Supply Chain Security Con process

Tracy Miranda <tmiranda@...>


As a follow up to today's TOC meeting discussion around Supply Chain Security Con (SCSC) I want to share more around the process behind this event. The SCSC was run through the same processes as all the other day-0 events for kubecon. Event themes/topics are approved by CNCF leadership with a typical requirement that 2 or more different organizations agree to be key sponsors (i.e cover cost of hosting event) of a relevant topic or theme. This was the same process open to all and for all events including GitOpsCon, eBPF and the many other colos. SCSC had 3 companies step up to be main sponsors (Google, Anchore and Red Hat) + 3 additional sponsors. SCSC was unique in that CDF was a co-host alongside CNCF. 

Each colo had a dedicated program committee to set the program, with support from CNCF staff. The PC for SCSC included Dan Lorenc (then at Google), John Kjell (Vmware), Kate Stewart(LF), David Wheeler (LF), myself (CDF) and Chris Aniszczyk (CNCF). Program committee members typically were subject matter experts from the community e.g. cncf sigs or relevant projects plus a couple of folks from LF leadership (myself included). 

Each colo managed their own program. SCSC did not put out a general call-for-papers but did provide opportunities for submissions through the CNCF and CDF communities. A number of CDF community members were invited to submit talks. A number of CDF community members did submit talks and some had their talks accepted and some were not accepted. Emily Ruf of LF helped with the process around talk selection. The process was informal and I appreciate not always communicated strongly across the short time frame in the summer. We appreciate the feedback around this and always aim to continuously improve. Regarding the program I was personally involved with reviewing the program to ensure a good mix of topics, speakers, companies and diversity.

I hope this helps shed some light around the processes leading upto the event. Please let me know if there are any questions/comments.