Grafeas 0.1.0 and Kritis 0.1.0 releases proposal
Aysylu Greenberg
Kritis Community,
Please find below the proposal for the Grafeas and Kritis 0.1.0 releases. I'll be scheduling a community sync meeting with you on March 5, 2019 at 3:30 pm NYC time. Please feel free to add your feedback on this thread and bring your questions and suggestions to the meeting!
Cheers,
Aysylu
---
The goal of this release is to enable the users to start experimenting with the Kritis and Grafeas projects, which will allow us to gather feedback from the community. The scope is to provide standalone Kritis on k8s with standalone Grafeas. The user will be able to install a standalone Kritis admission controller on k8s with local Grafeas backend and Postgres database, using the Grafeas image that we publish. Using the script that we provide to populate the Grafeas with an Attestation Authority note and occurrence as an example, the user will then be able to:
Allow the deployment of a container to their k8s cluster;
Block the deployment of a non-fully qualified container to their k8s cluster.
The Grafeas server can already be brought up as a standalone server with a Postgres storage backend. To enable the standalone Grafeas server with the necessary features, we'll ensure that:
The Docker container with Grafeas is functional and can be used on Kubernetes, with Postgres storage backend as an example;
A publically available Grafeas image provided for use in Kritis and standalone;
Basic support for Go client library.
Kritis will need the following features to enable this:
Kritis is configurable;
Default admittance fallback policy is defined.
From here on out Grafeas will be following semantic versioning: releases with bug fixes for this scope will have their micro version incremented.