 Awesome. Hi everyone and welcome to this webinar. Today we're going to be talking through EZCLA and specifically we're going to be introducing you to some of the new features and capabilities that will be coming out in the next V2 version of this release. So really talking through how this can help you even more to streamline your development workflows. And just a quick disclaimer, this webinar will be recorded. This is really geared towards the ASWF project community. But you know if you have any questions around this project or if you have any other questions around EZCLA in general, we are here to help. Again, this will be recorded so you'll be able to reference this in future and we'll be sharing out links to this as well as other resources to help you with using EZCLA V2 in follow up. Quick intros before we really jump into things. I'm going to be kind of leading here in terms of controlling slides as well as giving a bit of context around EZCLA in general. Before I jump into that, my counterpart Steve Winslow here will give us a bit more context around CLA's and contributor license agreements in general. And then we will be going through a demo of the tool with Pranab in just a little bit. We also have David on the line to help address any questions that might come up and be able to answer, you know, live through the chat feature here on Zoom. So just a little bit of housekeeping. You have any questions at all. And we want to make this as engaging and relevant to you as possible. So please do feel free to use the Q&A feature here on the Zoom webinar. Or even just drop your questions or comments into the chat and we'll be responding there. We'll also have plenty of time at the end for any Q&A that we want to talk through on the line. So with that, Steve, I'm going to go ahead and let you start us off here. Sounds good. Thank you, Stephanie. And thanks everyone for your time today. Happy to talk through this with you. Stephanie, if you want to go on to the next slide. So just as background, before we get into the specifics of what EZCLA does, just background on contributor license agreements. One key piece of this is that just noting that not all projects, not all open source projects use CLAs. There's a significant number of projects that use other mechanisms such as the developer certificate of origin or the DCO. But at the LF we support projects including the ASWF projects that where the project community has decided that they want to use CLAs as part of their contribution mechanisms in this part of ensuring that there's a common understanding of what the licenses are that are being granted with contributions to the project. So for projects that do use CLAs like ASWF, once they've made that decision to use CLAs, they kind of run into the question of, okay, what's the process for actually managing them. And kind of over years of working with us what we found and what I think a lot of open source projects have found is that managing CLAs can be something that's time consuming for the project maintainers to handle. And then on the contributor side it can be something that becomes something of a logistical blocker for new contributions to a project. And so on the easy CLA side what the goal really is is for projects that have made that decision that yes we're going to use CLAs. Then with easy CLA with the tool we try to help ensure first that the right processes are in place, the right workflows are in place to ensure that CLAs are correctly managed. And at the same time try to streamline those workflows so that they are as light touches can really be done. So try to streamline the process of getting CLAs signed and of managing who's authorized under those CLAs. And next slide. So the reason why this is a hard question is really because there's two different kinds of CLAs. There's individual CLAs which are for somebody who is contributing code that they've written on their own behalf something they've written on their own time, not related to their work. That'll get contributed under an individual CLA. And for something that somebody does write as part of their job or as on behalf of their employer, that's those are going to get contributed under a corporate CLA. And for the former for individual CLAs this is a sim this is really a pretty simple process it's just make sure the person has signed it. If they've signed the individual CLA. They're good. So that's as far what we found when we looked at other CLA management tools that were out there is that they they're really built with that as the model for everything. They're built with the assumption that the person who's contributing the code is contributing it under an individual CLA, or at least if they're they're contributing it under a CLA that they the contributors can themselves sign. And the problem with that with that model is that that that's not really what it looks like in practice. And particularly when you get into kind of the wide variety of organizations and companies that are out there. In some companies typically smaller companies, it might be the case that you know if there's only a couple employees it might be the case that the person who's actually writing the code submitting the PR is themselves able also authorized to sign contracts on behalf of their company. But for a lot of companies that's not going to be the case person who submitting the code is different from the person who's signing the CLA person signing the CLA might be someone that the contributor doesn't even know. A lot of companies similarly will want to have some sort of process for having their legal department or somebody else review a CLA. Similarly, other large other companies in particularly larger ones may have different models for how they want to manage who's authorized to contribute under the CLA. Some companies are perfectly fine saying yep we signed the CLA anybody who works here can now contribute under it that's fine. Other companies are going to say we've signed the CLA and only these three specific people are authorized to contribute. And so whatever tool is managing this really needs to be able to handle kind of the variety of different models in between there. And then you can see there's some other the list goes much longer than what I've got on here but there's just it there's a lot of complexity that comes into this because of the way that companies are organized differently and want to have different levels of control and visibility into this. So next slide. So as we're as we're going through this and as we start getting into the demo a little bit later on. They just wanted to give you some definitions up front so that we're all kind of on the same page for we're talking about so what we're when we say an ICLA that's going to be an individual CLA so again that's something that the person. Kind of disconnected from work somebody on their own time rights code and contributes it to a project. They contribute that under an ICLA somebody who's doing it on behalf of their work they contributed under a CLA corporate CLA. And then in easy CLA in the tool, there's three different really three different key roles that we talk about so different personas for people who are using it. The first is the contributor the person who's actually submitting the PR who wrote the code. And then there's the CLA manager which is what we call the person who within easy CLA manages the list of authorized authorized contributors from their company. And then finally there's the CLA signatory which as it sounds like is the person at the company who actually signs the CLA. And the key thing here is I was saying before is that of those three roles they might all be the same person they might all be different people just depending on the company. A lot of the complexity that you end up seeing an easy CLA comes out of the fact that we try to hand we're handling the different possible workflows depending on whether those are the same person of different people. So, and actually Stephanie before you go on to the next slide one thing I'll just note here is when we do come to the model the demo a little bit later on. The example project that we show in the demo is one where where it's been configured for both for for contributors to need to be authorized under both a CCLA and an ICLA. I'll say that's a pretty uncommon scenario and it's not one that is the case for the ASWF projects. So there's one when you're looking at the video there's going to be one when you're looking at the demo there's going to be one step in there where it won't be the same for the demo as for what you'll see in ASWF. There's one step in there where the, it looks like a contributor additionally has to sign an ICLA after they've signed the CCLA. And that will be different from what you're seeing an ASWF so apologies for any confusion there but just wanted to highlight that upfront that for that one part of the demo it'll be a bit different but for everything else for the process of signing the CCLA and getting authorized under it. That'll be the same as what you normally will see in ASWF. So, next slide please. Great. And then just a very quick roadmap for what you'll see as we get into the easy silly demo is. Like I was saying before for an individual contributor it's just a it's really just a docusign point and click it's just a the individual signs the CLA on their own behalf. For a corporate contributor. The process looks like this, the contributing companies CLA signatory will sign the CLA. The CCLA will say who this who the initial CLA manager is so who the initial person is, who's authorized to manage the list of authorized contributors. The CLA manager will go into easy CLA and do exactly that they'll manage who is who's authorized to contribute, and possibly who are other CLA managers from their company to also manage that list. So, so that's kind of the very the, you know, 20,000 foot overview of what's happening in easy CLA and then the details are just in how, how we get those steps completed. With that, so I will keep an eye on the questions in the Q&A if there are any but Stephanie I will go ahead and turn it back over to you. Awesome, thank you for that Steve. So, before we jump into the easy CLA demo, I just want to share a little bit of context on what, you know, the other tools that we have under this LFX umbrella, and then share a little bit about what is kind of current and what is new in easy CLA that you are aware of. And then we will jump into a demo. So, what is LFX? Well, here at the Linux Foundation, you know we recognize that the world runs on open source. We also know that projects need more than a version or source control system to build and scale. So, we've evolved a proven methodology to help projects and supporting them, transforming from, you know, small individual projects to category leaders. And this is really where LFX comes in. So, LFX is really, you know, it's a platform designed for, you know, operationalizing this approach that's been developed here at the Linux Foundation, and it provides a suite of tools built to help facilitate really every aspect of open source development. Today we're focusing on easy CLA, but there's other tools including tools that support insights, security for your projects, and much more. So, soon we're going to have a tool called organization dashboard, which will really help, you know, especially from the corporate side and manage all of your activities within open source projects here at the Linux Foundation. If you're interested in, you know, any of these, you know, feel free to check it out to visit our website, or, you know, feel free to follow up with us. And, you know, today we wanted to give you that context of easy CLA sits within this larger toolkit. And there's a lot of different ways that we're working to kind of operationalize support of your projects. So, let's look at easy CLA. A high level view, you know, what we're working to accomplish here, as Steve kind of walked us through a really trying to make the, you know, process of contributing to open source projects easier without sacrificing compliance. We do this by streamlining the process workflow management execution of the CLA's, but also automating, you know, what's typically a manual back and forth process. So, I also want to point out here, as Steve alluded to, that easy CLA is the only tool that supports both individual and corporate CLA workflows for open source projects. And so that because that makes it a really powerful tool to, you know, to support projects such as as WF, and, you know, all of the different contributors and all of the different companies workflows that you might have. With that, you know, those are impressive numbers. And we have supported trying to make this process easier for everybody so that at the end of the day it really comes down to just wanting to contribute code faster, you know, and be able to have more visibility and manage your corporate CLA's and kind of manage all of your authorized contributors. And, you know, this is really between current version and the upcoming V2 release. This really hasn't changed. If anything, we're working to make this process even easier and even more intuitive for you. At the end of the day. So, quickly going through this so we can, you know, get to the important stuff in the demo, you know, some of the features that are supported here within easy CLA. Again, incorporate as well as individual CLA support, giving you visibility into your CLA's and managing those, being able to approve CLA's one time, and have that be relevant across the board, providing multiple ways to authorize CLA's and, you know, the ability to work with both GitHub and Garrett. Additionally, you know, with the release of V2, you know, we're really working to improve the usability and user experience with role based workflow support ability to have auto discovery for new repositories, as well as branch protection. So, what's new. This is a deeper breakdown of kind of what that looks like. So relevant for all users, you know, we have improved user experience and user usability, which you'll see, especially in kind of how the UI improvements in streamline workflows in the demo. We also have additional support, whether that is support links and tool tips or just contextualize help within within the tool. We're also integrated with platform CRM. So here this is kind of, you know, the behind the scenes connecting the dots, making sure everything is centralized for accounting purposes. Also, we have introduced audit logs. So, being able to record and track kind of key events or changes within your CLA group and with authorizations. So you'll be able to have a full history of kind of what's happening there. And especially relevant for corporate CLA workflows. We have improved searching and filtering of your authorized users. We also have provided the ability to export your authorized users list as a CSV, as well as download signed PDFs. So you'll be able to download those directly from the easy CLA tool. And finally for project manager workflows, we've got things such as auto enabled repositories. So you're able to, you know, new repositories under the get hub org, and also auto setup of branch protection for default repository branches. And what that means to you what you need to know. So at the end of the day, your workflows will essentially be the same within v2, whether you're a contributor or a CLA manager, really, you know, with contributors, again, your workflow be the same. So if you're a new contributor. You'll follow the same processes before, contributing on your own you'll sign in an individual CLA, if you're contributing for your company, you'll get a corporate CLA signed or contact your CLA manager to be added to that approved list. As a CLA manager, again, your workflow will essentially be the same, but you'll have improved UI and functionality. So you'll be able to manage your CLA is easier. What that means is, you know, streamlined workflows for adding authorized contributors, which you'll be able to see in the demo walkthrough in a second, as well as the abilities, as I mentioned to search filter download your contributor lists. And again, we've added the feature for being able to download the CLA PDFs as well. So with that, I'm going to jump into a demo. Now this demo is recorded. But we are here to answer any questions as well. So I'm just going to go ahead and get this started for us. I've seen some questions coming in already, which is great. And feel free to keep those going as we get this demo going. I'm going to pause here for one second and see Steve or Pranab was there anything else you wanted to add before I jump into the demo. No, I'm good. Awesome. Let's go ahead and start this. And again, as you said, this walks through kind of a fuller workflow that includes the ICLA workflows might not be as relevant to everyone here but it's still helpful context and we will be providing plenty of resources and support that you can reference including this video in follow up if you get, if you have any questions along the way. So let me just clarify that it's the demo is talking about contributor signing CCLA and ICLA in ASWF you don't sign ICLA you just signed CCLA. So you would not see the last step, but instead of last step, you will see a company association dialogue box which is not shown in the demo. So that's the that's the only difference otherwise the demo is very relevant to ASWF. Thank you for that to do a demo of how contributor console works in in V2 version of easy CLA. But before I give that demo I want to give you some context. So we are going to use this CLA group. I am this screen is the the PCC project control center, the project admin console for the project console for easy CLA. And here we have a CLA group called February 23 2021 demo. That CLA group is enforcing CLA on on a project group and it's child test project group and test project it's child and it is enforcing corporate CLA individual CLA and corporate users have to sign individual CLA's. So right now these are the templates ICLA and CCLA that have been assigned to this CLA group. And yeah, so one person is has already signed the CLA. There is a CLA manager associated with this group. You can see download the sign PDFs, you can export the sign information as a CSV, you can also search for people's names and all that. Sign CCLA sign ICLA is all of those. Okay, you can see the approved contributor. So let's see if there are any so approved contributor is the same person who is the CLA manager approval criteria. Yeah, so we have added two people as approval criteria for this company. Okay. And so forth. So now I am going to take I'm going to take a new user, a test contributor. So this user is called test contributor December 2020. And this user is already stuck on CLA. The PR is stuck and this user is now going to try to commit that PR. And we will take the scenario where the user is coming from a company that is not there in the database in the CRM database. And this user will become a CLA manager at themselves in the approval list and then commit the PR. Okay, so let's get started. So we click on the LFX easy CLA takes us to the contributor console. As you will see, it gives you the explanation of what a contributor corporate contributor is what an individual contributor is and so forth. The user chooses to proceed as corporate contributor. And okay. So now here, this user's organization is not there. Let's say 0223 2021 this organization does not show up. So user clicks here organization not listed. They create a website. Then here they give the name of the org. Okay, click next. Now the system is asking if you want to become a CLA manager. So if suppose the user said no, then you can you can identify somebody else in your company to be a CLA manager. You can give their name and email address, right? But otherwise you can just go back and you can say yes. Here you're going to choose yes. So it's going to assign me as a CLA manager in the background. And now it is saying that you will have to log into Linux foundation LF login the SSO account. So you should have you might have to create one. Okay, so this user does not have a SSO account. So let's proceed. Okay, so since the user does not have SSO account, the user chooses to continue with its Gmail account and they say test. So we logged in using our Gmail account. And we will give us a new username for the LF account. So now the system is taking us to the corporate console is configuring initial CLA manager settings. Click on proceed. You will be redirected to the organization dashboard, which is the corporate console. Okay, so you can always go back, but I'm choosing to proceed. The GitHub session has been preserved in current tab and new tab is opened with corporate console. Okay, so you see that the new company that I created got assigned to my user, right? Test.contributor.december 2020. Okay, so now for this company for this project, there is no CLA sign. I will start the CLA signing process. I'll say proceed with signing. Are you authorized to sign CLA on your company's behalf? If you choose no, it will you can again identify authorized signatory. Okay, give a name and email address and email will go to that person and they can sign it. But let's say yes. So now you review and sign CCLA, corporate CLA. Put in some values. Now here a neat feature is that if you have some corporations have got separate entities, legal entities that are responsible for their intellectual property. So you can always edit this name and you can put the name of that intellectual property unit, which is signing the CLA if you want to. That is so like I could I could put IP unit or some whatever, right? But I'm not doing that. So I'll just type in some values. Finish. Okay. So once the CLA signing is done, the CLA manager page is what will be seen. So it'll take some time for this page to refresh. Let us give it a few minutes or a minute or so. The page should refresh on its own because there is a delay between DocuSign and the database. I guess we'll have to refresh the page. Okay. So now this is the CLA manager page. We see that the CLA has been signed, project, project, projects that are part of that project group. The name of the CLA group, status sign, sign-on, signatory, and you can download the sign PDF. Okay. Now this test contributor user has been assigned as a CLA manager for this organization, 0223-2021. And this person can now add anybody else as a CLA manager and give them the same rights so that they can also view this page. Okay. And make edit updates to this page. Now the other thing that this person test contributor needs to do is to add themselves so that they can commit their PR, right? So they need to add themselves to the approved list of contributors. Okay. And then let's do that. So add. So let's add them like this. Let's say test.com. Save. Okay. Okay. So what that message was, was that the test contributor needs to do another step with CLA where they need to acknowledge their association with this company. And then once they have done that, then easy CLA check will be over for them forever. Okay. So we also have the CLA manager can see events, audit log, who has done what, and they can see statistics for their organization, what is going on. Okay. All right. So now we go back to GitHub. We are still stuck. Right. But we have been added as an approved contributor. So let's see what happens. So we proceed as corporate contributor. We select our organization. So it was 0 to 23. 2021. Right. This one proceed. Okay. We had set up the CLA group where it requires corporate CLA users to also sign individual CLA. So we need to sign the individual CLA. So if you can pause here one minute. So if you guys saw that here the user was asked to sign ICLA in ASWF case, what will happen is once you associate your company once you select your company from the dropdown and that's it. Once you do that association, it will say good. You are good. And now write awesome code and then you can exit CLA at that point. So this step, you won't see the signing the ICLA for corporate contributors. Go ahead. Awesome. So at this point the system has done the requirements that the CLA group was set with ICLA signed CCLA signed. So this is what the contributor's association with the corporation has been completed. So the page should refresh and we should see the CLA check is no longer blocking us. Yeah. So you see that it is turned green. Now we can commit our PR. Okay. So this is what this is what the contributor console looks like now for most people. On version V1 and moving to version V2. All of this will be migrated from V1 to V2. So if you are already a contributor on V1, then you would be in the approved list in V2 also. And you won't have to go through the CLA block, but a new user from your company who comes in can be added. So let's say let's do a let's do another test. Let's go here and let me show you what happens. New contributor. Test PM December 2020. And this contributor is not in the approved list. So let's see what happens. So if I go to report to I see, okay, let's go to read me and make a change. Create a pull request, create a pull request. Okay. Easy CLA block. Now at this point, this contributor clicks on easy CLA. Now this contributor is from your company. So it's a corporate contributor. So let's say authorize a left engineering. Okay. Proceed as corporate contributor. The organization was 0223. Let's see. The search found it. Proceed. Okay. So now the system tells us that there is a CLA manager for your organization. So you can select the name of the CLA manager that you want to approach and then you can click on request authorization. Will be notified to authorize of your request to be authorized for contributions. You will be notified via email when status has been approved or rejected. Okay. So you exit CLA. Now I have the email open. So here I got an email approval request for contributor test. Okay. So it is saying approval can be done here. Okay. Let's click. No, I need to log in as my user. I'm logged in as close this. Okay. So then here I come to the corporate console landing page. I see my project test project group ID. I will take me to the CLA manager page. All right. So here I can add this other user as a contributor. So I can say test.pm.december2020 at gmail.com. Save. Okay. So now I have added this user. Let's see what happens. So now the user is test.pm. Yeah. All right. So we go here. Okay. Proceed as corporate contributor. Organization name. 23 proceed. Now it gives us the same message that you have to sign ICLA also proceed. Sign ICLA. Start. Sign. Okay. So now the CLH should be lifted. And we should be able to commit our code. Let's see. There you go. And that's how it will work. Awesome. So that was walk through. And I'm sure we've got a bunch of questions. I'm going to actually open up for questions now. And so I'm actually going to open up since we've got kind of a nice, nice end of an audience here. I'm going to allow everyone of our attendees to talk as well. So let me just do that real quickly manually. You're all defaulted as muted, but feel free if you do have any questions to go ahead and jump in. I'm going to land here on this next slide. Steve Pernop or David, would you like to walk us through just to kind of a high level? And then I'm going to go ahead and talk about what's coming up for easy CLA this year. I can take that. Sure. Yep. So I think the, the first step we're going to be doing is for ASWF. The ASWF projects are going to be moving over to the new V2 interface that you just saw. We're going to be doing them first and then moving the other LF projects over to easy CLA after that. Other things we're looking at adding on our Git lab support. Easy CLA works with Github repos as well as Garrett repos. So we're looking at adding Git lab is another source code management solution it can integrate with. And then also adding, let's say here is enhanced handling of bots, but basically there's some nuances in the ways that approvals work when it comes to PRs that are authored by bots such as dependabot or things that bots that will automatically bump version numbers or do small changes like that. There's some nuances in the way that that gets handled. So we're looking and improving the way that that works. And then later on in the year there's going to be the kind of company view that you saw as part of the demo just now is one part of the larger organizational dashboard that Stephanie had mentioned earlier on for other parts of LFX. So this is kind of one piece of the larger dashboard that will be the school. Awesome. Thank you. So leaving room here for any other questions I see a number of questions have come through and been responded to, which is great. So one kind of general question I'm sure will come up is, you know, when do you get access, right? So we're walking through the version two release that we were talking about. And the big question there is when you have, when will you get access to that? So we will, we will be getting you like again kind of hinted on that roadmap. ASWS will be part of the pilot here. So we're going to get you access before the rest other projects are migrated in. And that will be coming really soon. We will be sending an email ahead of that. So you'll have all the resources that you need to get started and kind of know when that's coming. But that'll be happening, you know, kind of very soon from from now we just have a couple of points that we want to finalize before sharing that kind of cutting, cutting everyone over. One question that I'm going to read out that we've received from Joshua. And, you know, Steve, you responded to on the chat thread, but it'd be great to capture here in the audio recording as well. Joshua's question was, you know, some computer contributors have asked for us for guidance about which CLA design, ICLA or CCLA when there's some ambiguity about how close their contribution is to their job. Is there some standard guidance we can point people to about how to make that choice? Yeah. And Stephanie, I can respond to that live too. I know I did in the chat. But yes, so the starting point I think is always going to be, you know, our recommendation is first to guide people to be talking to their own company counsel, their own legal counsel for guidance on those sort of questions. Just, you know, their legal department should be the first ones to be guiding people towards which ones they should be signing depending on what the situation is with their, whether it's in the context of their particular employment or not. But I think there was, you did also, there was also a question about, you know, what are their reviews done of whether somebody has picked the right CLA to sign. And yeah, I think the key thing there is that we do, you know, kind of like any other project that is using CLA's, we do look to the contributors to be, you know, as when they are signing the CLA and submitting it, they're typically asserting that they are in fact contributing under the right one. But I think one of the things we're looking at for easy CLA will be to make it more visible to the project maintainers when they're contracting PRs about what CLA's have been signed for their, for the people who are contributing there. So I think we'll be looking at what, what of that can be visible and how, how that would work, but yeah, understood on the questions there. Awesome. Any other final questions here? Great. Well, we will definitely have, you know, plenty of more opportunity to ask your questions, either directly to us. If you have any questions, we can, we can field those through LFX.dev or slash questions. Or as we send email communications out about the cutover for the version two release, you'll have opportunity to, you know, to reach out to us through, through that communication as well. Again, we will be getting in touch very soon to, you know, provide more details on when that will happen and kind of give you other helpful resources and including the, this recording to, to help you, you know, kind of make this a smooth transition. Awesome. Well, thank you all for attending. I'm going to go ahead and stop the recording now and we will be in touch very soon. Thank you. Thanks everyone. Thank you.