Adding Security Contacts to Repositories under Kubernetes
239 views
Skip to first unread message
Jessie Frazelle
Apr 20, 2018, 4:16:27 PM4/20/18
to Kubernetes developer/contributor discussion, brandon...@redhat.com, CJ Cullen, Tim Allclair, Jordan Liggitt
Hey all,
The PST had a discussion today about fixing some process issues and
making everyones lives easier.
One thing that lives in all the repos is the OWNERS file. It has a few
spec-ed keys currently. I opened this PR on the community repo[1] to
add a "security" key.
This adds a list of contacts for the repo that the Product Security
Team can reach out to for triaging and handling of incoming issues,
please try to keep this list small as the contact can then further
decide who "needs to know" to complete the fix.
If you are the owner of a repo under the kubernetes organization, can
you please help us out and delegate at least one member to be the
first point of contact.
Currently it has been done on a random basis but it would be great to
have owners.
Thanks!
[1] https://github.com/kubernetes/community/pull/2062
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu
The PST had a discussion today about fixing some process issues and
making everyones lives easier.
One thing that lives in all the repos is the OWNERS file. It has a few
spec-ed keys currently. I opened this PR on the community repo[1] to
add a "security" key.
This adds a list of contacts for the repo that the Product Security
Team can reach out to for triaging and handling of incoming issues,
please try to keep this list small as the contact can then further
decide who "needs to know" to complete the fix.
If you are the owner of a repo under the kubernetes organization, can
you please help us out and delegate at least one member to be the
first point of contact.
Currently it has been done on a random basis but it would be great to
have owners.
Thanks!
[1] https://github.com/kubernetes/community/pull/2062
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu
Jessie Frazelle
May 22, 2018, 8:53:28 PM5/22/18
to Kubernetes developer/contributor discussion, brandon...@redhat.com, CJ Cullen, Tim Allclair, Jordan Liggitt
Re-upping this thread...
Can you all please add the contacts as per the template here[1] and docs
here[2] (search for SECURITY_CONTACTS)
Thanks.
[1]
https://github.com/kubernetes/kubernetes-template-project/blob/master/SECURITY_CONTACTS
[2]
https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance-template-short.md
Can you all please add the contacts as per the template here[1] and docs
here[2] (search for SECURITY_CONTACTS)
Thanks.
[1]
https://github.com/kubernetes/kubernetes-template-project/blob/master/SECURITY_CONTACTS
[2]
https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance-template-short.md
Jessie Frazelle
May 22, 2018, 8:55:30 PM5/22/18
to Kubernetes developer/contributor discussion, brandon...@redhat.com, CJ Cullen, Tim Allclair, Jordan Liggitt
If they are not added by next week I will go around and annoy you all
individually. If you do add them by then, I will remember forever that you
helped out :)
individually. If you do add them by then, I will remember forever that you
helped out :)
Matt Farina
May 23, 2018, 3:20:26 PM5/23/18
to Kubernetes developer/contributor discussion
Does this apply to all repos on all actively used orgs owned by Kubernetes?
Jessie Frazelle
May 23, 2018, 3:28:20 PM5/23/18
to Matt Farina, Kubernetes developer/contributor discussion
Yes indeed :)
--
You received this message because you are subscribed to the Google Groups "Kubernetes developer/contributor discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-de...@googlegroups.com.
To post to this group, send email to kuberne...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-dev/84de710a-926e-41fc-a748-ea8bf6965a94%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Shimin Guo
May 25, 2018, 3:02:21 AM5/25/18
to Kubernetes developer/contributor discussion
What kind of names should we put in that file? Github usernames? Emails? Slack handles?
Jessie Frazelle
May 25, 2018, 7:31:23 AM5/25/18
to Shimin Guo, Kubernetes developer/contributor discussion
GitHub usernames
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-dev/d9ff662f-c5f8-46f4-9fb9-20bbddd0ec79%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages