 Yeah Hello, my name is Lee and I'm a co-chair of seek app delivery. So I think it's a time for us to start the seek app delivery of CNCF Meeting this time. So we do have some agendas in today's meeting notes I actually noticed they are several topics one discussion. So the first one about the helm graduation And the oh, I will try to share my screen. Just a one minute If you'd like since I was talking about the graduation, I can actually Bring up the stuff that I've started to work on based on this process. Yeah, just go ahead man All right, if you stop sharing you'll have to stop for me to share. Okay All right, here we go Okay So we wanted to talk about the helm graduation process because we wanted to go through it in the near term here um And one of the things that they ask is in doing everything to have a conversation in the SIG about it once your meeting is scheduled And they're actually targeting the meeting on march 17th to talk about helm and some other projects possibly if we're ready to go by then And so since they're looking at that day I figured we'd talk about it in the SIG Um, and so I've got the I haven't submitted the poll request yet I'm actually putting it together based on that uh existing document along with the due diligence and architecture docs They're not quite done. Um, but I can walk through those Uh, so people can help understand would that help? Yeah, that makes it Um, the first section was have committers from two organizations And I outlined that we actually have committers from more than two organizations So for the primary project the helm cli we have maintainers committers from seven different organizations Um, and we also have that many for the overall governance We have an org maintainers who are sort of like the kubernetes steering committee We also have maintainers from seven different organizations for that that um span multiple countries and continents and that kind of thing The next one is Achieved the and maintained a core infrastructure best practices badge We're actually one step away from hitting silver And that's the security assurance documentation and the poll request is up for that. It's a 20 page white paper that follows the security assurances and documents the architecture for that It's kind of nice that we have Matt butcher Who wrote that he has a phd in philosophy Which means you know how to argue and so he wrote that up and there's just a couple of minor pieces of feedback to it Just just tweaked and some details to add Um, but otherwise it looks good and we'll probably have that done by the end of this week So not only do we have the best practices, but it looks like before we get before the uh toc will also have um the silver patch Um the independent um The security audit that happened uh end of last year Here you can read a snippet from the conclusion. This is just a copied snippet from them and cure 53's take on it This is who uh one of the companies that the cncf has hired to do security audits And that's who they chose in this particular instance Um, once you've read it I can move on but this was their take Yeah Okay, uh the next is the governance We've had a documented governance and been using it for I think since august september of 2018 Um, and we have the teams documented So we have more than one team and the teams are documented who they are and where they're at Ah, uh, there's a question here of is there a level badge stated for graduation And the level stated for graduation is just to achieve the security best or the best practices badge Which we have long done going silver as far beyond it Um, the security audit was for helm 3 Which does not have tiller in it Okay Um in the adopter section, we didn't have an adopter's file So we recently added one and we're only organizations that are okay having their name put on it Um, I've started to add their names the helm website also has a number of companies names on it Who have given their okay to have their branding on it? So there's a handful of companies we have listed here Then the helm hub has over 150 people in organizations who've listed their helm repositories and that's a sign that they use it So that's been noted here Helm has also been downloaded more than a million times in a month We've tracked that So we have the ability to track a certain amount of those details now So we've tracked that and so we know there's a lot of usage of helm Then there is the link to the due diligence document since helm came in before the current due diligence here I linked to the incubating proposal that was merged In the due diligence, I do start to touch on The things that have changed for incubation, but I wanted to link to the original incubating proposal in this And there are currently no outstanding concerns or recommendations that helm needs to tackle So this is following that format that michelle put together Are there any questions about this before I move into the due diligence document? So I have a question I actually noticed a discussion about the due diligence documentation in the helm graduation for requests So I think matt butcher is mentioning that and also michelle also commented that the due diligence is not needed for a graduation process In Where is her poll request again? Yeah, it's I think it was One of the things that was there because I have been talking with her. Let me Yeah, so It seems that we don't need to have a due diligence. It's pretty new. It's like 20 hours ago. It's common. So Okay, so one of the things it says is the link to the incubation due diligence document And so I'll I'll go check but This is where it's confusing of what exactly we need to provide because All existing incubation projects never provided the current due diligence Because they all came in before the process existed a link to the incubation due diligence Doesn't provide you with the due diligence and the past projects that have gone through all of this Like the test was the last one I think to went in they provided this form of due diligence And so it's confusing whether or not it needs to be provided But I am attempting to fill that in just in case Because I'm not entirely sure Yeah, personally, I'm not very sure about that part. So um from my understanding is that Due diligence is only needed for a project if they want to go to the incubation level. So um, I think I don't know if Katie is here. We may want to discuss about About this issue with TOC. So what is the expecting delivery or documentation Helm team need to provide for the new Graduation process as long as we have sick because before that we do not have sick I don't think it's very clear for me and we may want to bring this issue I will expect that no due diligence documentation needed at least maybe Some something new maybe some other template to fail But should not be the due diligence. We should actually use the for incubate incubating Okay, well, I'll have it anyway just in case Because there are a lot of details in there that I'll probably call out in the presentation to the TOC Especially since I know that a number of the TOC members are new And so there's certain things that are outlined in there that people probably don't know Um, I wouldn't expect them to know quite frankly like the history of health I bet you most people have no idea how and why Helm even came to be That spurred it and and what happened. And so some of that context is probably going to be useful In understanding what it is why it's why it's there. And so I'll share a bit of that But I'm partly done with the stuff and I will verify Michelle has been doing this process. So I will double check with her on whether the due diligence does need to be filled out Yes, uh, this is KG here. So I completely agree. There is definitely actually yesterday during the public TOC meeting Michelle proposed a revised version for graduation And this I'm still going through that at the moment. So at the moment, I don't have the full details of how we Go about it, but leave that with me and I'll come back to you. That's okay Okay Thank you So I do have a somewhat filled out due diligence. Um It provides the background the technical due diligence. It links to governance stocks Repositories it specifies out That Helm, you know follows the CNCF guidance In fact, Helm was originally part of kubernetes before it was part of the CNCF And so Helm came into the CNCF with kubernetes As a sub project and so we've been part of the CNCF since the beginning Having to follow the rules and guidelines and all of those things But it file it just kind of spells out just the details of where things are at things like the security audit Where it's useful how it meets graduation criteria. I'm getting into the the architecture But it's filling out all of those little things. We've already dotted the eyes and crossed the T's with licenses So a lot of this is due diligence that was done before but it exists now And for what it's worth, there's a lot of uh duplicate spots in this information Um, and this just reminded me. I was talking to michelle yesterday We are we are in slack and I asked her about in going for the graduation and filling out the due diligence What do I do about the duplication? She said once it's been answered once You can just delete the future spots where it answers the second question Which leads me to think that the due diligence is actually due because she didn't tell me no for graduation You don't need to have the due diligence I see So yes, it is confusing. Um, I'll share the links to all of this. Um Here I'll share it in here and then I'll put it into the doc. I'll have the poll request up later today Since it's a markdown template I used hack md So I can just work in it here and then copy that over to a poll request without having to work on it Um, or or do anything to it Um, but that's the the current so the due diligence we have the the basic So it's the project self governing. Yes, um, code of conduct We've always followed the cncf code of conduct since there has been one high velocity. Um We we talk about the high velocity and the number of projects here Oh, uh, that are high quality here. We list some organizations later on where it asks for more organizations I give more use cases, but there's large organizations like ibm samsung microsoft Um, vm were bit nami cern. I've linked to some of the public presentations on it. We've already got that We've gone to do we follow the principles? We've actually always followed the cncf principles Um, I'm not I'm not sure how to address it in the original incubation Document we actually have a statement about following the principles Um, do we have a fundamentally sound design? We've obviously been through the security audit We have the security assurance case which actually walks through the design and the security assurances So there are no fundamental problems there that we know of We talk about the scope how it's useful Helm is a package manager. We're not trying to be every deployment tool out there Something like we've worked our flux. That's now a cncf project Can use helm because they have the flux operator for helm As a building block. We're not trying to jump into scope outside of that And part of the document I talk about what's in scope and what's out of scope Helm's a package manager We're not going to try and do everything else if it's going to be something else It may use helm and be packaged on top of it, but we're not going to get into those other areas of scope That is really cool. That is really cool. That is what I actually talked with helm community before to make the message Cleaner, I think it's much better now One quick question is uh, what is the relationship with helm operator with Under the helm itself. So what are the other different scenarios or they're trying to solve different questions and different problems So so helm and in the architecture doc. I've talked about this is currently built The application's got two main parts to it. There's a package directory that provides a semverse stable go API Uh to do the features of helm and then there is the application that implements that so you can use it as a CLI application Helm is a package manager like apt and yum and homebrew and that so you can install things into your kubernetes cluster But there's lots of people who don't use that push model, right? For example, git ops is a pull model where you're running an operator in the cluster. It detects changes and it pulls in It's kind of like the difference between traditional ansible and chef, right? One's more push one's more pull in the traditional sense although there are ways to use ansible in the pull Um, and so you might use something like git ops to do that pull model based on configuration somewhere and you can use helm in that and so The operator that flux uses is just built on top of helm They've used helm as a building block in order to use the packages pull them in install them and update them Just like chef might use apt packages to install and update things. It's a dependency they use So our relationship is in that way We built a dependency We've taken feedback from them on features and things like that because other tools want to build on top of helm Version three made a lot of improvements to the go api in order to try to make Those use cases better and more clear and easier to implement in importing tools We worked on that as part of helm three But that's kind of our relationship there is we want to enable them to build things on top of it We're not getting into their scope. I see. Yeah. Thank you Okay So, uh, we document how it's useful Yes, we understand how the cncf operates Um, I I documented four use cases bit nami Uh, Katie, you remember you gave your presentation at kubecon. So I linked to that CERN Um, one of the more interesting ones that I've always found is actually open stack If if folks don't know for a long time There have been people such as AT&T Folks at ATT who deploy open stack into kubernetes using helm Which is the most complicated deployment of an application into kubernetes that i'm aware of and that's I used to work on open stack years and years and years ago So i'm familiar with its complexity And it's actually turned now over time that the tools they've built around it is now the latest is airship Which is an official project of the open stack foundation Which can be used to do all kinds of of deployments and things like that for applications But they use that to install open stack on top of kubernetes using helm It fascinates me because of the complexity Open stack actually has cases where one thing has to be installed come up and be functional before the next thing is installed Which of course you can't do in a declarative model unless you've got operators and things like that But they've long done tooling around this Even before crds and custom controllers were an option It's a fascinating use case if you've never dug into it um Then we get into a healthy number of committers Yes, across all of our sub projects. We have 28 people who have from 16 different companies and organizations And 13 different people from seven companies who can target the helm cli specifically as far as maintainers go If you go to do we have growth according to the cncf dashboard, which i linked here There's only two cncf projects that have more commits in the past year And that's g rpc with all of the parts of that and kubernetes itself No other cncf projects have more commits contributions to it. So we are able to maintain and handle this high velocity This is all the basic things like the organization and and things like that our release methodology It is documented. We have a documented release methodology for the cli fellow semantic versioning In here I talk about uh for major and minor releases. We use release branches that have released candidates And then any patch releases we cherry pick fixes on for those patch releases We also do provide a hash a shot 256 hash of every stable release and their uh pgp signed And the keys are provided in the release notes. The fingerprint is so, you know, who it is and the fingerprint So people who do want to verify have that capability and we know there are people who download and verify The pgp signed releases and all of this is documented in our process I haven't finished the community size and existing sponsorship section. I started to type it then I got into the technical which deals with the architecture Here we I talk about what can be accomplished to The architecture document covered kind of what we were just talking about It's not done yet though What can be accomplished? It's a package manager nothing more nothing less With reasonable effort you can get the pull model like we were talking about and flux provides some of those things Um, what's kind of in scope in the current roadmap is dealing with oci registries So helm has its own repositories right now To pass charts around and to share them But one of the things the oci is working on the open container initiative is storing other artifacts besides container images in the registries and they have a it's Helm along with a handful of other projects are working with them to figure out how that works It's experimental in fact you have to in helm itself. You have to enable experimental features to use this right now That's because the oci isn't ready to do more. We've kind of been pushing the bleeding edge with them and trying to push them along But we're not there yet And eventually we'd like to use notary and the other signing capabilities for the oci registries in order to do our security and validation But it's not there yet just because the oci isn't there, but that's in scope. That's in the roadmap It's not implemented, but we're working with the oci to get there and it's all around that core feature of package management And of course out of scope is anything beyond package management Most of the rest of this I have not filled out yet. Are there any other questions? now, I think uh, we can kind of stop The helm topic here is a lot of information And I think we already we also have some other topics for that right So, um, please ensure that stand up all the documentations and materials to the mailing list So everybody can see that and we can begin to working on the process and of course we will talk the toc about okay What's the formal process to handle this? This this this uh graduation, right? And I think they're targeting their next meeting on the 17th for graduation proposals And if I remember right that are currently three outstanding graduation proposals helm included that that they'd like to review And so the goal is in their next meeting on the 17th to start reviewing them Unless there's some reason not to review this or some piece of information that needs to be filled in So please let us know and I'll try to get this information up tomorrow sometime I expect it'll take me to tomorrow to finish filling it all out with everything else I gotta do and at that time I'll have it on the mailing list for you. Sure All right, thank you Yeah, thank you very much. Okay. So let's go to the next topic now We want to discuss about the intention of submitting litmus project I don't know if litmus projects people here. I think it's about litmus chaos, right? Litmus chaos. Yes. Hi Good morning. This is umma from my data one of the co-maintenors of the project. Yes, you know, we go The name is uh litmus and litmus chaos Now we go by two names. So we presented this project to this group more than two months ago because we went to chris a and said the chaos engineering is formally and all seen by ab delivery sake and since then we made a lot of improvements to the project and the project itself is 1.1 release which means the g a and it's used in production Or in usage by more than 10 organization It's been a long intention that We will submit this to cncf and are starting with the sandbox Even when cncf started to separate our group called chaos engineering Now that we achieved 1.0 and there are many organizations using it we Think it's in used by more than 10 enterprises which are using litmus it needs more Governance open governance by cncf so that the community can grow and we already have contributors more than 50 contributors and Good number of get-ups to us. We believe I think it's in a good shape We've given the community interactions that are happening Uh, I had been involved in submitting one another project to sandbox which was open ebs but the process were Old at that time. I believe that a lot of processes were upgraded Uh now and cncf uh for any of the projects to go into either sandbox or incubation or graduation. I just saw i'm at Going through a very detailed Workup for a health graduation. So I just thought I'll take few minutes here and listen to uh, you on what is the process and There are multiple things like submitting a pull request to too see versus presenting it in here Uh, and then finding sponsors who will help me find sponsors all that Um, so with that, uh, any guidance from uh from you? Yes, yes, we do have now. Uh, we have a very, um Real defied process. I will send it in the uh in the chat box Just a few seconds okay So I just send a link in the uh in the In the chat box and you can check that part and also we'll share screens to talk a little bit about that It's really important. Uh, so the new process is like Okay, you need to send a pull request to the uh since too see uh detailed rebuild and uh The difference from the previous previous process is that you can if you check the process, you'll see that So for example, you are doing the sandbox right a sandbox actually is considered as a low bar and low barrier and project donation That also means uh, you need to You know try to present your project into a thing. I know I think um Your project actually presented it before but I think it's quite a long time ago. So I will suggest Uh, folks prepare another presentation in case there are some you know change and also to remind people about the the features of your project So I think you you will need to prepare another presentation and after the presentation the signal working on the so-called recommendation About the project and send the recommendation in a four more documentation Which is normally a template of due diligence documentation choose to too see and then too see will say Okay, I am interested in the project. I want to sponsor and then you can move me move forward if there are three too see and actually This meets the requirement for a sandbox project. So I think it's quite straightforward. You can fill out the Yeah, yeah, great. No, thanks for this. This is very detailed and helpful Thank you. I think I'll start with the poll request and then I'll just follow the process from there. Thank you very much one one thing I to make I want to mention is that a A chaos engineering project may actually involve multiple six It's a maybe possible. So you should be prepared for maybe for the need for multiple six Okay Awesome, and and then who will recommend which other SIG I need to present apart from Yeah, so normally the too see will recommend this part in the issue After you send send out an issue on too see could have ripple All right. Thank you. Amen So I have a question as part of the process isn't the too see or or when in the um Triage step to choose a SIG that this goes before so that way somebody doesn't have to go to all kinds of SIGs Isn't part of the triage process to assign this to a specific SIG It's also be possible. I could that actually I think it was depending on The plan or the strategy of the too see if they are already began to or think or think about working on such a SIG I think that should be possible, but I have no information about that for now It it can we get some guidance on this? I mean kudo. I mean obviously like kudo and operator framework are very late into this process and um, you know, I think we've had a lot of experience in getting this You know bounced around between the too see And SIGs and we obviously don't want other projects to go through this as well Um, so can we like I would like to get some guidance on the too see on this of like is the expectation that the SIG SIG requests are up front or is it an ongoing thing that that may bounce back and forth? Um before it comes to a vote and and just kind of like solidify that process um because It's it's it's one thing to be prepared if it's another thing to do Six months of being prepared and having to represent and And again go through it over and over and over again. That's one to that I'll say as i'm going through this graduation stuff It has been a significant amount of work on my part to do and relearn and to ask questions and to figure it out and To ask everybody to go through this with all of the churn and changes Is a significant amount of work to put on people who are proposing projects or going through steps And it's paperwork long form paperwork that just takes a lot of time to do um And so that's problematic for everybody who's got to do this and spend lots of hours on it That's just a real problem for everyone So I think we are actually mixing a lot of quite different problems here So I believe for incubation and the graduation process You should expect that it may be not a very short term because you know the criteria is quite I mean the bar is quite high for Both incubation and even higher for graduation that is required for and I also cleared a very claim to clearly on the CNCF TOC documentation So that will be one case and for the other case is for sandbox project process I will expect it not be too long because it's considered a low barrier I think kudu and some other project experience before is mainly because this process actually does not exist Or there's no clear definition about what is the process for sandbox project when there is sick because sick is actually new thing So I will I will expect that the rest of the project As long as we have this process will Don't have to suffer from a very long process for a sandbox In combination that would be my point of view. I don't know if it allows or I have others other things Yeah, that that makes sense. I was specifically talking about limits as a Another sandbox process project coming in And and and shoring of that process and multiple six there because I I worry I worry, I guess with the low barrier to entry that that we're adding levels with Now potentially multiple six and so I would just ask for like like like What's the what's Like is the original guidance that litmus comes to cigarette delivery. Was that all inclusive or Should litmus expect that the toc might continue them through Multiple stages of this process given that sandbox is supposed to be this early stage experimentation I mean, that's a question for the toc and not not answerable here I think the answer here is just to make this short. I think a couple of statements here the reason why for Especially our ago and the operator frame of this process was Understandably painful was because that was during that phase where obviously as the growth of the cnc After these approaches had to be defined. So it should not be that hard I think a certain level of information, especially to the second the toc is required to understand Approximity has to be made kind of like simple For them to consume it. I think it's also in the interest by having access to this cnc If ecosystem to you to invest some of that time on the sick assignment Usually there's one sick. That's the primary sick that's reviewing a project that gets assigned to it in some cases a sick might say while there are specific aspects where we want to have a second opinion on the project But and generally for sandbox Projects to to the litmus question. This should be pretty straightforward But keep in mind that we as the sick make their recommendation and prepare things to be consumed By the toc, but we don't take the decision for the toc Yes No, that that's clearly understood and this process itself is more clearly defined so most likely TLC will recommend to come back to this second only because Yeah, that's what was recommended by Chris. He is most likely that does not change This is helpful. I will go through that process You know pretty straightforward My my only other question is uh, so we're working through the the due diligence for kudo right now Is is litmus getting the? Uh, do they already have their due diligence form or should they expect to receive it? Like what's what's what should they expect next from say gap delivery? Um, I don't have any due diligence form I mean just I'm going through this process. It says first pull a send out a pull request and uh go through the triage process Where they will ask you to go and pick a particular sake and present it then Uh, that's where I'm going to come back here right at that time Uh, the due diligence form from this sake Will be filled out and then uh, I take it from there. Is that a good understanding? Yeah, so Can I ask a question here just just to kind of fill in on the process here? So in the last meeting kudo presented here, they were triage. They were sent over to this sake They presented and so the next step was to do diligence and things out of this sake Do we know who owns doing that work from this sake in order to present to the toc for kudo? Because we've kind of got the steps along and now we're kind of the due diligence of talking about it I was given the form and from brian and and so i've been working with him on that to return that back I don't know the most of you want to add any color to that This actually goes to a great question of who is supposed to fill out that form Who's responsibility? I've noticed the project's doing it but from what I can tell it's actually supposed to be the SIGs doing it so i'm filling it out for helm because I know other people don't have the context But the context that I got was it was the project or the SIGs are supposed to fill it out And so I think who owns something and is supposed to do it is not communicated clearly Matt actually it is communicated uh to all the projects when we work with them and uh The SIG is doing the review about all this information. It's not the SIG chairs going out and collecting all this information But we did in the past we had people fill it out if they have questions We worked with when we engaged in specific sessions Looking at that content working with them But I mean Quite quite frankly, we are also doing this on top of our additional work and for a certain load of project We can fill everything out What we are providing is actually the guidance so that that everything is prepared so that you see Can take it over but we won't be filling out all these forms and collecting all this information That's not going to happen okay, uh So in the documents it actually says the the sandbox sponsor Is the natural candidate for driving the due diligence And this is what it says in the process itself. I mean that I think there's there's a couple of things here and some things that should be Honestly discussed in the second some things that actually are not part of the SIG So if you honestly if you have problems with the overall Process and if if you don't like it, I think that's a fair statement to make but Either one people could choose it here No The way that the things were changed recently was that first it would be a recommendation from the Um from the SIG where the project fits in there and then the tuc sponsors are picked in some cases people might have sponsors up front I I guess what I'm saying here is the documentation In the process today Says it's driven by your Toc sponsor So if you approach this project and you say oh, I've got to do my due diligence Right and you go to the process documentation is supposed to say my to c sponsors supposed to do it And then in this meeting we're saying well We can you know the SIG oversees it and the projects are supposed to fill it out Because they didn't you know to have all that information that's different than the documentation And so I'm saying the what's happening in action doesn't match the documented process Which means that needs to be reconciled Otherwise it's confusion where the documentation the expectations of people showing up And haven't been through this and trying to navigate this doesn't match reality doesn't match documentation I I will add from that reality. We we got sent over to SIG app delivery We don't have an explicit to c sponsor right so so like so I agree like the racy here's like like who's responsible accountable like all that's like a little bit unclear of of like Who I even who I would expect to be bothering about these things from a document agreeing with Matt from the documentation perspective. It's not like for me It's like not liking the process. It's more like like who is responsible for what in this entire thing and I guess I would just I would just ask from my perspective like what was some guidance on that I'm filling out the four as if you know from what I've been told but um Like I I I I agree there if there's something I'm doing wrong I want to know it now not when I come to not when I get that form back and Uh, we submit back and and we start this all over again I just I want to build like a clear engine right from from us getting into sandbox and Sandbox all the way to graduation And it just it wastes all of our time if we don't have that That that clarity like it wastes your time, right? Oh, it's like Harry like I don't want to do that either Trust me what we have learned in this process. We have provided this feedback to The tuc that's also why we now come up with together with the other six with this new documentation So we push forward in the best interest of the projects here. You can at least be sure that no work is done in vain Uh for the process like with the due diligence document. That's now a document that has been agreed amongst the sick and also with the with the tuc Based on our work and we are all working to improve the process So if you're in doubt whether you should do something it's the easiest to ask us because either we as the Sick chairs can answer it directly or we work directly with the tuc leaders on to do this What has worked by now is we that usually the tuc says As Harry pointed out in this process like the overall yes, we want to have a look at it Or we don't want to look at it assigns it to the sick sick does the review What do we hand back that due diligence document that we now agreed on for? um incubation stage usually also the The video presentation that's why it is in the interest of the project to harry's point earlier if Things that used to take a bit longer than they should be taking in the very beginning Your project has involved in the meantime see this as an opportunity to present A more updated version than the one which you have already done And I understand the frustration here. Don't uh, don't don't get me wrong. I'm in a submission process myself um that has been going on for a while. Um We are bringing it at these topics back also especially the topics that you brought up Matt um, and if you work on a submission, um Just talk to us and we will guide you through the process We won't request anything where we're not 100 percent sure that it is Required and part of this process all right, thanks carrot for those The helpful tips and everyone so I think I'm clear now I'll go ahead with the process just a process and hopefully with the experience of the recent process it should be easier. Thank you Just be assured we understand the frustration here and we're trying to work on this. So we we're all on the same team here Thank you Yeah, and like I'm not I'm not necessarily frustrated like I've got plenty of other things to be frustrated about But like like I just want to make sure that like like we help build and learn from those who are coming, you know, like those who've come before and those who come after and And and and make sure that like We clarify these things right like of course like this whole things that's still in the very much of storming phase, right? We're all figuring out this out and um And there's bound to be holes and gaps and I'm not like Decrying the process. I just in some cases do feel like I'm not sure the uh And this is this is from getting bounced around right like so so I'm not sure the right person to or the who's who's responsible or accountable or like who I should uh Be reaching out to throughout this process and I want to make sure that that umma has the the opportunity that project has the opportunity to um learn from Uh, how kudo and sigap delivery the to see I'll learn together right that that's that's my perspective on that Great. Thanks. Uh, good and I'll I'll keep all of us in loop. If uh, there's any difficulty I'm sure I'm going to get a lot of help from All of you here. Thanks Okay, so I think we can move to the next topic which is about the uh world own operator framework incubation post Postpone to due to cncf hub. I actually don't know anything about cncf hub That makes two of us hurry So I just brought that up here. So, um, very much related to the previous discussion of incubation Riddles, um So yesterday, um, there was uh supposed to be the vote on the toc of operator framework being incubated in cncf And I understand it was actually postponed due to uh questions raised on uh, the nature of operator hub um being very tightly coupled to our framework components and also due to the fact that there is a cncf hub project going on which I think here, but it's private So you you can't see it that somehow Overlaps with this. So I was wondering if any Any of you in those call know what this is about and like also what's what's holding up, uh, the vote Yeah, so so so my recommendation there is Honestly would have to reach out to the toc. So we have done the recommend, um, the due diligence document This was a call that the toc made and honestly we can I really The only way we can help you is if we push back to this, uh, uh push it back to the toc I think it will be really best on from your end to bring it up directly to the toc Yeah, that makes sense. I think one of the things they brought up was that, um, operator hub is sort of tightly geared towards all m's packaging um, which we've already discussed in this six, um Presentation and review that this would obviously change right and we were looking to collaborate with the community at large To actually do that which is kind of the next agenda point So I was just surprised that this came up again because we already like, you know Checked it off and and this thing and I thought it was it then like the uh, the guidance from this thing as well That yes, this is like a thing today, but it's going to change the future So I I did have maybe some uh extra contacts to add to this um Just just to add some details to this I don't think there was actually supposed to be a vote yesterday They don't do votes on the live calls. They do votes on the mailing lists And so it happens asynchronously The the calls are an opportunity to present information and then the votes themselves Go out to the mailing list and then you can have binding and non binding You know votes on these things and then after a certain period the number and they've got enough binding votes Then the results are reported if you actually go to the mailing list and search for results You can see the the previous votes and and how that has unfolded So I don't think there was actually supposed to be a vote yesterday on this um as far as This whole hub goes um and linked to a private repo a bunch of the details on this were were planned on being more public sooner Uh, and that's been thrown off by the coronavirus quite frankly the cncf staff has Basically been all consumed by it and I just learned about the announcement Amy told me about it uh that the conference has been delayed now So it won't be happening you can go to the cncf stuff to see but they've been scrambling through a lot of pain right now That has delayed other things on this Um, it's just it's just strange that the hub is private right because like that's not really open source, right? And we are like being told that that's the thing you're holed up on and like oh until five minutes ago We didn't even know about this and like we didn't even have an invite to the cncf repo So that's that's a bit concerning I think and and that's kind of the the toc Injecting themselves under this which is exactly what they're supposed to do They've got ideas and intents and plans and concerns of their own And their job is to write the tocs their big thing is to choose which self-governing projects come into the cncf And they're also not supposed to be king makers Like isn't that like part of the cncf charter to not be king makers like exactly the opposite of what you just So yeah, but uh, if you even get into the conversation, um, such as the operator hub Currently in its own implementation only does olm which gets it into king making right and so It is upon them to do careful due diligence to make sure something like the operator hub doesn't do king making and to look at it in the broader scope of Um, everything that's going on right and i'm confused by this like if I look at the cncf hub It's actually saying like this is the hub for kubernetes packages And it basically says oh, yeah the package has to be a ham truck. So how is that not king making? If you actually get into the I don't know if the the spec has been shared with you the original spec for it Because the the stuff you saw is um, still very early work The original spec uh, actually talks about not king making but it is focused on cncf projects And so if you look at the cncf projects, um, that's kind of where its scope is And so you would see that things like falco because falco if you don't if people don't know There's something called the cloud native security hub Something here. Um, I mean it's great that you're doing it, but on a wider scale I think we should get somebody from the cncf. Um, one of our next calls and walk us through Yeah And i'm surprised this was here because dan had asked everybody to be patient for a few days and wait So this could all be handled and it was brought up for conversation here Outside of that request to wait a few days And so we should probably wait for that to happen and by our next meeting Here at sig app delivery. I would expect the details to be much more public and aware for us to have a fully scoped conversation And so i'm surprised this was even on here given that and that it's the toc who wants to have the conversation With the operator framework and I don't even know the in their meeting. They said They were waiting on something from dan and dan has been waiting for these things And so they're just asking everybody to be patient right now. Well, this gets worked out through the coronavirus problems Um, and so that that patience was requested with the coronavirus to be honest because like we have been talking about this since January Dan's time in this is the problem Dan's time in order to be able to address this given everything else He needs to address is the issue that was asking people to be patient because they've been very busy trying to figure out They had to move they just announced moving the conference and the logistics around that is a very big deal And so they've been they've been very busy with other things And so he hasn't had the time and so the work around this to announce it has been delayed And he asked people to be patient for them to deal with this and then he would get back to that And so I can totally understand that like, you know, totally understand that particular context It's just that why is this holding up the both? Why does why did it why did it not come up earlier? Right like in the past months, uh, we've been trying to like sort all of this out and now All of the sudden like in the end there's a little surprise for us in here Which says oh, actually there's another thing and you know, you're colliding with that So that just makes it feel very weird to us So I would suggest that since the toc is the one who's had the recommendation to them The toc is now the one who is holding this up on other things We probably can't solve that in sig app delivery because we don't know what's going on in the toc This is a conversation appropriate for the toc It's now out of sig app deliveries hands I think there might be a good question here around helm hub is helm hub going to be part of cncf as well Uh, how about we wait for The proper announcement from the people involved in it And then we'll make sure all the details are there But I don't want to jump the gun on things that are already in planning and speak out of turn I agree with that Sorry, I didn't mean to um I mean to suggest that I more meant like you're working on the graduation of helm right now I was curious if helm hub is included as part of that Helm hub is included as part of that and the plans around that Related to anything cncf hub have already been figured out and can be readily discussed once anything else is ready to be discussed okay, so There was So helm hub is being contributed and didn't get the same type of pushback that we're getting for operator hub. Is that Uh Helm hub is a different thing Helm's homes a little bit different right because the helm hub is a search registry for just helm packages The operator hub is for all things all operators. Um, it's not the olm hub. It's the operator hub And right now it is only willing to do things from the olm perspective And I understand there have been promises in the next agenda item is to deal with things that are other than olm But all of these things and future plans have to be accounted for right So when it comes to things like the helm hub and the cncf hub and all of the relations to these things That plan is already in place Now requests have been made on the actual issue for the operator hub coming and how it would relate to those things And no agreements or anything have been made or discussed which may go along with the way it's being evaluated But I can't really say right now. It's all just speculation but Right dig into that and if folks want to grab me offline. I'm happy to dig in a little bit further I just don't want to announce anything on a publicly reported recorded call that would be speaking out of turn And so we should wait for it Yeah, which just was all a bit more open and and you know wider communicated so can actually be anticipated But um, we've like, you know talked about this on the last call that operator hub technically would allow helm charts It's just not a very good ux today and we would have to manually like overcome some checks that are in there But you know, it would totally work. So that's I think not the issue I think what we wanted to do is actually make the experience much better Which is what the next agenda items about which you can totally talk about here What I just want to reiterate, right? I thought like this was all been figured out and and now again suddenly it's a problem and because of something that isn't like shared or like developed in the open source way It's a bit frustrating in conjunction with the riddles of how to actually get through incubation and graduation That yard alluded to earlier as well Certainly and I would suggest taking this to the to see be patient at any hub discussions and take your questions to the to see And look for their specific guidance and questions and responding to their stuff because that may provide you a road to unblock But I don't know this is a to see thing on your issue Liz was the one who commented so it might be worth working with Liz on this because she's the one who's provided feedback on this Yes, I absolutely agree. If there's any question. Sorry. I just rejoined the meeting again So I missed most of most of the conversation here But if there's any questions you have in regards to to the Tuesday, please come to us Please open a fret and we'll be able to to apply as much as possible But again, I don't have the full background here. Some I'm I'm entirely sure what was the question either But that that's a good advice I can give I think we can move to the the last topic of Agenda and I saw that is Helm packed operators or open a hub though I think quite a similar question to The cncf hub, right? I don't know if Matt added this part or somebody else It's kind of difficult to talk about this right now with you know the stuff that we Don't know about right so but what I wanted to reiterate is that one thing we could do like totally Tomorrow almost is Basically allow you to to just send us down chart and committed to the kitab repo and that will just pop up on the side And like that's that's something that we can do. There is a very low bar to this. The other thing that I was thinking might be worth while having is like a discussion around the set of metadata that we want to That we want to standardize on for operators in general not just operator hopper just operators being put on any kind of cattle um, and not just helm and olem operators, but also stuff that has been Um, templated and packaged with customized, right? So, um, that was something I proposed on the Particular issue that was raised where you met on the operator hop I owe Github repo. I was wondering if there's at all interests in like doing that discussion and saying let's figure out what is the common denominator in terms of metadata for operators or if you should just do like the low-hanging bar the low-hanging fruit and say Here's like a quick hack to actually allow helm to just start to be contributed to the Github repository that backs operator hop.io So so so chair like just just want to throw in like we we're also kicking off the operator working group Which I think is also the next agenda item and I think we should try to solve that in in in that area of what's important to deploy an operator potentially Maybe maybe that should be a goal there. Maybe maybe it shouldn't But I I think we we should try to solve this from uh, you know, one of our goals there potentially that You know, Alois like I have it as a non-goal there and there's a lot of others who think it should be a goal And if it's a goal, maybe we should figure out that particular goal in the context of that working group Yeah, so maybe to have because we only have like a couple minutes left on um There is a massive interest in the operator working group. Thanks everybody also for their feedback so far Lots of organizations in there Next step is now on us. Some people already asked for set up a first Meeting where we all get together um go after this so that we get it into a state where We can and also push it forward um talk to the TSE about it and then obviously also get into working mode so That's ongoing expect details and the meeting invites in Well early actual the next week and out the next two days, but I think we're in a good state there. Um, and I'll let you know Most of the command should be handled as well And if you compare it also what we did regarding air-gapped environment, I think that um The key finding is if you find like the most important first Item to work on I think will be the key The key topic for us, but let's do this in the call that we have specifically on the operator working group And also discuss the details then there because we simply run out of time here Today on some of those topics Is this good for you? Um, Matt that we just you know do the discussion in that and that wg and we would not do the hacky way Uh, we can yeah, we can take it over to that working group as long as things happen on you know In a timely basis and things are done in good faith and we're working through the actual details and looking how that would work I don't see an issue with it I I would I would say I mean if we're with the Just a quick moment like I think my confusion not confusion like I'm I'm trying to be really aggressive in that charter right now about like scoping things to The definition working group that that you know finite time finite quantity. We're trying to come to a finding here And I want to like I'm airing towards a lot of things that we don't necessarily want to solve And that that that leads to a couple things in that context. Um, so I guess um If I'm missing something with with what we want to cover in that working group I'd like to know so that I'm not I don't want to be just like sitting here as a blocker saying like We shouldn't add these things in scope because it's a working group. So I would I would appreciate um Uh some guidance there on What we're being asked to solve and and what we're not being asked to be what we're not asked to solve here Yeah, and that that makes sense again, I'll get something on the calendar next week So that we can have more or less an initial keep of meeting and go through those points. Many are already discussed in the dog Um, and some of my feedback was just to like excluding certain things in there. This was more really related to I obviously air gap like air gap operators. Um, that discussion in there. Yeah, obviously we we don't like massively focus on air gap operators Um, but the topic might come up. So I think the non goals is okay. These are like really operated related stuff that we don't want to do Some points and they're really great. We don't want to create new approaches. We don't want to do this But if the discussion comes up about Oh, okay, how would and it also comes back from the air gap working group? How does your operator work in a In an air gap environment and there might be some collaboration coming out of it So I'm keeping these things that might just come out. Um out there That's also why brought up the example of security Obviously security is not a key. There's definite security that dedicated security sick But still if there's a security related in Discussion we might still decide that we want to add it is something to work on potentially with them. So for me the non goals are just Okay, this is something we very very explicitly don't want to do and some of the other ones where I was commanding on It's okay. It's not really a goal. It's not really a priority But if the discussion at some point makes sense, you might want to have it. So that's That makes sense. Do you mind if I create a new section? I know it's not official and we can just make it for ourselves So like Potential areas in scope then and then I'll remove those from non goals and move them into possible areas and then we can discuss that there Yeah, let's call it potential future ones. We can And for what it's worth the And for what it's worth the whole idea of some kind of document or or SPAC for Exposing the information about an operator, right? The SIGs fall under the in working groups awful under the TOC and in their charter One of the things is aligning interfaces to components under management code reference implementations things like that, right? And so that kind of thing is an interface That could be defined that multiple groups could do actually falls in within the scope of the TOC So, I mean the big thing is is managing projects and some practices you've got to do like following codes of conduct But one of the things is aligning interfaces across projects Is an area that the TOC can get into and that's where we fall so that that particular piece is totally within scope Okay, so I have to drop Today because I have to jump on to the next meeting. I think we're also over time I don't know. Harry if you want to continue some wrap up topics here my itch and items really get all of you onto Yeah, yeah, we are pretty cool here and we also are all of the time. So I think this is truly the end of our meeting And thank you very much for everybody Joins our meeting and I think we'll be back. I'll see you next time. Bye. Bye Thanks for your time. Thank you Thank you. Bye