 Hello, hello everyone today we're going to do a little speed round of Kubernetes project updates. So I am Stephen Augustus head of open source at Cisco and one of the co-chairs for a few things in the project. So first off I want to start with the code of conduct committee one of my favorite governance groups and talk about some of the things that they've been working on over the past year. So first off the transparency report. Transparency report is an effort that was happening between both the code of conduct committee as well as the steering committee. So project transparency report is a critical evidence point for this large community members to understand the presence of the code of conduct is not simply a token or something hollow but rather representation of the project's culture and active accountability and restoration to ensure a safe space for all to collaborate in the project right so super super important. What this means for the end users of the project is that is that their supply chain right and so this is not just this is not just the software this is not just the people but the supply chain dependency on Kubernetes is a dependency on a project with the foundational governance aspects which foster project health and sustainability this decreases their business risk uh in depending on this project. So second read the code of conduct internalize it if you see behavior which is contrary to the code of conduct speak up this might be directly in the moment that lead that feels safe to you uh to the the uh the special interest group working group leads in the area to your to your steering committee representatives or privately through the code at kubernetes.io email address as with technical debt driven bugs in software engineering the hardest conduct issues aren't typically ones where something was done deliberately wrong but rather ones where we together allowed a situation to grow into something larger uh so we want to we want to shift left we're hearing a lot about shifting left right we want to shift left we want to start these conversations earlier uh before what might be just a simple miscommunication grows into a negative pattern or establishes uh unprofessional culture um so this year we also want to thank uh tasha and ava who are now emeritus code of conduct members and I also like to uh welcome Valerie and nabaroon to the code of conduct committee uh so steering committee next up uh so also the transparency report seriously go read that we also had annual reports for all of the all of the governance groups within uh the kubernetes community we started off with uh kind of trial running the annual reports with working groups and now we've kind of extended that to all of the governance groups within the community so if you want to see what your favorite groups have been up to um and haven't had a chance to do that yet uh the annual reports are in the kubernetes.io um excuse me github. uh github.com slash uh kubernetes slash community um the steering committee election is imminent as in uh so a reminder for anyone who is a candidate for the steering committee um your bios are due today uh so if you have not seen that notice please submit your bios today I believe the elections will be opening up um I will will be starting uh more of the preparations next week um and finally there is a governance board uh proposal that's uh if you were part of the uh sig leads or working group leads and so on and so forth um you may have heard from paris so please talk to your leads um and talk to paris about uh things that you'd like to see in the community because those will be presented to the cncf governing board all right so I'm gonna go a little faster now because I see I see I've got the uh the jack bauer uh 24 situation going uh so see so sig security uh sig security is one of our newer sigs uh sig security has a few sub projects that you should definitely check out we've got docs tooling audit uh coming out of uh docs we've got so sig security works to improve the security of the kubernetes project and the ecosystem as a whole by building bridges both internally and externally we're providing space for community collaboration knowledge sharing and learning and raising security awareness uh the horizontal initiatives include cross cutting documentation tooling development and facilitation of regular third party security audits so if you've seen some of the security audits happening in the past in kubernetes we're going to keep that trained rolling uh now sig security is a community effort it's driven by the people who show up and do the work this is this is big and open source show up do the work someone will give you the hat um the sub projects have started with interested community members and kind of like moved into uh a great opportunity to see a lot of um a lot of uh again interested community members step up to be leaders um so this is a really great opportunity to uh to get involved in the community so again docs tooling audit we've got hardening guides one of the the coolest collaborations that uh we've seen in the community so far is the the deprecation of pod security policies and the uh and the rise of the pod security admission which is a collaboration between sig security and sig off sig release it's uh near and dear to my heart but i again i'm in this feed round so um a vision a roadmap so sig security now has uh excuse me sig sig release now has a roadmap a vision of what we'd like to see happening in the project as it relates to as it relates to delivering kubernetes to all of you fine folks we've got more release managers than ever before we've got new release manager associates we've got artifact promotion artifact promotion is fun you should all want to do it if you've if you've gotten uh if you've had an opportunity to work on uh image promotion for any one of your sub projects within the community you can also now do that with uh with files artifacts dot kates dot a is new um and we're still kind of trialing it out but if you're interested um please talk to sig release and we will help you get started with uh pushing you know your tar balls your all of your fun artifacts into uh into a uh a location that is safe and uh secure um and then finally we're securing that supply chain delicious delicious salsa so we've had a lot of chats about like software supply chain security throughout this conference and we're going to continue to hear it um this is a pivotal moment and i'm not going to go into uh i'm not going to go into some of the spills that you've already heard but we are trying to lead the pack uh by by working through and working kind of across uh working across the spdx communities working with folks who deliver software bill of materials we're working with folks who um work on provenance and attestation and all of these fun software supply chain security buzzwords that you're hearing right now finally the um with salsa so these um this framework allows us to kind of see what we're doing where our artifacts are going who has control of them what build systems are running it that is we're we're going to be partnering directly with the salsa community and open ssf to build out this framework over time so stay tuned for that and please if you have this kind of focus help come to sick release get involved sick storage sick storage is responsible for ensuring that different types of file and block storage whether it's ephemeral or persistent local or remote it's available wherever and whenever a container needs it right so one of the big things that happened uh this uh previous cycle 122 csi windows moves to ga so if you want to check out the article it's right there up on the screen give you a second to take a picture um and they are always looking for new contributors and i think that you can kind of echo that across the entire community we're always looking for new contributors working group api expression now working group api expression is involved in improving the mechanisms to server uh open api from kubernetes api servers and api is offering and expressiveness to allow apis properly and programmatically describe their mechanisms so server side apply has been something that has been has uh has been in the works for quite some time now and it goes to ga in 122 or it went to ga in 122 um the the ga milestone means you can actually depend on this feature and and its api without the fear of uh you know future backwards and compatible designs so please go check out server side apply uh working group naming we dissolved working group naming we spun it up and we spun it down if you are because we did what we came to do um when we initially started this group the idea was to create framework and a process for the kubernetes community to change language that is not inclusive um what that gave rise to was the inclusive naming initiative of which myself and celeste horgan are co-founders um because we will be spending more time in the inclusive naming initiative uh we'd like you to join us inclusive naming initiative um and specifically the community the community work stream which focuses on uh delivering these changes to uh to open source communities um as well as it it offers the same function as say a sig contributor experience or tag contributor strategy on the cncf level working group kate's infra strike group sig kubernetes infrastructure they this is one of the first times in the community that we've seen a working group uh this is the first time in the community that we've seen a working group transform itself into a sig uh a few years ago um we set off on a journey to convert all of the infrastructure that were was currently google owned into kubernetes community owned to give the keys of that castle to the community so here we are this is this is the proof point it's so important that it needs to be a sig uh working groups in the kubernetes community um governance wise if you're not familiar working groups are meant to be time bounded efforts now it's we're not necessarily going to tell you how long it's going to take for them to necessarily spin down but we've said that this is so important to us so this community that it needs to be a sig it needs to be long-standing so congrats to all of the leads uh of uh both the chairs and the technical leads of uh working group uh working group kate's infra for driving that forward for the community and all of the contributors involved there the product security committee is now the security response committee um kubernetes is a project not a product right so this is just a little uh name change uh to reflect that work thank you to all of the people who are on the security response committee who protect this community there are there is an on-call rotation there is lots of lots of work that happens in the background to make this community safe so thank you to the product that's a excuse me security response committee um and sig docs can has helped um one higher technical writers sig docs is currently um we're in a place where we want more contributors to sig docs this is uh an awesome opportunity to get involved in the community and this is often uh of many people's entry point to the community this is actually where i started in the community sig docs and sig azure so please if you are interested in getting started in this community come to sig docs and hire technical writers and send them to the communities that you're working in honk and finally uh a general join us we are always looking for new contributors we're always looking for people to get involved there are a few links that i will give you a chance to snapshot but git.kates.io which is kind of our github short name slash community we'll take you to our community repo and you will have a full rundown of all of the the various governance groups and how to get involved kates.dev is our contributor focused website and then kubernetes.io is kind of that ingress point for production level of documentation around the community owned by sig docs uh i think that's it yeah i think that's it thank you