Open SgtCoDFish opened 2 months ago
On 23/04, cert-manager maintainers and I had the kick-off meeting for the graduation process. Here are the suggested action items:
@kgamanji I've updated the description of this issue to reflect the status today. I think we've now ticked off everything we needed to, and I think everything in your follow-up comment is addressed as well!
I think we're ready for the next step now!
cert-manager Graduation Application
@kgamanji suggested we raise this issue to replace the PR we raised initially (#1212), as the process for graduation has changed since we raised that PR.
Project Repo(s): https://github.com/cert-manager/cert-manager (and others under https://github.com/cert-manager) Project Site: https://cert-manager.io/ Sub-Projects: trust-manager, approver-policy, csi-driver, csi-driver-spiffe, istio-csr Communication: Kubernetes slack (#cert-manager-dev), regular meetings, mailing list (cert-manager-maintainers@googlegroups.com)
Project points of contact:
#cert-manager-dev
channel on Kubernetes SlackGraduation Criteria Summary for cert-manager
Adoption Assertion
The project has been adopted by the following organizations in a testing and integration or production capacity:
Criteria
Application Process Principles
Suggested
N/A
Required
[x] Give a presentation and engage with the domain specific TAG(s) to increase awareness
[x] TAG provides insight/recommendation of the project in the context of the landscape
TAG-security suggested that a joint assessment would be helpful following our self assessment, to broaden the docs we have around security. We'll engage in that process as the self-assessment completes.
All questions we received during the TAG security meeting were answered and nobody on the call had any red flags about cert-manager.
The self assessment can be viewed in the tag-security repo.
[x] All project metadata and resources are vendor-neutral.
[x] Review and acknowledgement of expectations for graduated projects and requirements for moving forward through the CNCF Maturity levels.
Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisifies the Due Diligence Review criteria.