## Contribution trends
 57 | 
 58 | Jenkins has completed [5 projects](https://www.jenkins.io/blog/2024/05/01/google-summer-of-code-congrats-and-welcome/) in [Google Summer of Code 2024](https://summerofcode.withgoogle.com/programs/2024/projects).
 59 | The projects include:
 60 | 
 61 | * [Manage GitHub permissions as code](https://www.jenkins.io/projects/gsoc/2024/project-ideas/automating-rpu-for-jenkinsci-organization/)
 62 | * [Using OpenRewrite recipes for plugin modernization](https://www.jenkins.io/projects/gsoc/2024/project-ideas/using-openrewrite-recipes-for-plugin-modernization-or-automation-plugin-build-metadata-updates/)
 63 | * [Implementing UI for Jenkins infra statistics](https://www.jenkins.io/projects/gsoc/2024/project-ideas/implementing-ui-for-jenkins-infra-statistics/)
 64 | * [Enhancing an existing LLM model with domain specific Jenkins knowledge](https://www.jenkins.io/projects/gsoc/2024/project-ideas/enhancing-an-existing-llm-model-with-domain-specific-jenkins-knowledge/)
 65 | * [Improve maintainability for the repository permissions](https://www.jenkins.io/projects/gsoc/2024/projects/improving-maintainability-of-rpu)
 66 | 
 67 | Thanks to the GSoC organization administrators for Jenkins, [Kris Stern - lead organization administrator](https://www.jenkins.io/blog/authors/krisstern/), [Alyssa Tong](https://www.jenkins.io/blog/authors/alyssat/), and [Bruno Verachten](https://www.jenkins.io/blog/authors/gounthar/).
 68 | Thanks to the GSoC lead mentors, [Alexander Brandes](https://www.jenkins.io/blog/authors/notmyfault/), [Valentin Delaye](https://www.jenkins.io/blog/authors/jonesbusy), and [Kris Stern](https://www.jenkins.io/blog/authors/krisstern/).
 69 | Extra special thanks to the contributors, [Danyang Zhao](https://www.jenkins.io/blog/authors/alaurant/), [Sridhar Sivakumar](https://www.jenkins.io/blog/authors/sridamul/), [Shlomo Dahan](https://www.jenkins.io/blog/authors/shlomomdahan/), [Nour Ziad Almulhem](https://www.jenkins.io/blog/authors/nouralmulhem/), and [Phillipp Glanz](https://www.jenkins.io/blog/authors/themeinerlp/).
 70 | 
 71 | The Jenkins project is also mentioned in other Google Summer of Code projects, including:
 72 | 
 73 | * [Ceph](https://summerofcode.withgoogle.com/programs/2024/projects/SG1yEXSM) - 2 projects
 74 | * [Linux Foundation](https://summerofcode.withgoogle.com/programs/2024/projects/dtZ1xm2i) - kworkflow testing improvements
 75 | 
 76 | The count of individual contributors to Jenkins increased from a low 500 to about 550 as reported by the [Linux Foundation DevStats project](https://jenkins.devstats.cd.foundation/d/7/companies-contributing-in-repository-groups?orgId=1).
 77 | This is a common pattern that we've seen each year during Google Summer of Code candidate implementation.
 78 | 
 79 | ## Community updates
 80 | 
 81 | The [Jenkins contributor spotlight](https://contributors.jenkins.io/) continues to highlight key Jenkins contributors.
 82 | We've published spotlights for 23 Jenkins contributors and expect to continue publishing through 2025.
 83 | 
 84 | The [Jenkins community site](https://community.jenkins.io/) (donated by Discourse) continues to allow users to help each other.
 85 | 
 86 | Several Jenkins special interest groups continue their active development, including:
 87 | 
 88 | * [User experience SIG](https://community.jenkins.io/tag/sig-ux)
 89 | * [Platform SIG](https://community.jenkins.io/tag/sig-platform)
 90 | * [Documentation SIG](https://community.jenkins.io/tag/sig-docs)
 91 | * [Infrastructure team](https://community.jenkins.io/tag/sig-infra)
 92 | 
 93 | ## Governance updates
 94 | 
 95 | The Jenkins governance board meets regularly and provides [meeting notes and recordings](https://community.jenkins.io/tag/governance) on the Jenkins community site.
 96 | 
 97 | ## Security updates
 98 | 
 99 | The [Jenkins security team](https://www.jenkins.io/security/) continues to track security issues, report vulnerabilities, and resolve security issues.
100 | 
101 | Security advisories were published in June, August, and October, including:
102 | 
103 | * [2 Oct 2024](https://www.jenkins.io/security/advisory/2024-10-02/)
104 | * [7 Aug 2024](https://www.jenkins.io/security/advisory/2024-08-07/)
105 | * [26 Jun 2024](https://www.jenkins.io/security/advisory/2024-06-26/)
106 | 
107 | When reporting a security issue, please follow our [issue reporting guidelines](https://www.jenkins.io/security/reporting/).
108 | 
109 | ## Infrastructure updates
110 | 
111 | The Jenkins infrastructure team meets weekly and shares the [meeting recordings and meeting notes](https://community.jenkins.io/tag/sig-infra) on the Jenkins community site.
112 | 
113 | Jenkins infrastructure cloud costs are spread between multiple donors, including:
114 | 
115 | * Continuous Delivery Foundation
116 | * CloudBees Inc.
117 | * Microsoft Azure
118 | * AWS
119 | * DigitalOcean
120 | 
121 | Cloud costs are tracked in detail by the Jenkins infrastructure team.
122 | The year to date expenses are in budget and are planned to remain in budget for the rest of 2024.
123 | 


--------------------------------------------------------------------------------
/projects/jenkins/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://docs.google.com/presentation/d/1teDDAY41zRU9ubbuQw1LMc_W3vf4eNJX8zoUGn7lNSA/edit?usp=sharing)
4 | - [Q2 2024](./2024-q2.md)
5 | 


--------------------------------------------------------------------------------
/projects/jenkinsx/2024-q3.md:
--------------------------------------------------------------------------------
1 | # Jenkins X Update
2 | 
3 | ## Features and release
4 | 
5 | One of the basic premises behind Jenkins X is that it should be an opinionated platform for CI/CD in Kubernetes. From the start third party components have been used while components have been created within the project as needed. One component that was created was a [dashboard](https://github.com/jenkins-x/jx-pipelines-visualizer) for the pipelines. Since then the [Tekton Dashboard](https://tekton.dev/docs/dashboard/) has been created and its features has been expanded continously. So we are now [looking at migrating from our own solution to Tekton Dashboard](https://github.com/jenkins-x/enhancements/issues/49). 
6 | 
7 | In git several features for improved handling of large repos have been introduced: [partial cloning, shallow cloning](https://github.blog/open-source/git/get-up-to-speed-with-partial-clone-and-shallow-clone/) and [sparse checkout](https://github.blog/open-source/git/bring-your-monorepo-down-to-size-with-sparse-checkout/). Since Jenkins X has support for many git providers and the adoption of these improvements has varied we haven't used these features by default. Now most git providers do support these features and we have renewed [our efforts](https://github.com/jenkins-x/jx/issues/8240) to support them by default.
8 | 


--------------------------------------------------------------------------------
/projects/jenkinsx/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - Q1 2024: None provided
4 | - [Q2 2024](jenkins-x-2024-q2.md)
5 | - [Q3 2024](2024-q3.md)
6 | - [Q1 2025](jenkins-x-2025-q1.md)
7 | 


--------------------------------------------------------------------------------
/projects/jenkinsx/jenkins-x-2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Jenkins X Update
 2 | 
 3 | ## Community updates
 4 | 
 5 | 3 new maintainers are being onboarded:
 6 | 
 7 | - Jordan Goasdoué
 8 | - Archie Skeoch
 9 | - Matthew Mentlak
10 | 


--------------------------------------------------------------------------------
/projects/jenkinsx/jenkins-x-2025-q1.md:
--------------------------------------------------------------------------------
 1 | # Jenkins X Update
 2 | 
 3 | ## Community updates
 4 | 
 5 | ### Name change
 6 | 
 7 | We are in the process of changing the name of the project. The current name, Jenkins X, gives the
 8 | impression that the project is somehow connected with Jenkins. In reality this connection is very slim.
 9 | 
10 | A neutral name would reduce the risk of giving the wrong impression to people envcountering the
11 | project.
12 | 


--------------------------------------------------------------------------------
/projects/ortelius/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Ortelius 2024 Q2
 2 | 
 3 | ## Roadmap
 4 | 
 5 | - Hero Project to collect metrics and metadata using CDEvents.  Team has started with high-level requirements.  Next step to create a formal requirements doc.
 6 | - Investigated CNCF NATS project for CDEvents message bus.
 7 | - Working with CDEvents working group understand schema and requirements for Hero Project.
 8 | 
 9 | ## Features and release
10 | 
11 | - Features:
12 |   - New microservice added to store raw SBOM in ArangoDB
13 |   - Added gathering of OpenSSF Scorecard results for each Component and Package Dependencies
14 |   - New microservice added that uses the Stanford NPL Machine Learning/AI model to associate a Mitre Attack Technique to the OpenSSF CVEs.
15 | 
16 | - Bug Fixes:
17 |   - Changed SBOM license hyperlink lookup to improve speed.
18 |   - Changed npm dependencies for new Svelt frontend to resolve CVE in nested dependencies
19 |   - Pinned nodejs to 21.1.0
20 |   - Moved docker base images from chaingaurd to amazonlinux:2023 to fix CVEs in python microservices
21 | 
22 | ## Adoption updates
23 | 
24 | No new adoptions that we are aware of
25 | 
26 | ## Community Updates
27 | 
28 | Handful of new contributors have joined.  One interested in making coding changes.  Other, interested in the Ortelius architecture, outreach and roadmaps.
29 | 
30 | SecureChainCon May 2024 online micro-conference.  Held on Zoom and Twitch. Recordings are on [YouTube Playlist](https://www.youtube.com/watch?v=2JWAWQ2Akd4&list=PLjQ1l9KZoIQ0a8WaK2M2uvRxDOBI3ZRGP)
31 | 
32 | ## Governance updates
33 | 
34 | Governing Board and TOC meet once a quarter.
35 | - [Governing Board Meeting Notes](https://docs.google.com/document/d/1oJ2k0mcltc5C8_6xBYkYy_97dQudPcAT7yWIRFzO_lk/edit#heading=h.uwkmvfmryfjv)
36 | - [TOC Meeting Notes](https://docs.google.com/document/d/1ilQJqtkMOfamLo701WJ4ZQO-n5tWC5QJrbfv2O6JGU0/edit)
37 | 
38 | ## Security updates
39 | 
40 | Revonate runs on all (~40) repos keeping dependencies up to date.  CVEs are fixed within 2-3 days.
41 | 
42 | ## Fun Fact
43 | 
44 | Ortelius now runs on native Kubernetes cluster on top of Raspberry Pi hardware.  Instructions [here](https://ortelius.io/blog/2024/04/05/how-to-bake-an-ortelius-pi-part-1-the-hardware/)
45 | 


--------------------------------------------------------------------------------
/projects/ortelius/2024-q3.md:
--------------------------------------------------------------------------------
 1 | # Ortelius 2024 Q3
 2 | 
 3 | ## Roadmap
 4 | 
 5 | - Hero Project to collect metrics and metadata using CDEvents. High-level requirements complete.  Need some cleanup based on comments before merging.
 6 | - Next step for CDEvents is to document the requirements for Active, Hybrid and Passive Event Creation.
 7 | - Started investigating add Security Evidence into Jenkins.  Basically, a Application Posture Mmgt Dashboard in Jenkins.  This links data from Ortelius back to Jenkins.
 8 | 
 9 | ## Features and release
10 | 
11 | - Features:
12 |   - Release new UI that has the data better organized.
13 | 
14 | ## Adoption updates
15 | 
16 | No new adoptions that we are aware of
17 | 
18 | ## Community Updates
19 | 
20 | Participated in Hacktoberfest.  Main contributions were around documentation and blogs.  These updates
21 | fed into Linkedin Posts by Ortelius members.
22 | 
23 | ## Governance updates
24 | 
25 | Governing Board and TOC meet once a quarter.
26 | - [Governing Board Meeting Notes](https://docs.google.com/document/d/1oJ2k0mcltc5C8_6xBYkYy_97dQudPcAT7yWIRFzO_lk/edit#heading=h.uwkmvfmryfjv)
27 | - [TOC Meeting Notes](https://docs.google.com/document/d/1ilQJqtkMOfamLo701WJ4ZQO-n5tWC5QJrbfv2O6JGU0/edit)
28 | 
29 | ## Security updates
30 | 
31 | Revonate runs on all (~40) repos keeping dependencies up to date.  CVEs are fixed within 2-3 days.
32 | 
33 | ## Fun Fact
34 | 
35 | Ortelius now runs on native Kubernetes cluster on top of Raspberry Pi hardware.  Instructions [here](https://ortelius.io/blog/2024/04/05/how-to-bake-an-ortelius-pi-part-1-the-hardware/)
36 | 


--------------------------------------------------------------------------------
/projects/ortelius/2024-q4.md:
--------------------------------------------------------------------------------
 1 | # Ortelius 2024 Q4
 2 | 
 3 | ## Roadmap
 4 | 
 5 | - Worked on adding Security Evidence into Jenkins. Researched the HTML plugin to add Ortelius Security Evidence into the Jenkins logs.  This would give security details (CVEs, OpenSSF Scorecard) for each pipeline run.
 6 | 
 7 | ## Features and release
 8 | 
 9 | - Features:
10 |   - No releases in Q4
11 | 
12 | ## Adoption updates
13 | 
14 | Add a couple of new members interested in how Ortelius helps organize security evidence.
15 | 
16 | ## Community Updates
17 | 
18 | Did the Ortelius Holiday party and Badge Recognition in December.
19 | 
20 | ## Governance updates
21 | 
22 | Governing Board and TOC meet once a quarter.
23 | - [Governing Board Meeting Notes](https://docs.google.com/document/d/1oJ2k0mcltc5C8_6xBYkYy_97dQudPcAT7yWIRFzO_lk/edit#heading=h.uwkmvfmryfjv)
24 | - No TOC Meeting
25 | 
26 | ## Security updates
27 | 
28 | Revonate runs on all (~40) repos keeping dependencies up to date.  CVEs are fixed within 2-3 days.
29 | 
30 | ## Fun Fact
31 | 
32 | Sacha Wharton, from South Africa, travelled to hang out at Sergio's home in Chile.
33 | 


--------------------------------------------------------------------------------
/projects/ortelius/2025-q1.md:
--------------------------------------------------------------------------------
 1 | # Ortelius 2025 Q1
 2 | 
 3 | ## Roadmap
 4 | 
 5 | - Determined that the Jenkins HTML plugin had cross-origin security enabled by default which prevented 'live' data from being presented.
 6 | - Met with a few folks from Jenkins to discuss alternatives.  Looks like Badging Plugin will be the best route.
 7 | 
 8 | ## Features and release
 9 | 
10 | - Features:
11 |   - Release new UI that updated the colors and icons to give the UI a better look and feel.
12 | 
13 | ## Adoption updates
14 | 
15 | No new adoptions that we are aware of
16 | 
17 | ## Community updates
18 | 
19 | Members worked to start the [CICD-Cybersecurity](https://github.com/cdfoundation/CICD-Cybersecurity) to bring Security and CI/CD together focusing on implementing security tools into CI/CD.
20 | 
21 | ## Governance updates
22 | 
23 | Governing Board and TOC meet once a quarter.
24 | - [Governing Board Meeting Notes](https://docs.google.com/document/d/13-QzYYOijKy6TVoVyMkny-h1KaWIbPBGU0sp0Q-pdNE/edit?tab=t.0#heading=h.uwkmvfmryfjv)
25 | - No TOC Meeting
26 | 
27 | ## Security updates
28 | 
29 | Revonate runs on all (~40) repos keeping dependencies up to date.  CVEs are fixed within 2-3 days.
30 | 
31 | ## Fun Fact
32 | 
33 | Ortelius maybe used as part of a members university programming course.  Stay tuned.
34 | 


--------------------------------------------------------------------------------
/projects/ortelius/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - Q1 2024: None provided
4 | - [Q2 2024](2024-q2.md)
5 | - [Q3 2024](2024-q3.md)
6 | - [Q4 2024](2024-q4.md)
7 | - [Q1 2025](2025-q1.md)
8 | 


--------------------------------------------------------------------------------
/projects/screwdriver/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Screwdriver 2024 Q2
 2 | 
 3 | ## Features and release
 4 | 
 5 | * Features:
 6 |   * Pipeline Stages [Link](https://github.com/screwdriver-cd/screwdriver/issues/2669)
 7 |     * Support pipeline stages in the UI validator. [Link](https://github.com/screwdriver-cd/ui/pull/1008)
 8 | 
 9 |   * Pipeline Template
10 |     * Add pipeline level customization for pipeline template [Link](https://github.com/screwdriver-cd/config-parser/pull/156)
11 | 
12 |   * Support Pieline Template in Validator [Link](https://github.com/screwdriver-cd/ui/pull/1010)
13 | 
14 |   * Display annotations and parameters for pipeline template
15 |   * Flatten shared config into pipeline template [Link](https://github.com/screwdriver-cd/config-parser/pull/157)
16 |   * Backend change to support marking pipeline template as trusted [Link](https://github.com/screwdriver-cd/screwdriver/issues/3056)
17 | 
18 |     * Display template information on the PR build details page [Link](https://github.com/screwdriver-cd/screwdriver/issues/2822)
19 | 
20 |   * Add sha filter for pipeline events
21 |   * Pipeline landing page refactoring the navbar and event cards position
22 |   
23 |   * Switch split view to spread view on the validator page [Link](https://github.com/screwdriver-cd/ui/pull/986)
24 | 
25 |   * Send build's cpu/memory info to pushgateway [Link](https://github.com/screwdriver-cd/launcher/pull/471)
26 | 
27 |   * Desktop notification [Link](https://github.com/screwdriver-cd/screwdriver/issues/2369)
28 | 
29 | * Bug Fixes:
30 |   * UI Improvements:
31 |     * Landing page performance improvement
32 |       * update pull request view model [Link](https://github.com/screwdriver-cd/ui/pull/996)
33 |       * remove redundant network calls [Link](https://github.com/screwdriver-cd/ui/pull/994)
34 |       * updating pipeline settings only requires 1 API call [Link](https://github.com/screwdriver-cd/ui/pull/998)
35 |       * Fix cache checking of event [Link](https://github.com/screwdriver-cd/ui/pull/1005)
36 |     * Stop button and job icon displays out of screen on UI. [Link](https://github.com/screwdriver-cd/screwdriver/issues/3049)
37 |     * Fixed an issue where the build status does not automatically change to warning upon build completion. [Link](https://github.com/screwdriver-cd/ui/pull/1011)
38 |     * Modified the UI so that it does not expand parameters when starting a build if no parameters are used in that build. [Link](https://github.com/screwdriver-cd/ui/pull/1017)
39 |     * Fixed a bug that allowed setting a JobNameLength beyond the limit. [Link](https://github.com/screwdriver-cd/ui/pull/1018)    
40 |     * Corrected the rendering of the sidebar on the collection page. [Link](https://github.com/screwdriver-cd/ui/pull/1021)
41 |     * Fix response statuscode when stop events with mismatched scm host. [Link](https://github.com/screwdriver-cd/screwdriver/pull/3071)
42 |     * Add pipelines/id/builds endpoint 
43 |     [Link](https://github.com/screwdriver-cd/screwdriver/pull/3070)
44 |     * Add filter to pipelines/id/jobs for pr jobs only
45 |     [Link](https://github.com/screwdriver-cd/screwdriver/pull/3078)
46 | 
47 |     * fix: subscribed-scm-notifications should respect the event types and allow PR job of upstream pipeline [Link](https://github.com/screwdriver-cd/screwdriver/pull/3095)
48 | 
49 |     * restore k8s hostname into build stats data [Link](https://github.com/screwdriver-cd/executor-k8s/pull/196)
50 | 
51 |     * Add stages to config-parser schema for pipeline template [Link](https://github.com/screwdriver-cd/data-schema/pull/564)
52 | 
53 |     * Workflow graph - Non stage jobs overlap into the stage [Link](https://github.com/screwdriver-cd/ui/pull/1045)
54 | 
55 | 
56 | ## Adoption updates
57 |   * No new adoptions that we are aware of
58 | 
59 | 
60 | ## Security updates
61 |   * Library and dependencies package updates.
62 |     * Upgrade @promster/hapi from 9.0.0 to 14.0.0 [Link](https://github.com/screwdriver-cd/screwdriver/pull/3094)
63 | 
64 |     * Update SD meta-cli to use [golang.org/x/net](http://golang.org/x/net) v0.23.0 [Link](https://github.com/screwdriver-cd/meta-cli/pull/83)
65 | 
66 |     * Update express to 4.19.2 [Link](https://github.com/screwdriver-cd/ui/pull/1029)
67 | 
68 |       
69 | ## Fun Fact:
70 |   * We have bi-weekly meeting with the community for anyone interested [here](https://github.com/screwdriver-cd/community#community-meetup)


--------------------------------------------------------------------------------
/projects/screwdriver/2024-q3.md:
--------------------------------------------------------------------------------
 1 | # Screwdriver Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | Component versions as of Q3 2024:
 6 | 
 7 | - API [v7.0.211](https://github.com/screwdriver-cd/screwdriver/releases/tag/v7.0.211)
 8 | - UI [v1.0.1048](https://github.com/screwdriver-cd/ui/releases/tag/v1.0.1048)
 9 | - Store [v6.0.0](https://github.com/screwdriver-cd/store/releases/tag/v6.0.0)
10 | - Queue-Service [v4.0.4](https://github.com/screwdriver-cd/queue-service/releases/tag/v4.0.4)
11 | - Launcher [v6.0.202](https://github.com/screwdriver-cd/launcher/releases/tag/v6.0.202)
12 | - Build Cluster Worker [v4.0.2](https://github.com/screwdriver-cd/buildcluster-queue-worker/releases/tag/v4.0.2)
13 | 
14 | Upcoming releases:
15 | 
16 | - Significant overhaul of the [UI pipeline landing page component](https://github.com/screwdriver-cd/screwdriver/issues/3200)
17 | - Fixes for issues with the use of [metadata](https://docs.screwdriver.cd/user-guide/metadata) in [remote trigger events](https://github.com/screwdriver-cd/screwdriver/issues/3234) and [frozen builds](https://github.com/screwdriver-cd/screwdriver/issues/3235)
18 | - Enhancements to the [visual representation](https://github.com/screwdriver-cd/screwdriver/issues/3211) and [usability](https://github.com/screwdriver-cd/screwdriver/issues/3181) of virtual job
19 | 
20 | ## Adoption updates
21 | 
22 | - [Actium Health](https://www.actiumhealth.com/)
23 | 
24 | ## Contribution trends
25 | 
26 | There are currently no new contributors. The latest adopter is primarily taking a passive role for now.
27 | 
28 | ## Security updates
29 | 
30 | - Updated body-parser [from 1.20.2 to 1.20.3](https://github.com/screwdriver-cd/ui/pull/1173)
31 | - Updated express [from 4.19.2 to 4.21.0](https://github.com/screwdriver-cd/ui/pull/1173)
32 | - Updated ws [from 8.11.0 to 8.17.1](https://github.com/screwdriver-cd/ui/pull/1107)
33 | - Updated socket.io [from 4.6.1 to 4.7.5](https://github.com/screwdriver-cd/ui/pull/1107)
34 | 
35 | ## Infrastructure updates
36 | 
37 | None at this time.
38 | 
39 | ## Fun facts
40 | 
41 | We have bi-weekly meeting with the community for anyone interested [here](https://github.com/screwdriver-cd/community#community-meetup)
42 | 


--------------------------------------------------------------------------------
/projects/screwdriver/2025-q1.md:
--------------------------------------------------------------------------------
 1 | # Screwdriver Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | Component versions as of Q1 2025:
 6 | 
 7 | - API [v8.0.16](https://github.com/screwdriver-cd/screwdriver/releases/tag/v8.0.16)
 8 | - UI [v1.0.1241](https://github.com/screwdriver-cd/ui/releases/tag/v1.0.1241)
 9 | - Store [v7.0.0](https://github.com/screwdriver-cd/store/releases/tag/v7.0.0)
10 | - Queue-Service [v5.0.1](https://github.com/screwdriver-cd/queue-service/releases/tag/v5.0.1)
11 | - Launcher [v6.0.221](https://github.com/screwdriver-cd/launcher/releases/tag/v6.0.221)
12 | - Build Cluster Worker [v5.0.1](https://github.com/screwdriver-cd/buildcluster-queue-worker/releases/tag/v5.0.1)
13 | 
14 | Notable releases:
15 | 
16 | - The [new pipeline landing page UI](https://github.com/screwdriver-cd/screwdriver/issues/3200) is now generally available (GA)
17 | - [Upgrade node.js to v22 LTS](https://github.com/screwdriver-cd/screwdriver/issues/3282)
18 | - [Enhancements to Pipeline Stages](https://github.com/pulls?q=is%3Apr+is%3Aclosed+user%3Ascrewdriver-cd+archived%3Afalse+closed%3A2024-10-01..2025-04-10+%22stages%22)
19 |   - [Ability to collapse and expand stage in the UI](https://github.com/screwdriver-cd/ui/pull/1342)
20 |   - [Reduce noisy edges to/from stages](https://github.com/screwdriver-cd/ui/pull/1321)
21 |   - [Adjust the border of stage in the workflow graph based on the status](https://github.com/screwdriver-cd/ui/pull/1357)
22 | - [Enhancements to Virtual job](https://github.com/pulls?q=is%3Apr+is%3Aclosed+user%3Ascrewdriver-cd+archived%3Afalse+closed%3A2024-10-01..2025-04-10+%22virtual%22)
23 |   - [Handle virtual job properly in remote triggers](https://github.com/screwdriver-cd/screwdriver/pull/3283)
24 |   - [Event Landing View & Job List View - Visually differentiate virtual job from normal job](https://github.com/screwdriver-cd/ui/pull/1229)
25 |   - [Set build status message while skipping execution of virtual job](https://github.com/screwdriver-cd/screwdriver/pull/3222)
26 |   - [Skip execution of virtual job and mark it as SUCCESS](https://github.com/screwdriver-cd/queue-service/pull/76)
27 | 
28 | Upcoming enhancements:
29 | 
30 | - Migrate [Classic Components to Glimmer](https://github.com/screwdriver-cd/screwdriver/issues/3300) in the UI
31 | - [Improvement of Workflow Graph UX](https://github.com/screwdriver-cd/screwdriver/issues/3301)
32 | 
33 | ## Adoption updates
34 | 
35 | - No new adoptions have occurred. However, there is significant interest from a user at Geico who is exploring setting up Screwdriver for a proof of concept (POC).
36 | 
37 | ## Contribution trends
38 | 
39 | There are no new contributors at this time. However, the project continues to maintain a steady pace of development. Over 200 pull requests were submitted in both Q4 2024 and Q1 2025, reflecting consistent activity and progress.
40 | 
41 | ## Security updates
42 | 
43 | - [bump serialize-javascript from 6.0.1 to 6.0.2](https://github.com/screwdriver-cd/ui/pull/1347)
44 | - [bump golang.org/x/crypto from 0.17.0 to 0.31.0](https://github.com/screwdriver-cd/sd-cmd/pull/61)
45 | - [bump webpack from 5.76.2 to 5.95.0](https://github.com/screwdriver-cd/ui/pull/1188)
46 | - [bump elliptic from 6.5.7 to 6.6.0](https://github.com/screwdriver-cd/ui/pull/1207)
47 | 
48 | ## Infrastructure updates
49 | 
50 | None at this time.
51 | 
52 | ## Fun facts
53 | 
54 | We have bi-weekly meeting with the community for anyone interested [here](https://github.com/screwdriver-cd/community#community-meetup)
55 | 


--------------------------------------------------------------------------------
/projects/screwdriver/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://github.com/cdfoundation/toc/issues/211#issuecomment-1977667539)
4 | - [Q2 2024](./2024-q2.md)
5 | - [Q3 2024](./2024-q3.md)
6 | 


--------------------------------------------------------------------------------
/projects/shipwright/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Shipwright Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | Project Shipwright released [v0.13.0](https://shipwright.io/blog/2024/03/27/shipwright-v0.13.0-is-here/) on May 6th 2024. As part of v0.13.0, we incorporate a significant amount of enhancements, bug fixes and features. 
 6 | 
 7 | After the v0.13.0, the community is focused on completing new features related to supply chain security, such as the recent addition of support for
 8 | vulnerability scanning of the images we build. End users can decide if a container image should be pushed to a registry, if a vulnerability is found.
 9 | 
10 | ## Adoption updates
11 | 
12 | We have newly independent contributors, the majority of whom are students. In addition to using Shipwright, they are also end users.
13 | 
14 | ## Contribution trends
15 | 
16 | 
17 | In the last months, we have seen an increase on contributions, from Pull Request to Issues, mainly on the [Build](https://github.com/shipwright-io/build) repository and [Operator](https://github.com/shipwright-io/operator). See [devstats](https://shipwright.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=1711922400000&to=1719784799000&var-period=m&var-metric=prs&var-repogroup_name=All&var-country_name=All&var-company_name=All&var-company=all&refresh=10s) example.
18 | 
19 | 
20 | ## Community updates
21 | 
22 | We continue to successfully run our community meetings on Monday's. We have been encouraging participation from members of other projects, such as Tekton, to foster closer collaboration.
23 | 
24 | ## Governance updates
25 | 
26 | Across our various Github repositories, we are updating the OWNERS file to reflect recent changes, see [example](https://github.com/shipwright-io/build/pull/1608). What does this means? We are promoting new contributors to the roles of `approvers` or `reviewers` based on their recent contributions and accumulated knowledge of the project, enabling them to assist in reviewing or approving other contributions.
27 | 
28 | 
29 | ## Security updates
30 | 
31 | Dependabot updates play a crucial role in keeping our go dependencies current with CVE’s. Building upon this, we’ve recently implemented a similar automation to streamline the process of updating our CI Github actions. Furthermore, we have been consistently updating all of our Build tools, such as [ko](https://github.com/ko-build/ko) and [buildpacks](https://github.com/paketo-buildpacks), using our custom automation, ensuring that our [Strategies](https://github.com/shipwright-io/build/tree/main/samples/v1beta1/buildstrategy) remain on the latest versions.
32 | 
33 | 
34 | ## Infrastructure updates
35 | 
36 | Our minimum supported Kubernetes version is now 1.27.
37 | 
38 | 
39 | ## Fun facts
40 | 
41 | <!-- Any other news the project would like to share -->


--------------------------------------------------------------------------------
/projects/shipwright/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://github.com/cdfoundation/toc/issues/211#issuecomment-1965132016)
4 | - [Q2 2024](2024-q2.md)


--------------------------------------------------------------------------------
/projects/spinnaker/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Spinnaker Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | Spinnaker [1.34.0](https://spinnaker.io/changelogs/1.34.0-changelog/) was released, including improved support for Kubernetes and ECS, and adding RBAC to Docker accounts. We're continuing on the Spinnaker modernization efforts and this new release includes a Spring Boot and Kotlin upgrade. Finally, we've included a new feature to allow for compressing pipeline exceptions, improving pipeline performance.
 6 | 
 7 | ## Contribution trends
 8 | 
 9 | Although there has been a [decrease in the number of contributors](https://spinnaker.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=20240201%2Fy&to=20240301%2Fy&var-period=d7), the project continues to benefit from a solid base of active participants. This steady involvement ensures ongoing progress and innovation.
10 | 
11 | ## Community updates
12 | 
13 | We meet as a TOC every 2 weeks and have weekly office hours on Tuesdays, in addition to the [SIG Meetings](https://github.com/spinnaker/governance/blob/master/sig-index.md#sig-meeting-calendar).
14 | 
15 | ## Infrastructure updates
16 | 
17 | Progress is still being made on the move to the monorepo, we've hit some snags with credentials, but have been working through them.
18 | 
19 | 


--------------------------------------------------------------------------------
/projects/spinnaker/2024-q3.md:
--------------------------------------------------------------------------------
 1 | # Spinnaker Update
 2 | ## Features and release
 3 | 1.35 was released in August compiled with Java 17 and using the Java 17 JRE.  There are a few changes including some requirements depending upon SPEL usage.  1.36 is incoming
 4 | shortly
 5 | 
 6 | ## Adoption updates
 7 | No new vendors/migrations/well known users at this time.  
 8 | 
 9 | ## Contribution trends
10 | Seeing some new and unique contributors which has been a positive.  But overall contributions are fairly flat at this time.  The majority of merges are updates and simple library patches, though GCP is getting
11 | some work on new features and ECS is getting performance enhancements.
12 | 
13 | ## Security updates
14 | No new security updates - advisors will continue to be published to https://github.com/spinnaker/spinnaker/security/advisories 
15 | and for contributions the security sig is still monitoring emails and reports of any vulnerabilities.
16 | 
17 | ## Infrastructure updates
18 | Monorepo release is imminent.  A demo has been done, and final touches on version changes and release process is being worked on.
19 | 
20 | 
21 | ## Fun facts
22 | 
23 | 


--------------------------------------------------------------------------------
/projects/spinnaker/2025-q1.md:
--------------------------------------------------------------------------------
 1 | # Spinnaker Update
 2 | 
 3 | ## Features and release
 4 | 1.36 was released at the end of November.  1.37.0 was released Feb 24th, 2025, but please use the latest patch release due to bugs found in the upgrade of retrofit to retrofit2.  As always test in lower environments BEFORE promotion to production environments and
 5 | please join the spinnaker slack for more help or information.  More information can be found in the release notes pages
 6 | * https://spinnaker.io/changelogs/1.36.0-changelog/
 7 | * https://spinnaker.io/changelogs/1.37.0-changelog/
 8 | 
 9 | Some big features of these releases:
10 | * 1.36 uses java 17 exclusively for runtime and compilation time.
11 | * Read-only support for pipeline API operations helping distribute the load in high performance environments
12 | * Helm when baking can use a file for values with LARGE numbers of inputs/overrides
13 | * There are new bulk update APIs for pipeline saves
14 | * there's new automation to support automatically disabling old/not run pipelines and can exclude these from the UI
15 | * Backoff periods on retries can be set in the pipelines now!
16 | * A number of google improvements from codebuild in the project to UI fixes 
17 | 
18 | There are some major incoming features anticipated which will change the functionality of how spinnaker stores data around pipelines, but nothing has been definitively published.
19 | 
20 | ## Adoption updates
21 | No new vendors/migrations/well known users at this time.  We've seen some interesting contributions from new names in the community and some new requests but not a significant change.  
22 | 
23 | ## Contribution trends
24 | Unique contributors has declined over the last few months.  BUT contributions as a whole have increased.  The primary contributors are still the same primary contributors from the last few years.  https://spinnaker.devstats.cd.foundation/d/74/contributions-chart?orgId=1.  Peak contributions to the project ended in 2021 with a steady downward trend since 2023.  
25 | https://spinnaker.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=now-5y&to=now-2d shows this drop as various contributors stopped publicly contributing. Netflix went to an internal fork and Google stopped contributing directly.  Salesforce is currently the leading contributor and maintainer of Spinnaker.
26 | 
27 | The spinnaker SIG leads and TOC has been separate for a long time.  There's now plans to merge these two groups into one leadership group for the spinnaker project.  Given reduced activity in the community, this would reduce the amount of
28 | meetings, direction and planning required for work.  This hasn't been officialy proposed but is under debate.
29 | 
30 | 
31 | ## Security updates
32 | No new security updates or issues.  Patches are being regularly applied.
33 | 
34 | ## Infrastructure updates
35 | 
36 | 
37 | ## Fun facts
38 | 
39 | 


--------------------------------------------------------------------------------
/projects/spinnaker/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://docs.google.com/document/d/135hMyMH4F7NPdCqEWnubZQR-g4uBgHWlxPidenWWNak/edit)
4 | - [Q2 2024](2024-q2.md)
5 | - [Q3 2024](2024-q3.md)
6 | - [Q1 2025](2025-q1.md) - This covers both Q4 2024 and Q1 2025.  Due to the holidays and scheduling 2024-q4 was skipped
7 | 


--------------------------------------------------------------------------------
/projects/tekton/2024-q2.md:
--------------------------------------------------------------------------------
 1 | # Tekton Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | The Tekton Pipelines project released a new long term support (LTS) release
 6 | [v0.59.0](https://github.com/tektoncd/pipeline/releases/tag/v0.59.0).
 7 | New features include further refinements to the new reusable steps
 8 | ["StepActions"](https://tekton.dev/docs/pipelines/stepactions/) as well as the
 9 | ongoing implementation of ["Artifacts"](https://tekton.dev/docs/pipelines/artifacts/),
10 | which allow step authors to produce input and output provenance.
11 | 
12 | ## Adoption updates
13 | 
14 | Dutch company [Kadaster adopted Tekton](https://github.com/tektoncd/community/blob/main/adopters.md)
15 | as their primary CI/CD solution.
16 | 
17 | ## Contribution trends
18 | 
19 | [Contributions to Tekton in Q2](https://tekton.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=20240301%2Fy&to=20240601%2Fy&var-period=d7)
20 | are comparable to those in Q1.
21 | 
22 | ## Community updates
23 | 
24 | The Tekton community formally applied to join the CNCF and is waiting for a review on its application.
25 | 
26 | ## Governance updates
27 | 
28 | The community welcomes [Chitrang Patel](https://github.com/chitrangpatel) from Google to the Tekton Governing Board!
29 | 


--------------------------------------------------------------------------------
/projects/tekton/2024-q3.md:
--------------------------------------------------------------------------------
 1 | # Tekton Update
 2 | 
 3 | ## Features and release
 4 | 
 5 | The Tekton Pipelines project released a new long term support (LTS) release
 6 | [v0.65.0](https://github.com/tektoncd/pipeline/releases/tag/v0.65.0). All new
 7 | releases moving forward will be hosted on the GitHub container registry `ghcr.io`.
 8 | New releases are available from the Tekton projects as well:
 9 | - [Triggers v0.29.1 LTS](https://github.com/tektoncd/triggers/releases/tag/v0.29.1)
10 | - [Chains v0.22.2](https://github.com/tektoncd/chains/releases/tag/v0.22.2)
11 | - [Results v0.12.1](https://github.com/tektoncd/results/releases/tag/v0.12.1)
12 | - [Dashboard v0.52 LTS](https://github.com/tektoncd/dashboard/releases/tag/v0.52.0)
13 | - [CLI v0.38.1](https://github.com/tektoncd/cli/releases/tag/v0.38.1)
14 | - [Operator v0.73.1 LTS](https://github.com/tektoncd/operator/releases/tag/v0.73.1)
15 | 
16 | ## Adoption updates
17 | 
18 | [Giant Swarm](https://github.com/tektoncd/community/blob/main/adopters.md): Tekton is used as our CI/CD solution
19 | for testing of Kubernetes cluster and app releases across multiple supported cloud and on-prem providers and for
20 | automation of OS image building.
21 | 
22 | ## Contribution trends
23 | 
24 | [Contributions to Tekton in Q3](https://tekton.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=1719788400000&to=1730764799000&var-period=m&var-metric=contributions&var-repogroup_name=All&var-country_name=All&var-company_name=All&var-company=all) have slowed down slightly, with focus on feature improvements and security
25 | fixes across the various projects.
26 | 
27 | ## Infrastructure updates
28 | 
29 | The community has been focusing on reducing the infrastructure spending, by moving new
30 | releases from `gcr.io` to the free-of-charge `ghcr.io` container repository.
31 | 


--------------------------------------------------------------------------------
/projects/tekton/2025-q1.md:
--------------------------------------------------------------------------------
 1 | # Tekton Update
 2 | 
 3 | ## Features and releases
 4 | 
 5 | The Tekton Pipelines project released a new long term support (LTS) release
 6 | [v0.68.0](https://github.com/tektoncd/pipeline/releases/tag/v0.68.0). The focus for the pipeline project is the April Target for releasing a v1.0.0, FIPS compliance and move some features to stable.
 7 | 
 8 | New releases are available from the Tekton projects as well:
 9 | - [Triggers v0.30.0 LTS](https://github.com/tektoncd/triggers/releases/tag/v0.30.0)
10 | - [Chains v0.24.0](https://github.com/tektoncd/chains/releases/tag/v0.24.0)
11 | - [Results v0.14.0](https://github.com/tektoncd/results/releases/tag/v0.14.0)
12 | - [Dashboard v0.54 LTS](https://github.com/tektoncd/dashboard/releases/tag/v0.54.0)
13 | - [CLI v0.40.0](https://github.com/tektoncd/cli/releases/tag/v0.40.0)
14 | - [Operator v0.74.1 LTS](https://github.com/tektoncd/operator/releases/tag/v0.74.1)
15 | 
16 | ## Contribution trends
17 | 
18 | [Contributions to Tekton in Q1](https://tekton.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=now%2FfQ&to=now%2FfQ&var-period=m&var-metric=contributions&var-repogroup_name=All&var-country_name=All&var-company_name=All&var-company=all) have slowed down slightly, with focus on feature improvements and security fixes across the various projects.
19 | 
20 | ## Infrastructure updates
21 | 
22 | The community has been continuing focus on reducing the infrastructure spending, by starting moving a lot of continuous integration prow jobs to GitHub workflows instead.
23 | 


--------------------------------------------------------------------------------
/projects/tekton/README.md:
--------------------------------------------------------------------------------
1 | # Project Updates
2 | 
3 | - [Q1 2024](https://docs.google.com/presentation/d/1b1OXWCw0kqRStshce3h__YT6QaeQ59Ft2hi0pomH0SE/edit?usp=sharing)
4 | - [Q2 2024](./2024-q2.md)
5 | - [Q3 2024](./2024-q3.md)


--------------------------------------------------------------------------------
/projects/update-template.md:
--------------------------------------------------------------------------------
 1 | # <Project Name> Update
 2 | 
 3 | <!-- Please fill in relevant sections only -->
 4 | 
 5 | ## Features and release
 6 | 
 7 | <!-- New interesting features that have been released or are being developed -->
 8 | 
 9 | ## Adoption updates
10 | 
11 | <!-- End users, vendors, open source projects adoptions -->
12 | 
13 | ## Contribution trends
14 | 
15 | <!-- Trends in contributions
16 | 
17 | When using devstat links, please make sure that the dates are absolute and not relative, for instance, see the dates 20240201 and 20240301 in the link below:
18 | 
19 | https://<project>.devstats.cd.foundation/d/74/contributions-chart?orgId=1&from=20240201%2Fy&to=20240301%2Fy&var-period=d7
20 | -->
21 | 
22 | ## Community updates
23 | 
24 | <!-- Contributors, maintainers, companies joining or leaving the project or taking up a new role in the community -->
25 | 
26 | ## Governance updates
27 | 
28 | <!-- High profile changes in policies, newly elected individuals -->
29 | 
30 | 
31 | ## Security updates
32 | 
33 | <!-- New security processes or checks, vulnerabilities -->
34 | 
35 | ## Infrastructure updates
36 | 
37 | <!-- Trends in infrastructure spending, major new infrastructure work -->
38 | 
39 | ## Fun facts
40 | 
41 | <!-- Any other news the project would like to share -->


--------------------------------------------------------------------------------
/proposals/README.md:
--------------------------------------------------------------------------------
 1 | # CDF Project Proposals
 2 | 
 3 | Please contribute your project proposal to this folder by adding your proposal via:
 4 | 
 5 |  - Add entry to the proposals [readme file](README.md)
 6 |  - Add your project proposal files to a sub directory in the proposals directory ie cdfoundation/toc/proposals/<proposal_name>
 7 | 
 8 | Project Incubating Approved:
 9 | 
10 |  - [Screwdriver](screwdriver/screwdriver.md) - Approved for Incubating 12.17.2019 by TOC
11 |  - [Ortelius](ortelius/ortelius.md) - Approved for Incubating 08.12.2020 by TOC
12 |  - [Shipwright](shipwright/shipwright.md) - Approved for Incubating 13.07.2021 by TOC
13 |  


--------------------------------------------------------------------------------
/proposals/cdevents/cdevents.md:
--------------------------------------------------------------------------------
  1 | # Project Proposal for CDEvents
  2 | 
  3 | ## Project Description
  4 | 
  5 | ### What does the project do?
  6 | 
  7 | CD Events are Cloud Events with events specific extensions and payload structure, which is based on the CD Event vocabulary. Cloud Events are being used as the starting point for the CD Events.  The project is not tied to Cloud Events exclusively and will adopt new technologies as appropriate. The goal of CD Events is to define a specification to enable a common communication between tools in the CI/CD chain. Companies no longer have single CI/CD tools and need tools to talk with each other.  Also, they need the ability to swap tools as new needs arise.  
  8 | 
  9 | ### Why it is valuable?
 10 | 
 11 | The CD Event project will provide visibility and ability for users to contribute to the specification. These contributions enable communication between tools to be standardized and adopted, providing a single view into the CI/CD pipeline.  
 12 | 
 13 | ### Background origin and history
 14 | 
 15 | The CD Events started as a SIG under the CDF.  The members of the SIG have defined an initial event vocabulary and implemented a Proof of Concept around that vocabulary.  The POC has been well received when presented at multiple conferences and online talks.  The SIG is a diverse group that includes contributors, CDF member companies, CDF projects and CNCF projects.
 16 | 
 17 | ## Alignment with CDF Charter Mission
 18 | 
 19 | ### Describe alignment with the charter
 20 | 
 21 | The CD Foundation’s strategic goals include driving the adoption of continuous delivery. CD Events fits into this strategy by providing a standard with which tools in the CD pipeline can communicate.  CD Events is CI/CD tool agnostic, supports any type of development language, and interacts with any cloud provider.  CD Events will enable existing CI/CD tools to communicate without writing a specific "plugin" into every tool, instead write once and communicate with may.
 22 | 
 23 | ## Code of Conduct
 24 | 
 25 | ### Link to Code of Conduct (if one is adopted)
 26 | 
 27 | The CD Events SIG is currently working under the CDF Code of Conduct.  The CD Events project will adopt the CDF Code of Conduct or Linux Foundation Code of Conduct as part of the acceptance as a project.
 28 | 
 29 | ## TOC Sponsors
 30 | 
 31 | - Andrea Frittoli
 32 | - Steve Taylor
 33 | 
 34 | ## Project License
 35 | 
 36 | - Link to Project License
 37 | [Apache 2.0](https://github.com/cdfoundation/sig-events/blob/main/LICENSE)
 38 | 
 39 | ## Source Code Control
 40 | 
 41 | - Link to Source Code Control (GitHub by default)
 42 | 
 43 | [Current repo](https://github.com/cdfoundation/sig-events) is under the CDF which is moving to [CDEvents GitHub Org](https://github.com/cdevents)
 44 | 
 45 | ## Issue Tracker
 46 | 
 47 | - Link to Issue Tracker (GitHub by default)
 48 | [Issues](https://github.com/cdevents/spec/issues)
 49 | 
 50 | ## External Dependencies
 51 | 
 52 | - List of dependencies with license
 53 | 
 54 | [GoLang](https://golang.org/LICENSE) - for the CD Events GoLang SDK
 55 | 
 56 | ## Release Methodology and Mechanics
 57 | 
 58 | ### Describe the release methodology and mechanics
 59 | 
 60 | CD Events will follow the typical Git Flow process using GitHub Pull Requests for handling changes to the repos.  Releases of the deliverables such as the SDK will be made available on the GitHub repo and will follow the [schematic versioning schema](https://semver.org/), i.e. v1.0.0.
 61 | 
 62 | ## Initial Committers
 63 | 
 64 | ## Members
 65 | 
 66 | Current members:
 67 | 
 68 | - Ravi Lachhman, [@ravilach](https://github.com/ravilach), Harness
 69 | - Andreas Grimmer, [@agrimmer](https://github.com/agrimmer), Dynatrace
 70 | - Emil Bäckmark, [@e-backmark-ericsson](https://github.com/e-backmark-ericsson), Ericsson
 71 | - Ramin Akhbari, ([@rakhbari](https://github.com/rakhbari)), eBay
 72 | - Mattias Linnér, [@m-linner-ericsson](https://github.com/m-linner-ericsson), Ericsson
 73 | - Andrea Frittoli, [@afrittoli](https://github.com/afrittoli), IBM
 74 | - Mauricio Salatino [@salaboy](https://github.com/salaboy), [VMware](https://vmware.com) [Knative Project](http://knative.dev)
 75 | - Steve Taylor [@sbtaylor15](https://github.com/sbtaylor15), [DeployHub](https://www.deployhub.com) / [Ortelius OS](https://ortelius.io)
 76 | - Tracy Ragan [@tracyragan](https://github.com/tracyragan), [DeployHub](https://www.deployhub.com) / [Ortelius OS](https://ortelius.io)
 77 | - Brad McCoy [@bradmccooydev](https://github.com/bradmccoydev), [Ortelius OS](https://ortelius.io)
 78 | - Erik Sternerson [@erkist](https://github.com/erkist), doWhile
 79 | - Cameron Motevasselani ([@link108](https://github.com/link108)), [Armory](https://www.armory.io/)
 80 | - Alois Reitbauer ([@aloisreitbauer](https://github.com/aloisreitbauer)), [Dynatrace](https://www.dynatrace.com/)
 81 | - Fredrik Fristedt [@fredjn](https://github.com/fredjn), Axis Communications
 82 | - Oleg Nenashev [@oleg-nenashev](https://github.com/oleg-nenashev), Jenkins
 83 | 
 84 | ## Governance
 85 | 
 86 | - Describe the project leadership team and decision-making process
 87 | 
 88 | Currently the project is using the [SIG Events governance](https://github.com/cdfoundation/sig-events#governance) and will be moving to its own "project" Governance.
 89 | 
 90 | [Governance](https://github.com/cdevents/spec/blob/main/governance.md) is starting point for the "project" governance.
 91 | 
 92 | - Link to any documented governance practices
 93 | 
 94 | [CDF SIG Governance](https://github.com/cdfoundation/toc/blob/master/GROUPS.md#sigs)
 95 | 
 96 | ## Preferred Maturity Level
 97 | 
 98 | We are requesting to be added as an *Incubating* project.
 99 | 
100 | ## Project Website
101 | 
102 | - Link to projects website
103 | [Project Site](https://github.com/cdevents) - The GitHub pages will be starting point for the project website.  Waiting on the LFX to obtain the events.cd domain name.
104 | 
105 | ## Communication Channels
106 | 
107 | - List Slack, Discord, IRC channels
108 | cdeliveryfdn.slack.com - sig-events channel
109 | 
110 | - List Email list
111 | [cevents-dev](https://groups.google.com/g/cdevents-dev)
112 | 
113 | - Twitter
114 | [@_cdevents](https://twitter.com/_cdevents)
115 | 
116 | ## Existing financial sponsorship
117 | 
118 | - List existing financial sponsorships
119 | None at this time
120 | 
121 | ## Infrastructure
122 | 
123 | - List existing infrastructure
124 | None at this time
125 | 
126 | - List new infrastructure needs
127 | Domain Name - events.cd
128 | Website - For the website we'll start with GitHub pages off the [spec repo](https://github.com/cdevents/spec).  Eventually we'd like to have a website repo with markdown content to be published probably via docsy/hugo.  We can publish tags/branches of the spec to the website so that people can select the version they want to browse - supported out of the box by docsy.
129 | 


--------------------------------------------------------------------------------
/proposals/ortelius/Ortelius-Architecture.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/ortelius/Ortelius-Architecture.png


--------------------------------------------------------------------------------
/proposals/ortelius/OrteliusPipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/ortelius/OrteliusPipeline.png


--------------------------------------------------------------------------------
/proposals/ortelius/dependencymap.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/ortelius/dependencymap.jpg


--------------------------------------------------------------------------------
/proposals/ortelius/diffview.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/ortelius/diffview.jpg


--------------------------------------------------------------------------------
/proposals/ortelius/impact.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/ortelius/impact.jpg


--------------------------------------------------------------------------------
/proposals/proposal_template.md:
--------------------------------------------------------------------------------
 1 | # Project Proposal for <Project Name>
 2 | 
 3 | ## Project Description
 4 | 
 5 | - What does the project do?
 6 | - Why it is valuable?
 7 | - Background origin and history
 8 | 
 9 | ## Alignment with CDF Charter Mission
10 | 
11 | - Describe alignment with the charter
12 | 
13 | ## Code of Conduct
14 | 
15 | - Link to Code of Conduct (if one is adopted)
16 | 
17 | ## TOC Sponsors
18 | 
19 | - Sponsor 1
20 | - Sponsor 2
21 | 
22 | ## Project License
23 | 
24 | - Link to Project License
25 | 
26 | ## Source Code Control
27 | 
28 | - Link to Source Code Control (GitHub by default)
29 | 
30 | ## Issue Tracker
31 | 
32 | - Link to Issue Tracker (GitHub by default)
33 | 
34 | ## External Dependencies
35 | 
36 | - List of dependencies with license
37 | 
38 | ## Release Methodology and Mechanics
39 | 
40 | - Describe the release methodology and mechanics
41 | 
42 | ## Initial Committers
43 | 
44 | - List of Committers
45 | 
46 | ## Governance
47 | 
48 | - Describe the project leadership team and decision-making process
49 | - Link to any documented governance practices
50 | 
51 | ## Preferred Maturity Level
52 | 
53 | - Incubating or Graduated
54 | 
55 | ## Project Website
56 | 
57 | - Link to projects website
58 | 
59 | ## Communication Channel
60 | 
61 | - List Slack, Discord, IRC channels
62 | - List Email list
63 | - List Facebook handle
64 | - List Twitter handle
65 | - List other social media accounts
66 | 
67 | ## Existing financial sponsorship
68 | 
69 | - List existing financial sponsorships
70 | 
71 | ## Infrastructure
72 | 
73 | - List existing infrastructure
74 | - List new infrastructure needs
75 | 


--------------------------------------------------------------------------------
/proposals/pyrsia/images/buildandverify.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/buildandverify.png


--------------------------------------------------------------------------------
/proposals/pyrsia/images/collaborate.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/collaborate.png


--------------------------------------------------------------------------------
/proposals/pyrsia/images/dist-ledger.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/dist-ledger.png


--------------------------------------------------------------------------------
/proposals/pyrsia/images/powerlines.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/powerlines.png


--------------------------------------------------------------------------------
/proposals/pyrsia/images/slsa.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/slsa.png


--------------------------------------------------------------------------------
/proposals/pyrsia/images/trustednodes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/pyrsia/images/trustednodes.png


--------------------------------------------------------------------------------
/proposals/pyrsia/pyrsia-deps.md:
--------------------------------------------------------------------------------
  1 | # Pyrsia Dependencies and Licenses
  2 | 
  3 | * (Apache-2.0 OR MIT) AND BSD-3-Clause
  4 |   * encoding_rs
  5 | * BSD OR Apache-2.0 OR MIT
  6 |   * adler
  7 | * Apache-2.0:
  8 |   * aleph-bft
  9 |   * hmac-drbg
 10 |   * libsecp256k1
 11 |   * libsecp256k1-core
 12 |   * libsecp256k1-gen-ecmult
 13 |   * openssl
 14 |   * parity-scale-codec
 15 |   * parity-scale-codec-derive
 16 |   * prost
 17 |   * prost-build
 18 |   * prost-derive
 19 |   * prost-types
 20 | * Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR MIT
 21 |   * wasi
 22 | * Apache-2.0 OR BSD-2-Clause OR MIT
 23 |   * wepoll-ffi
 24 | * Apache-2.0 OR BSL-1.0
 25 |   * ryu
 26 | * Apache-2.0 OR CC0-1.0
 27 |   * blake3
 28 | * Apache-2.0 OR ISC OR MIT
 29 |   * rustls
 30 |   * sct
 31 | * Apache-2.0 OR MIT
 32 |   * aead
 33 |   * aes
 34 |   * aes-gcm
 35 |   * ahash
 36 |   * anyhow
 37 |   * arrayvec
 38 |   * async-channel
 39 |   * async-executor
 40 |   * async-global-executor
 41 |   * async-io
 42 |   * async-lock
 43 |   * async-mutex
 44 |   * async-process
 45 |   * async-std
 46 |   * async-std-resolver
 47 |   * async-task
 48 |   * async-trait
 49 |   * atomic-waker
 50 |   * autocfg
 51 |   * base64
 52 |   * bimap
 53 |   * bit-vec
 54 |   * bitflags
 55 |   * blake2
 56 |   * block-buffer
 57 |   * block-padding
 58 |   * blocking
 59 |   * bs58
 60 |   * bumpalo
 61 |   * cache-padded
 62 |   * cc
 63 |   * cfg-if
 64 |   * chacha20
 65 |   * chacha20poly1305
 66 |   * cipher
 67 |   * clap
 68 |   * clap_derive
 69 |   * clap_lex
 70 |   * cmake
 71 |   * concurrent-queue
 72 |   * core-foundation
 73 |   * core-foundation-sys
 74 |   * core2
 75 |   * cpufeatures
 76 |   * crc32fast
 77 |   * crossbeam-channel
 78 |   * crossbeam-deque
 79 |   * crossbeam-epoch
 80 |   * crossbeam-utils
 81 |   * crypto-common
 82 |   * crypto-mac
 83 |   * ctor
 84 |   * ctr
 85 |   * derivative
 86 |   * derive_builder
 87 |   * derive_builder_core
 88 |   * derive_builder_macro
 89 |   * digest
 90 |   * digest
 91 |   * directories
 92 |   * dirs
 93 |   * dirs-sys
 94 |   * dns-parser
 95 |   * dtoa
 96 |   * ed25519
 97 |   * either
 98 |   * enum-as-inner
 99 |   * env_logger
100 |   * error-chain
101 |   * event-listener
102 |   * fastrand
103 |   * fixed-hash
104 |   * fixedbitset
105 |   * flate2
106 |   * fnv
107 |   * foreign-types
108 |   * foreign-types-shared
109 |   * form_urlencoded
110 |   * futures
111 |   * futures-channel
112 |   * futures-core
113 |   * futures-executor
114 |   * futures-io
115 |   * futures-lite
116 |   * futures-macro
117 |   * futures-rustls
118 |   * futures-sink
119 |   * futures-task
120 |   * futures-timer
121 |   * futures-util
122 |   * getrandom
123 |   * ghash
124 |   * gloo-timers
125 |   * hashbrown
126 |   * heck
127 |   * heck
128 |   * hermit-abi
129 |   * hex
130 |   * hex_fmt
131 |   * hmac
132 |   * http
133 |   * httparse
134 |   * humantime
135 |   * hyper-tls
136 |   * ident_case
137 |   * idna
138 |   * if-watch
139 |   * impl-codec
140 |   * impl-trait-for-tuples
141 |   * indexmap
142 |   * ipconfig
143 |   * ipnet
144 |   * itertools
145 |   * itoa
146 |   * jobserver
147 |   * js-sys
148 |   * kv-log-macro
149 |   * lazy_static
150 |   * libc
151 |   * libz-sys
152 |   * linked-hash-map
153 |   * lock_api
154 |   * log
155 |   * lru-cache
156 |   * maplit
157 |   * match_cfg
158 |   * mime
159 |   * miow
160 |   * multimap
161 |   * native-tls
162 |   * nohash-hasher
163 |   * ntapi
164 |   * num-traits
165 |   * num_cpus
166 |   * num_threads
167 |   * once_cell
168 |   * opaque-debug
169 |   * openssl-probe
170 |   * os_str_bytes
171 |   * parity-send-wrapper
172 |   * parking
173 |   * parking_lot
174 |   * parking_lot_core
175 |   * paste
176 |   * percent-encoding
177 |   * petgraph
178 |   * pin-project
179 |   * pin-project-internal
180 |   * pin-project-lite
181 |   * pin-utils
182 |   * pkg-config
183 |   * polling
184 |   * poly1305
185 |   * polyval
186 |   * ppv-lite86
187 |   * pretty_env_logger
188 |   * primitive-types
189 |   * proc-macro-crate
190 |   * proc-macro-error
191 |   * proc-macro-error-attr
192 |   * proc-macro2
193 |   * prometheus-client
194 |   * prometheus-client-derive-text-encode
195 |   * quick-error
196 |   * quicksink
197 |   * quote
198 |   * rand
199 |   * rand_chacha
200 |   * rand_core
201 |   * rand_hc
202 |   * rayon
203 |   * rayon-core
204 |   * regex
205 |   * regex-syntax
206 |   * remove_dir_all
207 |   * reqwest
208 |   * resolv-conf
209 |   * rustc-hex
210 |   * rustc_version
211 |   * rustversion
212 |   * salsa20
213 |   * scoped-tls
214 |   * scopeguard
215 |   * security-framework
216 |   * security-framework-sys
217 |   * semver
218 |   * serde
219 |   * serde-big-array
220 |   * serde_bytes
221 |   * serde_derive
222 |   * serde_json
223 |   * serde_urlencoded
224 |   * sha-1
225 |   * sha2
226 |   * sha3
227 |   * signal-hook
228 |   * signal-hook-registry
229 |   * signature
230 |   * smallvec
231 |   * snow
232 |   * socket2
233 |   * soketto
234 |   * stable_deref_trait
235 |   * static_assertions
236 |   * syn
237 |   * system-configuration
238 |   * system-configuration-sys
239 |   * tempfile
240 |   * test-log
241 |   * thiserror
242 |   * thiserror-impl
243 |   * time
244 |   * toml
245 |   * trust-dns-proto
246 |   * trust-dns-resolver
247 |   * typenum
248 |   * uint
249 |   * unicase
250 |   * unicode-bidi
251 |   * unicode-normalization
252 |   * unicode-segmentation
253 |   * unicode-xid
254 |   * universal-hash
255 |   * url
256 |   * uuid
257 |   * value-bag
258 |   * vcpkg
259 |   * version_check
260 |   * waker-fn
261 |   * wasm-bindgen
262 |   * wasm-bindgen-backend
263 |   * wasm-bindgen-futures
264 |   * wasm-bindgen-macro
265 |   * wasm-bindgen-macro-support
266 |   * wasm-bindgen-shared
267 |   * web-sys
268 |   * widestring
269 |   * winapi
270 |   * winapi-i686-pc-windows-gnu
271 |   * winapi-x86_64-pc-windows-gnu
272 |   * windows
273 |   * windows-sys
274 |   * windows_aarch64_msvc
275 |   * windows_i686_gnu
276 |   * windows_i686_msvc
277 |   * windows_x86_64_gnu
278 |   * windows_x86_64_msvc
279 |   * yamux
280 |   * zeroize
281 |   * zeroize_derive
282 | * Apache-2.0 OR MIT OR X11
283 |   * confy
284 | * Apache-2.0 OR MIT OR Zlib
285 |   * miniz_oxide
286 |   * tinyvec
287 |   * tinyvec_macros
288 | * BSD-2-Clause
289 |   * arrayref
290 | * BSD-2-Clause OR MIT
291 |   * asn1_der
292 | * BSD-3-Clause
293 |   * curve25519-dalek
294 |   * ed25519-dalek
295 |   * instant
296 |   * subtle
297 |   * x25519-dalek
298 | * BSD-3-Clause OR MIT
299 |   * if-addrs
300 | * CC0-1.0
301 |   * constant_time_eq
302 |   * keccak
303 | * ISC
304 |   * untrusted
305 | * MIT
306 |   * async-stream
307 |   * async-stream-impl
308 |   * asynchronous-codec
309 |   * atty
310 |   * bincode
311 |   * bitvec
312 |   * blake2b_simd
313 |   * blake2s_simd
314 |   * byte-slice-cast
315 |   * byte-unit
316 |   * bytes
317 |   * convert_case
318 |   * crunchy
319 |   * cuckoofilter
320 |   * darling
321 |   * darling_core
322 |   * darling_macro
323 |   * data-encoding
324 |   * derive_more
325 |   * filename
326 |   * fs_extra
327 |   * funty
328 |   * generic-array
329 |   * h2
330 |   * headers
331 |   * headers-core
332 |   * hostname
333 |   * http-body
334 |   * hyper
335 |   * libp2p
336 |   * libp2p-autonat
337 |   * libp2p-core
338 |   * libp2p-core
339 |   * libp2p-deflate
340 |   * libp2p-dns
341 |   * libp2p-floodsub
342 |   * libp2p-gossipsub
343 |   * libp2p-identify
344 |   * libp2p-kad
345 |   * libp2p-mdns
346 |   * libp2p-metrics
347 |   * libp2p-mplex
348 |   * libp2p-noise
349 |   * libp2p-ping
350 |   * libp2p-plaintext
351 |   * libp2p-pnet
352 |   * libp2p-relay
353 |   * libp2p-rendezvous
354 |   * libp2p-request-response
355 |   * libp2p-swarm
356 |   * libp2p-swarm-derive
357 |   * libp2p-tcp
358 |   * libp2p-uds
359 |   * libp2p-wasm-ext
360 |   * libp2p-websocket
361 |   * libp2p-yamux
362 |   * lru
363 |   * matches
364 |   * memoffset
365 |   * mime_guess
366 |   * mio
367 |   * multiaddr
368 |   * multihash
369 |   * multihash-derive
370 |   * multistream-select
371 |   * netlink-packet-core
372 |   * netlink-packet-route
373 |   * netlink-packet-utils
374 |   * netlink-proto
375 |   * netlink-sys
376 |   * nix
377 |   * openssl-sys
378 |   * owning_ref
379 |   * prost-codec
380 |   * radium
381 |   * redox_syscall
382 |   * redox_users
383 |   * rtnetlink
384 |   * rw-stream-sink
385 |   * rw-stream-sink
386 |   * schannel
387 |   * serial_test
388 |   * serial_test_derive
389 |   * slab
390 |   * spin
391 |   * stringreader
392 |   * strsim
393 |   * strum
394 |   * strum_macros
395 |   * synstructure
396 |   * sysinfo
397 |   * tap
398 |   * textwrap
399 |   * tokio
400 |   * tokio-macros
401 |   * tokio-native-tls
402 |   * tokio-stream
403 |   * tokio-test
404 |   * tokio-util
405 |   * tokio-util
406 |   * tower-service
407 |   * tracing
408 |   * tracing-attributes
409 |   * tracing-core
410 |   * try-lock
411 |   * unsigned-varint
412 |   * utf8-width
413 |   * void
414 |   * want
415 |   * warp
416 |   * wasm-timer
417 |   * which
418 |   * winreg
419 |   * winreg
420 |   * wyz
421 | * MIT OR Unlicense
422 |   * aho-corasick
423 |   * byteorder
424 |   * memchr
425 |   * same-file
426 |   * termcolor
427 |   * walkdir
428 |   * winapi-util
429 | * MPL-2.0
430 |   * webpki-roots
431 | * N/A
432 |   * defaults
433 |   * ring
434 |   * string_manipulation
435 |   * webpki
436 | 


--------------------------------------------------------------------------------
/proposals/screwdriver/SDarch.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/screwdriver/SDarch.png


--------------------------------------------------------------------------------
/proposals/screwdriver/SDpipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cdfoundation/toc/94b83cbe61aa6afba5e2ffba887a7140e353fc62/proposals/screwdriver/SDpipeline.png


--------------------------------------------------------------------------------
/proposals/screwdriver/screwdriver.md:
--------------------------------------------------------------------------------
  1 | # CD Foundation Proposal for Screwdriver
  2 | 
  3 | 
  4 | ## Name of project
  5 | Screwdriver
  6 | 
  7 | ## Summary
  8 | ### Proposal
  9 | We seek [Screwdriver](https://screwdriver.cd) to be accepted as an incubation project with the Continuous Delivery Foundation. The CD Foundation is becoming the neutral home for open source CI/CD technology. Screwdriver is a mature CI/CD platform that is completely open source and seeks to develop our community and adoption under the guidance of our peers in the foundation.
 10 | 
 11 | ### Rationale
 12 | Screwdriver operates at scale and in production at Verizon Media and Yahoo Japan.  We’d like to grow the community and incorporate more thought leadership from the CD Foundation to help guide the development of this platform so that it continues to track industry trends in the CI/CD space.
 13 | 
 14 | ### Project description
 15 | Screwdriver is an open source CI/CD platform that orchestrates and implements the build and release workflow for complex software projects. [Our recent presentation to the CD Foundation](https://docs.google.com/presentation/d/1LNv-VlI0g9pcSra18sEmrLJ1lw-O2V5wpBfG9YV-Ink/edit#slide=id.g5ce0c2ee90_0_200) highlights Screwdriver’s architecture, features, capabilities, and community. Users can implement our screwdriver-in-a-box solution using Docker Compose or a Kubernetes Helm chart for deploying the entire Screwdriver ecosystem into their environment. 
 16 | 
 17 | Screwdriver was built with extensibility in mind. It supports multiple plugins: 
 18 | - Source Code Management (GitHub, GitLab, Bitbucket)
 19 | - Executors (Kubernetes, Docker, Jenkins, AWS EC2)
 20 | - Databases (Postgres, MySQL, MariaDB, SQLite)
 21 | - Microservices/Bookends (artifact, build, cache, coverage)
 22 | 
 23 | In cases where a desired plugin is not available, users can create their own and contribute back to the project. This flexibility makes Screwdriver suitable for many different types of applications, including web, mobile, services, and grid.
 24 | 
 25 | Screwdriver supports the Kubernetes cloud, and it has built-in secret management, pipeline and user-scoped tokens, and VM-based builds using Hyper container. We achieve scalability by allowing users to set up Screwdriver with multiple build clusters. Screwdriver admins can provide a native hot/hot HA solution with multiple clusters on standby. This also opens up the possibility for teams to bring their own clusters into Screwdriver, allowing them to run their builds in their own infrastructure. 
 26 | 
 27 | Screwdriver also achieves scalability by supporting advanced build cache features, allowing the builds to run faster. Our build metrics user interface enables users to visualize the build performance trends over time. Screwdriver also supports advanced workflow features such as native support for mono-repos, feature branch builds, remote triggers, and easy rollback.
 28 | 
 29 | ![Screwdriver Architecture Diagram](./SDarch.png)
 30 | 
 31 | <I>Screwdriver Architecture Diagram</I>
 32 | 
 33 | ![Screwdriver Pipeline Example](./SDpipeline.png)
 34 | 
 35 | <I>Screwdriver Pipeline Example</I>
 36 | 
 37 | 
 38 | 
 39 | 
 40 | 
 41 | ## Origin and History
 42 | Historically, development teams at Yahoo managed their own build, test, and release pipelines. Each team operated separately, working to find their own solutions to meet the demands of the company’s high standards and rapid pace. Most of the teams were relying on adhoc release processes. We needed a CI/CD solution that would scale to our volume.
 43 | 
 44 | Screwdriver was designed and built ground up with the scale, security, and workflow needs of developers in mind. We open sourced Screwdriver in 2016 and continue to evolve the project using the greatest technologies and best CI/CD practices. 
 45 | 
 46 | ## Statement on alignment with foundation charter's mission
 47 | 
 48 | The CD Foundation’s mission articulates four values: The value of continuous delivery to manage development operations; open source to encourage open development; fostering a vendor neutral ecosystem; and collaboration among practitioners. The Screwdriver team and community shares these values. 
 49 | 
 50 | We developed Screwdriver under the mantra “no humans involved.” We invested many person-years to create an automation platform that supports reproducibility, reliability, and quality of software projects. We believe in automation and are committed to reducing manual interaction with the testing and deployment process. We designed our solution to be open source and vendor neutral. Screwdriver is not tied to any proprietary tools for deployment. We use popular open source container and deployment technologies such as Kubernetes and Docker. We demonstrate our commitment to collaboration by working with peers at Yahoo Japan, and by proposing to join this foundation to help further expand our collaboration. 
 51 | 
 52 | ## Growth Plan
 53 | [This document](https://github.com/screwdriver-cd/community/blob/master/docs/Screwdriver%20Open%20Source%20Community%20Growth%20Plan.pdf) captures what we seek by joining the CDF.
 54 | 
 55 | ## Link to *current* Code of Conduct (if one is adopted already)
 56 | https://github.com/screwdriver-cd/screwdriver/blob/master/code-of-conduct.md
 57 | 
 58 | ## Sponsor from TOC, if identified (a sponsor helps mentor projects)
 59 | N/A
 60 | 
 61 | ## Project license 
 62 | BSD-3-Clause
 63 | 
 64 | ## Source control (GitHub by default)
 65 | https://github.com/screwdriver-cd
 66 | 
 67 | ## Issue tracker (GitHub by default)
 68 | https://github.com/screwdriver-cd/screwdriver/issues
 69 | 
 70 | ## External dependencies (including licenses)
 71 | https://docs.screwdriver.cd/cluster-management/dependencies
 72 | 
 73 | ## Release methodology and mechanics
 74 | * Using semantic release package to handle versioning - 
 75 | https://github.com/semantic-release/semantic-release
 76 | * Publish Docker containers for UI, API, Store, etc - 
 77 | https://cloud.docker.com/u/screwdrivercd/repository/list
 78 | * Explanation of major features found in Docker image versions is explained in blog posts - 
 79 | https://blog.screwdriver.cd; we Docker tag blog-published versions with “stable” and the newest with “latest”
 80 | * Blog posts are announced on Slack (#general channel) - 
 81 | https://screwdriver-cd.slack.com
 82 | 
 83 | ## Names of initial committers, if different from those submitting proposal
 84 | * Original main contributors not on proposal: [St. John Johnson](https://github.com/stjohnjohnson), [Jeremiah Wuenschel](https://github.com/jer), [Noah Katzman](https://github.com/nkatzman), [Peter Peterson](https://github.com/petey), and [Darren Matsumoto](https://github.com/FenrirUnbound)
 85 | * Current team: [Dao Lam](https://github.com/d2lam), [Dekus Lam](https://github.com/DekusDenial), [Jithin Emmanuel](https://github.com/jithine),[ Min Zhang](https://github.com/minz1027), [Tiffany Kyi](https://github.com/tkyi), [Lakshminarasimhan Parthasarathy](https://github.com/parthasl), [Alan Dong](https://github.com/adong) and [Venu Narayanabhatla](https://github.com/vnugopal)
 86 | * Also partners from Yahoo Japan: [Ryosuke Nakayama](https://github.com/catto), [Keisuke Kumada](https://github.com/kumada626), [Yoshika Shota](https://github.com/s-yoshika), [Teppei Minegishi](https://github.com/sakka2), [Hiroki Takatsuka](https://github.com/tk3fftk), [Kenta Kawaharada](https://github.com/wahapo),[ Yomei Komiya](https://github.com/wdstar), [Yuya Takahashi](https://github.com/y-takaha5hi), [Yuta Ohkawara](https://github.com/yokawara), [Yoshiyuki Watanabe](https://github.com/yoshwata), [Yuichi Sawada](https://github.com/yuichi10), [Kazuki Kokufuda](https://github.com/kkokufud)
 87 | 
 88 | ## Briefly describe the project's leadership team and decision-making process
 89 | [Jithin Emmanuel](https://github.com/jithine) is the Screwdriver product owner at Verizon Media and is responsible for leading the primary development effort. He has a team of six engineers that form the core contributor community for the project. 
 90 | 
 91 | Major design decisions are discussed and documented in the [primary repository’s design directory](https://github.com/screwdriver-cd/screwdriver/tree/master/design), and community priorities are established via the [project’s GitHub Kanban board](https://github.com/screwdriver-cd/screwdriver/projects/4). Priorities are determined based on the requirements of the two primary companies that are involved in development work and we have biweekly meetings to sync priorities between community participants. These meetings are open up to the public for transparency and collaboration and meeting details can be found at [Screwdriver community repository](https://github.com/screwdriver-cd/community/#community-meetup).
 92 | 
 93 | ## Link to any documented governance practices
 94 | Contributing docs - https://docs.screwdriver.cd/about/contributing/index
 95 | 
 96 | ## Preferred maturity level (see stages below)
 97 | Incubation
 98 | 
 99 | ## List of project's official communication channels (slack, irc, mailing lists)
100 | * Slack: https://screwdriver-cd.slack.com
101 | * Stack Overflow: https://stackoverflow.com/questions/tagged/screwdriver-cd
102 | 
103 | ## Link to project's website 
104 | * Homepage - https://screwdriver.cd
105 | * Documentation - https://docs.screwdriver.cd
106 | 
107 | ## Links to social media accounts
108 | * Tumblr: https://blog.screwdriver.cd
109 | * Twitter: https://twitter.com/screwdrivercd
110 | * Meetup: https://www.meetup.com/Bay-Area-CICD-and-DevOps-Meetup
111 | 
112 | ## Existing financial sponsorship
113 | Project infrastructure is sponsored by Verizon Media. The core committers are Verizon Media and Yahoo Japan employees.
114 | 
115 | ## Infrastructure needs or requests
116 | We want to be associated with and have a presence in CD foundation events that enable developers around the world to leverage, contribute, and take advantage of our open source offering. We would also like to have the foundation assist with setting up a truly open Screwdriver instance for everyone to experiment and contribute to it.
117 | 


--------------------------------------------------------------------------------
/proposals/shipwright/shipwright.md:
--------------------------------------------------------------------------------
  1 | # CD Foundation Proposal for Shipwright
  2 | 
  3 | ## Name of Project
  4 | 
  5 | Shipwright
  6 | 
  7 | ## Summary
  8 | 
  9 | ### Proposal
 10 | 
 11 | [Shipwright](https://shipwright.io) is a framework for building container images on Kubernetes.
 12 | Shipwright is based on years of experience developing and operating [OpenShift Builds](https://docs.openshift.com/container-platform/4.7/cicd/builds/understanding-image-builds.html) as part of the OpenShift platform, with contributions from the [IBM Cloud Code Engine](https://www.ibm.com/cloud/code-engine) team.
 13 | Shipwright powers IBM Cloud Code Engine container image builds, and is expected to form the foundation of the OpenShift Builds v2 product to be released in Tech Preview later this year.
 14 | 
 15 | Building container images reliably, securely, and efficiently is increasingly becoming a core function of a modern cloud native delivery pipeline, and Shipwright intends to be a flexible and powerful tool to meet the needs of developers, operators, security auditors, and more.
 16 | 
 17 | ### Rationale
 18 | 
 19 | We believe the CD Foundation is the correct home for Shipwright.
 20 | 
 21 | 1. Shipwright is built on Tekton, a CDF project since its founding. Sharing foundation ownership seems natural.
 22 | 1. The Shipwright project has so far been a joint venture between teams in Red Hat OpenShift and IBM Cloud Code Engine, but we heartily welcome contributions from others, and we expect neutral ownership to help toward that goal.
 23 | 
 24 | ## Statement on Alignment with Foundation Charter's Mission
 25 | 
 26 | Building container images is a common task in modern continuous delivery pipelines, and Shipwright makes building container images on Kubernetes easy, flexible, and secure.
 27 | 
 28 | ## Link to *current* Code of Conduct (if one is adopted already)
 29 | 
 30 | [Code of Conduct](https://github.com/shipwright-io/community/blob/main/code-of-conduct.md)
 31 | 
 32 | ## Sponsor from TOC, if identified (a sponsor helps mentor projects)
 33 | 
 34 | None yet identified
 35 | 
 36 | ## Project license
 37 | 
 38 | Apache 2.0
 39 | 
 40 | ## Source control (GitHub by default)
 41 | 
 42 | [Shipwright GitHub Repo](https://github.com/shipwright-io)
 43 | 
 44 | ## Issue tracker (GitHub by default)
 45 | 
 46 | [Shipwright Build Issue Tracker](https://github.com/shipwright-io/build/issues)
 47 | 
 48 | ## External dependencies (including licenses)
 49 | 
 50 | Tekton, Kubernetes (Apache 2.0)
 51 | 
 52 | Code dependencies: https://github.com/shipwright-io/build/blob/main/go.mod
 53 | 
 54 | ## Release methodology and mechanics
 55 | 
 56 | We have adopted a six-week release cadence over the last two releases.
 57 | Releases are largely automated using GitHub Actions at this time.
 58 | Released images are available on [Quay.io](https://quay.io/shipwright/build-operator), and installable release YAMLs are available in [GitHub Releases](https://github.com/shipwright-io/build/releases).
 59 | 
 60 | ## Names of initial committers, if different from those submitting proposal
 61 | 
 62 | Initial committers are same as ones submitting proposal.
 63 | 
 64 | ## Briefly describe the project's leadership team and decision-making process
 65 | 
 66 | Leadership team:
 67 | - [Shoubhik Bose](https://github.com/sbose78) (Red Hat)
 68 | - [Enrique Encalada](https://github.com/qu1queee) (IBM)
 69 | - [Adam Kaplan](https://github.com/adambkaplan) (Red Hat)
 70 | 
 71 | The Shipwright community holds public weekly meetings to discuss relevant topics.
 72 | 
 73 | Decisions are made by rough consensus, without any formal governance structure at this time.
 74 | We intend to formalize project governance over time, with CD Foundation's help and guidance.
 75 | 
 76 | ## Link to any documented governance practices
 77 | 
 78 | - [Contributing Guidelines](https://github.com/shipwright-io/build/blob/main/CONTRIBUTING.md)
 79 | 
 80 | ## Preferred maturity level (see stages below)
 81 | 
 82 | Incubation
 83 | 
 84 | ## List of project's official communication channels (slack, irc, mailing lists)
 85 | 
 86 | - `#shipwright` in the Kubernetes Slack (https://slack.k8s.io)
 87 | - [@shipwrightio](https://twitter.com/shipwrightio) on Twitter
 88 | - Mailing lists for [users](https://lists.shipwright.io/archives/list/shipwright-users@lists.shipwright.io/) and [developers](https://lists.shipwright.io/archives/list/shipwright-dev@lists.shipwright.io/)
 89 | 
 90 | ## Link to project's website
 91 | 
 92 | - [Homepage](https://shipwright.io)
 93 | 
 94 | ## Existing financial sponsorship
 95 | 
 96 | Project infrastructure is sponsored by Red Hat using Netlify.
 97 | Current core contributors are Red Hat and IBM employees.
 98 | 
 99 | ## Infrastructure needs or requests
100 | 
101 | None at this time.
102 | 


--------------------------------------------------------------------------------
/sigs/README.md:
--------------------------------------------------------------------------------
 1 | # CDF Special Interest Groups ("SIGs")
 2 | 
 3 | The CDF TOC Special Interest Groups scale contributions by the CDF technical and user community,
 4 | while retaining integrity and increasing quality in support of our mission.
 5 | 
 6 | TOC and TOC Contributors have fulfilled SIG duties in the past and will continue to do so until a specific SIG takes on that responsibility.
 7 | 
 8 | ## SIG Formation Process
 9 | 
10 | TOC will identify at least one voting member as TOC Liason for each [proposed SIG](proposed.md). The SIG TOC Liason will work with TOC contributors identify prospective chairs and draft the initial charter (see worked example, then submit a pull request with document referencing the roles and charter, updating the list of current SIGs below.
11 | 
12 | More details regarding SIG processes can be seen on [this link](https://github.com/cdfoundation/toc/blob/master/GROUPS.md#sigs).
13 | 
14 | ## Current SIGS
15 | 
16 | | Name | Area | TOC Sponsor | Slack Channel | Maillist |
17 | | -----|------|-------------|---------------|----------|
18 | | [MLOps](https://github.com/cdfoundation/sig-mlops) | Data and machine learning pipelines and model deployment. Standards, specifications, projects | | [#sig-mlops](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) | [sig-mlops@lists.cd.foundation](https://lists.cd.foundation/g/sig-mlops) |
19 | | [Interoperability](https://github.com/cdfoundation/sig-interoperability) | Interoperability across CI/CD tools and technologies. Standards, specifications, projects | | [#sig-interoperability](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) | [sig-interoperability@lists.cd.foundation](https://lists.cd.foundation/g/sig-interoperability) |
20 | | [Events](https://github.com/cdfoundation/sig-events) | This group is looking at how events can help to create CI/CD systems with a decoupled architecture that is easy to scale and makes it resilient to failures | [Tracy Ragan](https://github.com/TracyRagan) | [#sig-events](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) | [sig-events@lists.cd.foundation](https://lists.cd.foundation/g/sig-events) |
21 | | [Best Practices](https://github.com/cdfoundation/sig-best-practices) | Capturing and distributing the various best practices that have been acquired over the years by member organizations | | [#sig-bestpractices](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) | [sig-best-practices@lists.cd.foundation](https://lists.cd.foundation/g/sig-best-practices) |
22 | | [Software Supply Chain](https://github.com/cdfoundation/sig-software-supply-chain) | Contributing to Software Supply Chain Initiatives from CI/CD process, tool, and system perspectives | [Melissa McKay](https://github.com/mjmckay) | [#sig-software-supply-chain](https://join.slack.com/t/cdeliveryfdn/shared_invite/zt-nwc0jjd0-G65oEpv5ynFfPD5oOX5Ogg) | [sig-software-supply-chain@lists.cd.foundation](https://lists.cd.foundation/g/sig-software-supply-chain) |
23 | 
24 | 
25 | ## Archived SIGs
26 | 
27 | * [Security](https://github.com/cdfoundation/sig-security)
28 | * [Chinese Localization](https://github.com/cdfoundation/sig-chinese-localization)
29 | 


--------------------------------------------------------------------------------
/sigs/archived/sig-chinese-localization.md:
--------------------------------------------------------------------------------
 1 | # CDF Chinese Localization SIG
 2 | 
 3 | ## Overview
 4 | There's a very big number of developers who is the Chinese speaker. But English is not the first language of them. People prefer to search and read documents in Chinese. Especially for the regular users.
 5 | 
 6 | Some projects from CDF already have the Chinese localization documentation. Such as [Jenkins X](https://github.com/jenkins-x/jx-docs/tree/main/content/zh), [Jenkins website](https://github.com/jenkins-infra/cn.jenkins.io) and [Jenkins Localization plugin](https://github.com/jenkinsci/localization-zh-cn-plugin).
 7 | 
 8 | ### Purpose
 9 | The group focuses on promoting projects of CDF in China:
10 | - Translate documents from English to Chinese
11 | - Organize local (or online) meetup of CDF for Chinese speakers
12 | - As an evangelist team to encourage Chinese contributors
13 | - As a bridge between the Chinese and English speakers
14 | 
15 | ### Outcome
16 | The group aims to provide a central place for the developers and users in China. People can get the news of CDF projects. Or communicate with each other in WeChat group which is a super popular tool in China.
17 | 
18 | Making tutorials for CDF projects is also a meaningful work. Such as [the tutorial videos](https://www.bilibili.com/video/BV1fp4y1r7Dd) of Jenkins.
19 | 
20 | ## Members
21 | Members of this SIG can be viewed [in the sig-chinese-localization repo](https://github.com/cdfoundation/sig-chinese-localization#members)
22 | 
23 | TOC Sponsor: Oleg Nenashev
24 | 
25 | ## Communication
26 | Communication in this SIG is primarily done through its [Slack channel](https://cdeliveryfdn.slack.com/archives/C028R8G6NRE)
27 | 
28 | ## Meetings
29 | The SIG has a bi-weekly meeting. Meeting notes can be seen [here](https://docs.google.com/document/d/14DtzBpOVHWpxXnx113slf6QaKG8qPLhx5M15ucNWsV8/edit?usp=sharing).
30 | 


--------------------------------------------------------------------------------
/sigs/archived/sig-security.md:
--------------------------------------------------------------------------------
 1 | # CDF Security SIG
 2 | 
 3 | ## Overview
 4 | The Security SIG provides a neutral home for discussion around designs, specifications, shared code and processes to enable security across the software supply chain. Topics of interest include the following:
 5 | 
 6 | * Observability- enable actions performed while writing code, compiling, testing, and distributing software to be manifest and verifiable.
 7 | * Policy - enable consumers of software to specify and implement policy over consumed software.
 8 | * Inventory - enable administrators to inventory and audit software used within their organizations.
 9 | * Runtime Security - enable detection and prevention of software tampering at runtime.
10 | * Vulnerability Communication - provide mechanisms for breaches in the integrity of software to be communicated and remediated. 
11 | * Vulnerability Recovery - provide mechanisms for consumers to recover from compromised or untrusted software.
12 | 
13 | ## Members
14 | 
15 | * Kay Williams (Microsoft) - Chair
16 | * Brian Russell (Google) - Co-chair
17 | * Fred Blaise (CloudBees) - Co-chair
18 | * Dan Lorenc (Google) - TOC Sponsor
19 | 
20 | ## Communication
21 | Security SIG communication happens via a public mailing list: https://lists.cd.foundation/g/sig-security
22 | 
23 | ## Meetings
24 | The Security SIG meets every other week at 9 AM Pacific, immediately preceding TOC meetings.
25 | 
26 | Meeting agendas and minutes are here: https://docs.google.com/document/d/1R-o4TuIed-CX2QIe25HD6793PzPAgojZMbz3q78lqYM/edit#
27 | 
28 | Download this invitation to add the meeting to your calendar: https://zoom.us/meeting/tZcvcuugqD8tyCbzKhDecxk7i_DTjwwoxw/ics?icsToken=16e7a1f824ad13ceb2a417f99e43dbc02fcc6db5825820f64677b5dec84af379
29 | 


--------------------------------------------------------------------------------
/sigs/best-practices-sig.md:
--------------------------------------------------------------------------------
 1 | # CDF Best Practices SIG
 2 | 
 3 | ## Overview
 4 | 
 5 | Continuous Delivery is a goal for many organizations. Research shows that implementing continuous delivery practices boosts  organizational performance as well as strengthens organization culture. 
 6 | Nevertheless, today every organization that wants to achieve that is forced to go through the same cycle of trial and error and expensive learning before they can reach that goal. What makes this especially painful is the fact that many of the lessons that organizations end up learning were lessons that others had already learned before. For example lessons such as:
 7 | - What are good strategies for reducing blast radius of software changes?
 8 | - How can canaries help increase confidence in the delivery workflow?
 9 | 
10 | Video: https://youtu.be/iw7_2ZEutHE
11 | 
12 | # Opportunities and Goals
13 | 
14 | A key goal of the Continuous Delivery Foundation is to address adoption challenges. We are going to invest time into creating a living, community-driven knowledge source to start capturing and distributing the various best practices that have been acquired over the years by our organizations. 
15 | The knowledge source would aim to:
16 | - Create a living source of guidance and practices, informed by experts in the field.
17 | - Inspire broad contribution and participation from different areas of focus within the CD domain.
18 | - Highlight themes and common solutions that contributed to high-value business impact that CDF member companies have enjoyed in adopting continuous delivery.
19 | 
20 | Building off of the excellent foundation provided in the 'Accelerate' book by Nicole Forsgren et al, it is our hope that with this resource we can reduce the time and complexity for organizations to finally succeed in establishing a true continuous delivery workflow.  We will know we are successful when:
21 | 
22 | - Guidance is referenced by industry leaders, both inside and outside of the CDF.
23 | - Guidance is referenced by teams looking to improve their continuous delivery practices
24 | - Guidance is considered of value in marketing efforts for projects.
25 | - Guidance adherence is considered of value in marketing and recruiting efforts for member companies.
26 | 
27 | # Audience and Participants
28 | 
29 | This effort is viewed as key importance by the CD.Foundation board of directors and board member Michael Galloway of Netflix is the executive sponsor for this effort. 
30 | The effort should be open to all involved in the field of software delivery. 
31 | Within CDF it is essential we engage our broader community including:
32 | 
33 | - Open source project communities (e.g. Jenkins, Spinnaker, Tekton, Jenkins X & other OSS communities)
34 | - [CDF Ambassadors](https://cd.foundation/ambassador-program-overview-application/community-ambassador-cohort20/)
35 | - CDF Special Interest Groups (e.g. Interoperability working group)
36 | - [CDF Member companies](https://cd.foundation/members/)
37 | - [CDF End User Council](https://cd.foundation/end-user-council/) participants 
38 | 
39 | To achieve this it is proposed this effort is structured as a CDF Special Interest Group; the 'Best Practices SIG'. 
40 | 
41 | # Governance
42 | SIG Best Practices is a [CDF Special Interest Group](https://github.com/cdfoundation/toc/tree/master/sigs).
43 | 
44 | Governance details for this SIG can be found [here](https://github.com/cdfoundation/sig-best-practices#governance)
45 | 
46 | # Members
47 | Members of this SIG can be found [here](https://github.com/cdfoundation/sig-best-practices#members)
48 | 


--------------------------------------------------------------------------------
/sigs/proposed.md:
--------------------------------------------------------------------------------
 1 | # Proposed SIGs [DRAFT]
 2 | 
 3 | | Name (to be finalised)  | Area        | Current CDF Projects | Status
 4 | | ------------------------|-------------|-----------------------|--------------
 5 | | [Security](https://github.com/cdfoundation/sig-security) | Security and supply chain integrity, traceability. Standards, specifications | Jenkins, Jenkins X, Spinnaker, Tekton | Archived
 6 | | [MLOps](https://github.com/cdfoundation/sig-mlops) | Data and machine learning pipelines and model deployment. Standards, specifications, projects | Tekton, Kubeflow Pipelines, Jenkins X | Accepted
 7 | | [Interoperability](https://github.com/cdfoundation/sig-interoperability) | Interoperability across CI/CD tools and technologies. Standards, specifications, projects | All | Accepted
 8 | | [Events](https://github.com/cdfoundation/sig-events) | This group is looking at how events can help to create CI/CD systems with a decoupled architecture that is easy to scale and makes it resilient to failures | TBD | Accepted |
 9 | | [Best Practices](https://github.com/cdfoundation/sig-best-practices) | Capturing and distributing the various best practices that have been acquired over the years by member organizations | TBD | Accepted |
10 | | [Security Supply Chain](https://github.com/cdfoundation/sig-security-supply-chain) | Discussion, design, and adoption of an industry framework for supply chain security. | N/A | Archived |
11 | | [Chinese Localization](https://github.com/cdfoundation/sig-chinese-localization) | UI related projects, website, local culture or events | Jenkins | Accepted
12 | | [Software Supply Chain](https://github.com/cdfoundation/sig-software-supply-chain) | Contributing to Software Supply Chain Initiatives from CI/CD process, tool, and system perspectives | All | Accepted
13 | | Governance | TBD | TBD | 
14 | | TBD | TBD | TBD | 
15 | 


--------------------------------------------------------------------------------
/sigs/sig-events.md:
--------------------------------------------------------------------------------
 1 | # CDF Events SIG
 2 | 
 3 | ## Overview
 4 | Today’s CI/CD systems do not talk to each other in a standardized way. This leads to problems related to interoperability, notification of failure issues, and poor automation.
 5 | 
 6 | This group is looking at how events can help to create CI/CD systems with a decoupled architecture that is easy to scale and makes it resilient to failures. Using events could also increase automation when connecting workflows from different systems to each other, and as a result empowering tracing/visualizing/auditing of the connected workflows through these events.
 7 | 
 8 | ### Purpose
 9 | The group focuses on the use of events to provide interoperability through topics like:
10 | - When are events suited? For triggers, audits, monitoring, management
11 |   - Common guidelines for at-least-once, at-most-once, exactly once, ordering… When to apply what strategy?
12 | - Best practices for event-driven CI/CD systems
13 | - Events to be used by tools for orchestration/workflows
14 | - Pipeline to pipeline communication via events
15 | - Tracing/auditing/graphing/visualizing of the entire process, e.g., through events. What truly occurs?
16 | - Metrics, e.g., how many versions have been deployed, how many PRs (Pull Requests) have been raised, how many events have been issued?  
17 | - How are events related and how are they ordered (links vs trace context)?
18 | 
19 | ### Outcome
20 | The group is working on a standardized event protocol that caters for technology agnostic machine-to-machine communication in CI/CD systems. This specification will be published, reviewed and agreed upon between relevant Linux Foundation projects/members.
21 | 
22 | The group aims to provide reference implementations such as event listeners and event senders on top of CloudEvents.
23 | 
24 | ## Members
25 | Members of this SIG can be viewed [in the sig-events repo](https://github.com/cdfoundation/sig-events#members)
26 | 
27 | TOC Sponsor: Isaac Mosquera
28 | 
29 | ## Governance
30 | 
31 | SIG Events is a [CDF Special Interest Group](https://github.com/cdfoundation/toc/tree/master/sigs).
32 | 
33 | Governance details for this SIG can be found [here](https://github.com/cdfoundation/sig-events#governance)
34 | 
35 | ## Communication
36 | Communication in this SIG is primarily done through its [Slack channel](https://cdeliveryfdn.slack.com/archives/C0151BTKEJX)
37 | 
38 | ## Meetings
39 | The SIG meets on the 1st and 3rd Monday of each month, at 15:00UTC. See our [group charter](https://github.com/cdfoundation/sig-events#meetings) for details.
40 | 


--------------------------------------------------------------------------------
/sigs/sig-interoperability.md:
--------------------------------------------------------------------------------
 1 | # CDF Interoperability SIG
 2 | 
 3 | ## Overview
 4 | 
 5 | The emergence of new open technologies and methodologies such as cloud native and
 6 | microservices has resulted in tremendous advances in various industries and enabled
 7 | the rapid development and delivery of new features and services to the end-users
 8 | faster than before. Continuous Integration (CI) and Continuous Delivery (CD) are
 9 | prerequisites and enablers for organizations to use these technologies and achieve
10 | true agility in response to these changes.
11 | 
12 | The organizations that embrace CI/CD employ various tools and technologies depending
13 | on their needs and where they are in their CI/CD transformation. Organizations often
14 | employ more than one tool in various stages of their CI/CD pipelines due to different
15 | capabilities provided by the tools. This is perhaps one of the biggest benefits the
16 | users get by using open technologies for their CI/CD needs.
17 | 
18 | However, one of the challenges users face is the lack of interoperability across the
19 | CI/CD tools and technologies, resulting in various issues while constructing and
20 | running pipelines such as passing metadata and artifacts between the tools or achieving
21 | traceability from commit to deployment. Often users end up building "own glue code" to
22 | address what is a common problem, further complicating moving from one tool to another
23 | and adopting new technologies and methodologies.
24 | 
25 | These "glue code solutions" are generally specific to users needs and the tools rather
26 | than being loosely coupled and agnostic to tooling and technology. Additionally these
27 | solutions are not visible to other users and the communities, making them vulnerable to
28 | the risks of outage in their CI/CD pipelines due to the potential changes (ie non-backward
29 | changes to the APIs, changes in data models) that happens to the tools in respective
30 | projects.
31 | 
32 | The interoperability SIG will focus on addressing these challenges and further work with
33 | projects to achieve a common set of solutions.
34 | 
35 | CDF Interoperability SIG aims to enable a dialog in the interoperability area by bringing
36 | CI/CD users together with the open source projects in order to
37 | 
38 | * clarify what interoperability means for the CI/CD ecosystem
39 | * promote the need to collaborate on interoperability challenges in a neutral forum
40 | * highlight and promote the needs of the users who face challenges constructing complex
41 | end-to-end CI/CD flows and pipelines by employing different tools and technologies
42 | * explore synergies between, and enable collaboration across, the CI/CD projects with
43 | regards to interoperability
44 | * pursue solutions which are; loosely coupled, scalable, flexible, and tool and
45 | technology agnostic
46 | * reduce the need for users to implement in-house solutions by promoting native
47 | interoperability between tools
48 | * attract and assist projects that work on interoperability
49 | 
50 | ## Members
51 | 
52 | Members of this SIG can be viewed [here](https://github.com/cdfoundation/sig-interoperability#members)
53 | 
54 | ## Governance
55 | 
56 | SIG Interoperability is a [CDF Special Interest Group](https://github.com/cdfoundation/toc/tree/master/sigs).
57 | 
58 | Governance details for this SIG can be found [here](https://github.com/cdfoundation/sig-interoperability#governance)
59 | 
60 | ## Communication
61 | 
62 | Communication details for this SIG can be found [here](https://github.com/cdfoundation/sig-interoperability#communication)
63 | 
64 | ## Meetings
65 | 
66 | Meeting details and minutes are here: [here](https://github.com/cdfoundation/sig-interoperability#meetings)
67 | 


--------------------------------------------------------------------------------
/sigs/sig-mlops.md:
--------------------------------------------------------------------------------
 1 | # CDF MLOps SIG
 2 | 
 3 | ## Overview
 4 | The MLOps SIG creates designs, specifications, shared code and processes to enable MLOps and Data and ML Pipeline capabilities on top of CD Projects, e.g. Tekton. 
 5 | 
 6 | ## Agenda
 7 | 
 8 | * Define requirements for MLOps for Tekton
 9 | * Investigate potential existing dominant technologies in ML Pipeliens space, and their integration with Tekton e.g. Kubeflow Pipelines
10 | * Plan for quarterly face-to-face meetings
11 | 
12 | The SIG will deliver designs, specifications, shared code and processes that meet the following goals:
13 | 
14 | * Enable actions performed while writing code, compiling, testing, and distributing software to be manifested and verifiable.
15 | * Enable integration between MLOps Pipelines and Tekton e.g. Kubeflow Pipelines working with Tekton as a backend
16 | * Enable support structure for this code to be maintained, tested on a rigorous level
17 | * Define architecture and guidelines around Lineage tracking, Metadata collection, Experiment tracking, Date versioning, ETL operations etc. which a typical Data and ML Pipeline shall support
18 | 
19 | ## Members
20 | 
21 | * Animesh Singh (IBM) - Chair
22 | * Pavel Dournov (Google) - Co-chair
23 | * Michael Neale (CloudBees) - Co-chair
24 | * Hamel Husain (Github) - Co-chair
25 | * Jeremey Lewi (Google) - Kubeflow Lead
26 | * Andrea Fritolli (IBM) - Tekton Committer
27 | * Peng Li (IBM) - Tekton Committer
28 | * Pete MacKinnon (Red Hat) - Kubeflow contributor
29 | * Václav Pavlín (Red Hat) - Open Data Hub Lead
30 | * Terry Cox (Bootstrap) - Jenkins X ML quickstarts lead
31 | 
32 | ## Communication
33 | MLOps SIG communication happens via a public mailing list: https://lists.cd.foundation/g/sig-mlops
34 | 
35 | ## Meetings
36 | The MLOps SIG meets every other week at 9:30 AM Pacific, on Thursdays
37 | 
38 | Meeting agendas and minutes are here: TBD
39 | 
40 | Download this invitation to add the meeting to your calendar: https://zoom.us/meeting/u5Iqduutpj8o7fVIT1pePLk5wv4H9XpojQ/ics
41 | 
42 | AND
43 | 
44 | For APAC / Oceania, the MLOps SIG meets every other week on Thursdays, at 10:00 UTC (*See your timezone [here](https://time.is/1000_in_UTC)*)
45 | 
46 | 
47 | -- [Zoom Meeting Link](https://zoom.us/j/95182588714?pwd=UVVUbVFHZWtDQytvNnJ3S3RUL09HQT09)
48 | 


--------------------------------------------------------------------------------
/sigs/sig-software-supply-chain.md:
--------------------------------------------------------------------------------
 1 | # CDF Software Supply Chain SIG
 2 | 
 3 | ## Overview
 4 | 
 5 | Recent attacks highlighted the importance of and the need to collaborate on addressing challenges with the Software Supply Chain.
 6 | Governments, standards developing organizations, and communities have started focusing on this topic to improve the situation and publishing new announcements, guidelines, and directives.
 7 | It is imperative to take actions to ensure security, integrity, and compliance of the Software Supply Chain which includes all source code which is incorporated into an artifact, irrespective of whether it is open source or proprietary software.
 8 | Additionally, the systems involved in getting software from developers’ IDEs into the hands of end-users, such as SCM and CI/CD systems, must also be subject to the same level of scrutiny.
 9 | 
10 | One key consideration to take into account while working with Software Supply Chain is CI/CD.
11 | There are many parts of the software lifecycle that need attention and the focus of this SIG is the CI/CD in order to avoid overlaps and contribute to other initiatives aiming to improve the security posture for the products and production systems from CI/CD perspective.
12 | 
13 | The reasons for this is that the practices employed and the technologies used by organizations while establishing software flows heavily depend on CI/CD.
14 | The activities that start, once code contributions leave developer's workstations and land in the production environments serving end users’ needs, are orchestrated by CI/CD systems.
15 | Various industry best practices such as policy driven CD and SBOMs are all important aspects to take into consideration to ensure security, integrity, and compliance for the products that are deployed to production.
16 | 
17 | Another critical aspect to highlight is the importance of securing the CI/CD systems themselves as these systems are essentially production systems.
18 | CI/CD systems are also constructed using open source and/or commercial software and any issues with security, integrity, and compliance within these systems could have great impacts on the products produced using them.
19 | In addition to this, CI/CD systems interact with or operate against various environments such as staging and production.
20 | Such environments could be hosted on-premise, private and public clouds which increases the complexity and importance of securing CI/CD systems themselves.
21 | The Software Supply Chain SIG aims to study different aspects of CI/CD systems, securing it to prevent bad actors from exploiting these systems and the products produced and deployed by them for malicious intentions.
22 | 
23 | In addition to identifying and working with relevant topics, the SIG will take a practice oriented approach by implementing proof of concepts and sample pipelines using various CI/CD technologies and tools to highlight how such tools could be used in a Software Supply Chain, how good practices could be employed and what kind of opportunities there are.
24 | A critical requirement for success is collaboration between DevOps practitioners and [CDF hosted projects](https://cd.foundation/projects/) such as Tekton and Jenkins.
25 | Additionally, collaborating with the existing CDF SIGs including but not limited to [Interoperability](https://github.com/cdfoundation/sig-interoperability), [Events](https://github.com/cdfoundation/sig-events), and [Best Practices](https://github.com/cdfoundation/sig-best-practices) is critical for the SIG since some of the topics driven by these SIGs such as metadata standardization and events are relevant for the topics this SIG will work on, such as SBOMs and notification of vulnerabilities.
26 | The Software Supply Chain SIG will also look for synergies between CDF and other communities such as [OpenSSF](https://openssf.org/) and projects and working groups hosted by it such as [Sigstore](https://www.sigstore.dev/), [SLSA](https://slsa.dev/), [Security Tooling WG](https://github.com/ossf/wg-security-tooling), and [Supply Chain Integrity WG](https://github.com/ossf/wg-supply-chain-integrity) to ensure CI/CD aspects are not overlooked.
27 | 
28 | 
29 | ## Members
30 | 
31 | * Liora Milbaum ([@lmilbaum](https://github.com/lmilbaum)), Red Hat
32 | * Fatih Degirmenci ([@fdegir](https://github.com/fdegir)), Ericsson Software Technology
33 | * Kara de la Marck ([@MarckK](https://github.com/MarckK)), CDF
34 | * Georg Kunz ([@gkunz](https://github.com/gkunz)), Ericsson
35 | * Erhan Vikyol ([@vikyol](https://github.com/vikyol)), Storebrand
36 | * Tracy Miranda ([@tracymiranda](https://github.com/tracymiranda)), Chainguard
37 | * Melissa McKay ([@mjmckay](https://github.com/mjmckay)), JFrog
38 | * Maxime Gréau ([@mgreau](https://github.com/mgreau)), Elastic
39 | * Majinghe ([@majinghe](https://github.com/majinghe))
40 | * Dan Garfield ([@todaywasawesome](https://github.com/todaywasawesome)), Codefresh 
41 | 
42 | ## New Members
43 | 
44 | Membership to the CDF SIG Software Supply Chain is open to the public and self-declared.
45 | 
46 | New members are advised to:
47 | 
48 | * Join the SIG and CDF TOC maillists.
49 | * Join the SIG Slack Channel and introduce yourself.
50 | * Go through the README.md document.
51 | * Regularly join the SIG Meetings.
52 | * Submit a PR to add yourself to the members list.
53 | * Here are various ways to get involved:
54 |   * Share your thoughts by joining the meetings or by posting to maillist and Slack channel.
55 |   * Present a project the community you are part of is working on.
56 |   * Add a topic you would like to discuss to the agenda.
57 |   * Create a new issue to start gathering feedback and collaborating.
58 |   * Choose an issue where help is needed and comment on it expressing interest.
59 |   * Propose a proof of concept.
60 | 
61 | ## Governance
62 | 
63 | SIG Software Supply Chain is a [CDF Special Interest Group](https://github.com/cdfoundation/toc/tree/master/sigs).
64 | 
65 | The process SIG Software Supply Chain follows can be seen from [here](https://github.com/cdfoundation/toc/blob/master/GROUPS.md#sigs).
66 | 
67 | Chairs and the TOC Sponsor of the SIG are
68 | 
69 | * Liora Milbaum ([@lmilbaum](https://github.com/lmilbaum)), Red Hat - Co-chair
70 | * Fatih Degirmenci ([@fdegir](https://github.com/fdegir)), Ericsson Software Technology - Co-chair
71 | * Melissa McKay ([@mjmckay](https://github.com/mjmckay)), JFrog - TOC Sponsor
72 | 
73 | ### SIG Workstreams
74 | 
75 | SIG Software Supply Chain welcomes contributors who take part in the SIG to form workstreams to work on specific areas of interest in a more focused and structured way.
76 | 
77 | Workstream governance is TBD.
78 | 
79 | ## Communication
80 | 
81 | SIG Software Supply Chain communication happens via a public mailing list and everyone is
82 | welcome to join our open discussions.
83 | 
84 | SIG Software Supply Chain also uses Slack for additional collaboration opportunities.
85 | 
86 | * Maillist: TBD
87 | * Slack Channel: TBD
88 | 
89 | ## Meetings
90 | 
91 | SIG Software Supply Chain meets TBD.
92 | 
93 | * Meeting agenda and minutes: TBD
94 | * Meeting recordings: TBD
95 | * Zoom Bridge: TBD
96 | * Zoom International dial-in numbers: [here](https://zoom.us/zoomconference)
97 | * CDF Public Calendar (UTC): [here](https://calendar.google.com/calendar/u/0/embed?src=linuxfoundation.org_mhf0kmgedn67ihni8r129avp24@group.calendar.google.com&ctz=UTC)
98 | 


--------------------------------------------------------------------------------
/working-groups/README.md:
--------------------------------------------------------------------------------
 1 | # CDF Working Groups
 2 | 
 3 | ## Introduction
 4 | 
 5 | The purpose of working groups are to study and report on a particular question and make recommendations based on its findings. The end result of a working group may be a new project proposal, landscape, whitepaper or even a report detailing their findings. The intention of working groups is not to host a full project or specification. Working Groups can be formed at any time but must be sponsored by a TOC member and voted with a super majority vote by the CDF TOC. The TOC can also shut down or establish a sunset for a working group with a super majority vote.
 6 | 
 7 | ## Process
 8 | 
 9 | If you would like to submit a working group proposal, please submit a pull request to the working groups folder. As an example, you can see the other working group proposals here: https://github.com/cdfoundation/toc/tree/master/working-groups
10 | 
11 | You will also have to present to the CDF TOC and wider community before your WG proposal will be voted upon by the TOC and community. You can request a presentation by filing an issue here: https://github.com/cdfoundation/toc/issues
12 | 
13 | At a minimum, please include this information:
14 | 
15 | * Goals
16 | * Non-goals
17 | * Mailing list information
18 | * The location of meetings / agenda / notes
19 | * Initial interested parties to show that there are multiple people across multiple orgs interested
20 | * The chair(s) and TOC sponsor being explicitly listed so they are discoverable
21 | 


--------------------------------------------------------------------------------