mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

update governance (#10669)

Browse source 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
This commit is contained in:
Jim Bugwadia 2024-07-17 00:09:46 -07:00 committed by GitHub
parent f3c9be9d0f
commit 8a01d6db31
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 19 additions and 200 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
CODE_OF_CONDUCT.md
View file

@ -1,36 +1,6 @@
# Kyverno Community Code of Conduct v1.0 # Code of Conduct
## Contributor Code of Conduct [Kyverno and its sub-projects](https://github.com/kyverno#projects) follow the Code of Conduct published and maintained at https://github.com/kyverno/community/blob/main/CODE_OF_CONDUCT.md.
As contributors and maintainers of this project, and in the interest of fostering
an open and welcoming community, we pledge to respect all people who contribute
through reporting issues, posting feature requests, updating documentation,
submitting pull requests or patches, and other activities.
We are committed to making participation in this project a harassment-free experience for
everyone, regardless of level of experience, gender, gender identity and expression,
sexual orientation, disability, personal appearance, body size, race, ethnicity, age,
religion, or nationality.
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery
* Personal attacks
* Trolling or insulting/derogatory comments
* Public or private harassment
* Publishing other's private information, such as physical or electronic addresses, without explicit permission
* Other unethical or unprofessional conduct.
Project maintainers have the right and responsibility to remove, edit, or reject
comments, commits, code, wiki edits, issues, and other contributions that are not
aligned to this Code of Conduct. By adopting this Code of Conduct, project maintainers
commit themselves to fairly and consistently applying these principles to every aspect
of managing this project. Project maintainers who do not follow or enforce the Code of
Conduct may be permanently removed from the project team.
This code of conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community.
Instances of abusive, harassing, or otherwise unacceptable behavior in Kubernetes may be reported by contacting the project maintainer(s).
This Code of Conduct is adapted from the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md) and the [Contributor Covenant](https://www.contributor-covenant.org/), [version 1.2.0](https://www.contributor-covenant.org/version/1/2/0/code-of-conduct/).

139
CONTRIBUTING.md
View file

@ -1,46 +1,24 @@
# Contributing Guidelines for Kyverno # Contributor Guidelines for Kyverno
We welcome all contributions, suggestions, and feedback, so please do not hesitate to reach out! [Kyverno and its sub-projects](https://github.com/kyverno#projects) follow the contributor guidelines published at: https://github.com/kyverno/community/blob/main/CODE_OF_CONDUCT.md.
Before you contribute, please take a moment to review and agree to abide by our community [Code of Conduct](/CODE_OF_CONDUCT.md). Please review the general guidelines before proceeding further to the project specific information below.
- [Contributing Guidelines for Kyverno](#contributing-guidelines-for-kyverno) ### Fix or Improve Kyverno Documentation
- [Engage with us](#engage-with-us)
- [Ways you can contribute](#ways-you-can-contribute)
- [1. Report issues](#1-report-issues)
- [2. Fix or Improve Documentation](#2-fix-or-improve-documentation)
- [3. Submit Pull Requests](#3-submit-pull-requests)
- [How to Create a PR](#how-to-create-a-pr)
- [Developer Certificate of Origin (DCO) Sign off](#developer-certificate-of-origin-dco-sign-off)
- [Release Processes](#release-processes)
## Engage with us
The Kyverno website has the most updated information on [how to engage with the Kyverno community](https://kyverno.io/community/) including its maintainers and contributors. There are three classes of contributors possible: Contributor, Code Owner, and Maintainer. Please see the [Contributing section on the website](https://kyverno.io/community/#contributing) for the requirements and privileges afforded to each.
Join our community meetings to learn more about Kyverno and engage with other contributors.
## Ways you can contribute
### 1. Report issues
Issues to Kyverno help improve the project in multiple ways including the following:
- Report potential bugs
- Request a feature
- Request a sample policy
### 2. Fix or Improve Documentation
The [Kyverno website](https://kyverno.io), like the main Kyverno codebase, is stored in its own [git repo](https://github.com/kyverno/website). To get started with contributions to the documentation, [follow the guide](https://github.com/kyverno/website#contributing) on that repository. The [Kyverno website](https://kyverno.io), like the main Kyverno codebase, is stored in its own [git repo](https://github.com/kyverno/website). To get started with contributions to the documentation, [follow the guide](https://github.com/kyverno/website#contributing) on that repository.
### 3. Submit Pull Requests ### Developer Guides
[Pull requests](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests) (PRs) allow you to contribute back the changes you've made on your side enabling others in the community to benefit from your hard work. They are the main source by which all changes are made to this project and are a standard piece of GitHub operational flows. To learn about the code base and developer processes, refer to the [development guide](/DEVELOPMENT.md).
New contributors may easily view all [open issues labeled as good first issues](https://github.com/kyverno/kyverno/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) allowing you to get started in an approachable manner. ### Good First Issues
Once you wish to get started contributing to the code base, please refer to our [development guide](/DEVELOPMENT.md) for a how-to. Maintainers identify issues that are ideal for new contributors with a `good first issue` label.
View all Kyverno [good first issues](https://github.com/kyverno/kyverno/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22).
### Pull Request Guidelines
In the process of submitting your PRs, please read and abide by the template provided to ensure the maintainers are able to understand your changes and quickly come up to speed. There are some important pieces that are required outside the code itself. Some of these are up to you, others are up to the maintainers. In the process of submitting your PRs, please read and abide by the template provided to ensure the maintainers are able to understand your changes and quickly come up to speed. There are some important pieces that are required outside the code itself. Some of these are up to you, others are up to the maintainers.
@ -49,99 +27,6 @@ In the process of submitting your PRs, please read and abide by the template pro
3. Test your change with the [Kyverno CLI](https://kyverno.io/docs/kyverno-cli/) and provide a test manifest in the proper format. If your feature/fix does not work with the CLI, a separate issue requesting CLI support must be made. For changes which can be tested as an end user, we require conformance/e2e tests by using the `chainsaw` tool. See [here](https://github.com/kyverno/kyverno/tree/main/test/conformance/chainsaw/README.md) for a specific guide on how and when to write these tests. 3. Test your change with the [Kyverno CLI](https://kyverno.io/docs/kyverno-cli/) and provide a test manifest in the proper format. If your feature/fix does not work with the CLI, a separate issue requesting CLI support must be made. For changes which can be tested as an end user, we require conformance/e2e tests by using the `chainsaw` tool. See [here](https://github.com/kyverno/kyverno/tree/main/test/conformance/chainsaw/README.md) for a specific guide on how and when to write these tests.
4. Indicate which release this PR is triaged for (maintainers). This step is important especially for the documentation maintainers in order to understand when and where the necessary changes should be made. 4. Indicate which release this PR is triaged for (maintainers). This step is important especially for the documentation maintainers in order to understand when and where the necessary changes should be made.
#### How to Create a PR
Head over to the project repository on GitHub and click the **"Fork"** button. With the forked copy, you can try new ideas and implement changes to the project.
1. **Clone the repository to your device:**
Get the link of your forked repository, paste it in your device terminal and clone it using the command.
```sh
git clone https://hostname/YOUR-USERNAME/YOUR-REPOSITORY
```
2. **Create a branch:**
Create a new brach and navigate to the branch using this command.
```sh
git checkout -b <new-branch>
```
Great, it's time to start hacking! You can now go ahead to make all the changes you want.
3. **Stage, Commit, and Push changes:**
Now that we have implemented the required changes, use the command below to stage the changes and commit them.
```sh
git add .
```
```sh
git commit -s -m "Commit message"
```
The `-s` signifies that you have signed off the commit.
Go ahead and push your changes to GitHub using this command.
```sh
git push
```
#### Cherry-pick PRs to release branches
Add repository as remote
```sh
git remote add <name> https://github.com/kyverno/kyverno
```
Then fetch the branches of remote:
```sh
git fetch <name>
```
You will notice that there are a number of branches related to Kyverno's releases such as release-1.7. You can always view the list of remote branches by using the command below:
```sh
$ git branch -r
...
origin/release-1.5
origin/release-1.6
origin/release-1.7
```
Checkout one of the release branch and cherry-pick the PRs you want to merge into the release branch:
```sh
$ git checkout release-1.7
git cherry-pick <commit-hash> -s
git push --set-upstream origin release-1.7
```
Once the commit has been cherry-picked, the author will need to open a PR merging to the release branch, release-1.7 for example.
#### Developer Certificate of Origin (DCO) Sign off
For contributors to certify that they wrote or otherwise have the right to submit the code they are contributing to the project, we are requiring everyone to acknowledge this by signing their work which indicates you agree to the DCO found [here](https://developercertificate.org/).
To sign your work, just add a line like this at the end of your commit message:
```sh
Signed-off-by: Random J Developer <random@developer.example.org>
```
This can easily be done with the `-s` command line option to append this automatically to your commit message.
```sh
git commit -s -m 'This is my commit message'
```
## Release Processes ## Release Processes
Review the Kyverno release process at: https://kyverno.io/docs/releases/ Review the Kyverno release process at: https://kyverno.io/docs/releases/

38
GOVERNANCE.md
View file

@ -1,39 +1,3 @@
# Kyverno Governance # Kyverno Governance
This document defines governance policies for the Kyverno project. [Kyverno and its sub-projects](https://github.com/kyverno#projects) follow the governance published and maintained at https://github.com/kyverno/community/blob/main/GOVERNANCE.md.
- [Principles](#principles)
- [Code of Conduct](#code-of-conduct)
- [Meetings](#meetings)
- [Roles and Process in the Kyverno Community](#roles)
- [Conflict Resolutions](#conflict-resolutions)
- [Changes](#changes)
- [Credits](#credits)
## Principles
The Kyverno project community adheres to the following principles:
- Open: The Kyverno community strives to be open, accessible and welcoming to everyone. Anyone may contribute, and contributions are available to all users according to open source values and licenses.
- Transparent and accessible: Any changes to the Kyverno source code and collaborations on the project are publicly accessible (GitHub issues, PRs, and discussions).
- Merit: Ideas and contributions are accepted according to their technical merit and alignment with project objectives, scope, and design principles.
## Code of Conduct
Kyverno follow the [Code of Conduct](CODE_OF_CONDUCT.md), which is aligned with the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md).
## Meetings
Kyverno community meetings follow a defined [schedule](https://kyverno.io/community/#community-meetings).
The maintainers will also have closed meetings in order to discuss security reports or Code of Conduct violations. Such meetings should be scheduled by any maintainer on receipt of a security issue or CoC report. All current Maintainers must be invited to such closed meetings, except for any maintainer who is accused of a CoC violation.
## Roles
The Kyverno project welcomes all contributors and has well-defined roles specified at [Project Roles](https://kyverno.io/community/#project-roles).
## Conflict Resolutions
Typically, it is assumed that disputes will be resolved amicably by those involved. However, if the situation becomes more serious, conflicts will be resolved through a voting process. A supermajority of votes from project maintainers is required to make a decision, and the project lead has the final say in the ruling.
## Changes
This Project Governance is a living document. All key project changes including changes in project governance can be proposed by a GitHub PR and then reviewed and voted on by project maintainers.
## Credits
Sections of this document have been borrowed from the [CoreDNS](https://github.com/coredns/coredns/blob/master/GOVERNANCE.md) and [fluxcd](https://github.com/fluxcd/community/blob/main/GOVERNANCE.md) projects.

6
README.md
View file

@ -16,7 +16,7 @@
<a href="https://kyverno.io" rel="kyverno.io">![logo](img/Kyverno_Horizontal.png)</a> <a href="https://kyverno.io" rel="kyverno.io">![logo](img/Kyverno_Horizontal.png)</a>
<p class="callout info" style="font-size: 100%;"> <p class="callout info" style="font-size: 100%;">
Kyverno is a policy engine designed for Kubernetes platform engineering teams. It enables security, automation, compliance, and governance using policy-as-code. Kyverno can validate, mutate, generate, and cleanup configurations using Kubernetes admission controls, background scans, and source code respository scans. Kyverno policies can be managed as Kubernetes resources and do not require learning a new language. Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git. Kyverno is a policy engine designed for cloud native platform engineering teams. It enables security, automation, compliance, and governance using policy-as-code. Kyverno can validate, mutate, generate, and cleanup configurations using Kubernetes admission controls, background scans, and source code respository scans. Kyverno policies can also be used to verify OCI images, for software supply chain security. Kyverno policies can be managed as Kubernetes resources and do not require learning a new language. Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git.
</p> </p>
<a href="https://opensourcesecurityindex.io/" target="_blank" rel="noopener"> <img <a href="https://opensourcesecurityindex.io/" target="_blank" rel="noopener"> <img
@ -46,9 +46,9 @@ We are here to help!
👉 For discussions or questions, join the [Kyverno Slack channel](https://slack.k8s.io/#kyverno). 👉 For discussions or questions, join the [Kyverno Slack channel](https://slack.k8s.io/#kyverno).
👉 For community meeting access, join the [mailing list](https://groups.google.com/g/kyverno). 👉 For community meeting access, see [mailing list](https://kyverno.io/community/#community-meetings).
👉 To get updates ⭐️ [star this repository](https://github.com/kyverno/kyverno/stargazers). 👉 To get follow updates ⭐️ [star this repository](https://github.com/kyverno/kyverno/stargazers).
## Contributing ## Contributing