Hi all,

Does this policy apply to telemetry engines which were introduced *before* the new policy was announced? It is not clear from the text, but it is important if it becomes a policy for CDF projects.

Thanks in advance,

Oleg Nenashev

Jenkins project

On Tue, Oct 22, 2019, 01:57 Dan Lopez <dlopez@...> wrote:

Thanks, Dan!

It is also on the agenda for tomorrow TOC call.

Best,

--

Dan Lopez

The Linux Foundation

+1 415.735.5881

dlopez@...

On Mon, Oct 21, 2019 at 4:38 PM Dan Lorenc via Lists.Cd.Foundation <dlorenc=google.com@...> wrote:

This was recently published: https://www.linuxfoundation.org/telemetry-data-policy/

It covers the policies and review process for the collection of data. We might want to consider adding this to our project guidelines.

Dan Lorenc

Thanks, Dan!

It is also on the agenda for tomorrow TOC call.

Best,

--

Dan Lopez

The Linux Foundation

+1 415.735.5881

dlopez@...

On Mon, Oct 21, 2019 at 4:38 PM Dan Lorenc via Lists.Cd.Foundation <dlorenc=google.com@...> wrote:

This was recently published: https://www.linuxfoundation.org/telemetry-data-policy/

It covers the policies and review process for the collection of data. We might want to consider adding this to our project guidelines.

Dan Lorenc

This was recently published: https://www.linuxfoundation.org/telemetry-data-policy/

It covers the policies and review process for the collection of data. We might want to consider adding this to our project guidelines.

Dan Lorenc

One more niggly PR filed to fix some language in the README for that repo: https://github.com/cdfoundation/cdf-landscape/pull/37

On Fri, Oct 4, 2019 at 12:15 PM Chris Aniszczyk <caniszczyk@...> wrote:

Issue Tracking SGTM

Also here is the link for folks who don't have it readily available:

https://github.com/cdfoundation/cdf-landscape#current-version

On Fri, Oct 4, 2019 at 1:42 PM TracyRagan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Chris Aniszczyk (@cra) | +1-512-961-6719

--

Tara Hernandez

Engineering Manager Google Cloud

Issue Tracking SGTM

Also here is the link for folks who don't have it readily available:

https://github.com/cdfoundation/cdf-landscape#current-version

On Fri, Oct 4, 2019 at 1:42 PM TracyRagan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Chris Aniszczyk (@cra) | +1-512-961-6719

Thank you Emma for taking the time to review the landscape. In terms of multiple logos, it should represent complete separate products.  Like IBM has a solution in ARA and a complete different product in testing. I'm not sure at this point if companies are going to be allowed to list in multiple places when they have multiple tools. I understand what you are saying, for example DeployHub could be listed in ARA and config. management, but we just have deployhub listed in our core focus area. I believe this is the intent of the landscape.  

More to come...

Tracy

On Fri, Oct 4, 2019 at 5:28 PM Emma Webb <emma@...> wrote:

Thanks for all your hard work here, Tracy and team. 

I noticed that we have a few vendors in multiple categories, which makes sense as different groups cover additional functionality. If we're allowing for single logos listed in multiple places, I would be interested to see the criteria - we could certainly put CircleCI in test automation, build automation, and image build, as well as both pipeline orchestration and CI. 

The logo stacking in pipeline orchestration also seems a bit inconsistent - is it possible to find a more neutral treatment for these? 

On Fri, Oct 4, 2019 at 4:19 PM Michael Neale <mneale@...> wrote:

I had 2 PRs open which were moving some things around I thought were important. There is another PR open for a new project I saw - would be good to address those if possible. 

On Sat, 5 Oct 2019 at 4:42 am, Tracy Ragan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Regards, 

Michael Neale

twitter: @michaelneale, skype: michael_d_neale

Cell: +61 423175597 (Australia)

Cofounder @ CloudBees

--

Emma Webb

CircleCI Marketing

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

I'm traveling in Tokyo and therefore I won't be able to make it to the TOC meeting tomorrow. I'm hoping Tara would be able to run the meeting for us.

--

Kohsuke Kawaguchi

I would like to add some clarification, while the end goal is to effectively get a code signing certificates, the "tricky" part is to have a "verified" account on one of the many provider that exist in order to get a certificate.

During that account creation they ask various information to verify that the person who create the account really belong to the organization and has the right to proceed.

I think we won't be able to create that account as long as the jenkins trademark is not fully transfered to the Linux Foundation

Olivier

---

gpg --keyserver keys.gnupg.net --recv-key 52210D3D

---

On Thu, Oct 3, 2019, at 6:06 AM, Chris Aniszczyk wrote:

Hey Tyler, I re-opened the issue to do some more investigation on our end, I need a bit more detail on the legal concerns, before we find a creative solution.

Almost all projects go the GPG route (or through some package registry) so this may be a new case.

On Wed, Oct 2, 2019 at 10:20 PM R. Tyler Croy <rtyler@...> wrote:

Greetings from ye olde Jenkins projecte! My colleague in the Jenkins infra

project Olivier (olblak) has been working on automating our releases and the

issue of signing those releases has been a sticking point. This is especially

challenging for the Mac and Windows packages we distribute, which must be

signed with a certificate from a certificate authority (think Verisign, etc).

Our Linux packages in contrast can be signed with a GPG key we can generate

and distribute ourselves.

This ticket was opened by cra@

(https://github.com/cdfoundation/foundation/issues/10) but I believe there was

some misunderstanding about the specifics about our requirements.

When we tried this ourselves perviously and a certificate authority would _not_

issue us a certificate because "Jenkins" itself was/is not itself a legal

entity. My assumption was that the CDF, as a legitimate legal entity would be

able to broker a valid certificate on our behalf and that could be shoved into

our Azure Key Vault for signing of our releases. As you can see in the ticket,

there's reluctance to do so at the moment.

I'm wondering if any other projects have found a way to sign packages requiring

valid certificates in a way that I might be missing here. For example, if we

just purchased a normal cert for jenkins.io (as an example), and used that as a

code signing certificate, I'm not sure if that works in the Mac/Windows

ecosystem or if a certificate authority would go for it.

If there's not an approach I am be missing, and Dan's comments on the ticket

are correct in that the CDF would not at this time be able to acquire the code

signing certificate, then one of our initial motivations for Jenkins to move in

the foundation direction will have failed, and I'm not entirely certain how

we'll work around it. :-/

Looking forward to some ideas from the smart folks runnin' around here :)

Toodles

--

GitHub:  https://github.com/rtyler

GPG Key ID: 0F2298A980EE31ACCA0A7825E5C92681BEF6CEA2

--

Chris Aniszczyk (@cra) | +1-512-961-6719

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

Hi Ravi, the CDF has its own version of that posted here: https://github.com/cdfoundation/toc/blob/master/PROJECT_LIFECYCLE.md

On Fri, Oct 4, 2019 at 12:36 PM Ravi Lachhman <ravi.lachhman@...> wrote:

Just out of curiosity, what is the criteria for "graduation"?

Following the CNCF criteria?

https://github.com/cncf/toc/blob/master/process/graduation_criteria.adoc

Cheers,

-Ravi

---

Ravi Lachhman | Evangelist

ravi.lachhman@... | @ravilach

+1-678-458-3898

On Fri, Oct 4, 2019 at 3:15 PM Chris Aniszczyk <caniszczyk@...> wrote:

Issue Tracking SGTM

Also here is the link for folks who don't have it readily available:

https://github.com/cdfoundation/cdf-landscape#current-version

On Fri, Oct 4, 2019 at 1:42 PM TracyRagan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Chris Aniszczyk (@cra) | +1-512-961-6719

--

Tara Hernandez

Engineering Manager Google Cloud

Just out of curiosity, what is the criteria for "graduation"?

Following the CNCF criteria?

https://github.com/cncf/toc/blob/master/process/graduation_criteria.adoc

Cheers,

-Ravi

---

Ravi Lachhman | Evangelist

ravi.lachhman@... | @ravilach

+1-678-458-3898

On Fri, Oct 4, 2019 at 3:15 PM Chris Aniszczyk <caniszczyk@...> wrote:

Issue Tracking SGTM

Also here is the link for folks who don't have it readily available:

https://github.com/cdfoundation/cdf-landscape#current-version

On Fri, Oct 4, 2019 at 1:42 PM TracyRagan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Chris Aniszczyk (@cra) | +1-512-961-6719

Issue Tracking SGTM

Also here is the link for folks who don't have it readily available:

https://github.com/cdfoundation/cdf-landscape#current-version

On Fri, Oct 4, 2019 at 1:42 PM TracyRagan <tracy@...> wrote:

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices

--

Chris Aniszczyk (@cra) | +1-512-961-6719

Hello distinguished TOC members.

Please let me know if you have any issues with the landscape.  We would love to get it out, start blogging about it, tweeting etc.   If the categories work we will publish it so organizations can start adding their logos. 

One last thought - Do you think we should add an Issue Tracking category? 

--

Kind Regards,

Tracy Ragan

CEO and Co-Founder / DeployHub / tel: + 1.505.424.6440/ mob: +1.505.780.0558

Continuous Delivery Foundation Board Member

Follow us on: Blog / Twitter / Facebook / LinkedIn / YouTube / GitHub

Where developers share and find microservices