[Incubation] Lima Incubation Application

[AkihiroSuda]

Lima Incubation Application

v1.5 This template provides the project with a framework to inform the TOC of their conformance to the Incubation Level Criteria.

Project Repo(s): https://github.com/lima-vm/lima Project Site: https://lima-vm.io/ Sub-Projects: https://github.com/lima-vm Communication: https://slack.cncf.io/ (#lima channel)

Project points of contacts: Akihiro Suda (@AkihiroSuda), suda.kyoto@gmail.com

Incubation Criteria Summary for Lima

Adoption Assertion

The project has been adopted by the following organizations in a testing and integration or production capacity:

• SUSE: https://rancherdesktop.io/
• AWS: https://github.com/runfinch/finch

See also other adopters (DDEV Foundation, NTT Communications, ...):

• https://github.com/lima-vm/lima/discussions/2390

Application Process Principles

Suggested

N/A

Required

• [X] Give a presentation and engage with the domain specific TAG(s) to increase awareness
  • This was completed and occurred on 06-10-2022, and can be discovered at https://docs.google.com/document/d/1k7VNetgbuDNyIs_87GLQRH2W5SLgjgOhB6pDyv89MYk/edit#heading=h.nyb77lbc7y9z.

- [X] **TAG provides insight/recommendation of the project in the context of the landscape** Done in the tag meeting above - [X] **All project metadata and resources are [vendor-neutral](https://contribute.cncf.io/maintainers/community/vendor-neutrality/).** - [X] **Review and acknowledgement of expectations for [Sandbox](https://sandbox.cncf.io) projects and requirements for moving forward through the CNCF Maturity levels.** - Met during Project's application on 06-10-2024. https://github.com/cncf/sandbox/issues/207 - [ ] **Due Diligence Review.** Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisifies the Due Diligence Review criteria. - [X] **Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.** https://lima-vm.io/docs/ ## Governance and Maintainers Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy. ### Suggested - [X] **Clear and discoverable project governance documentation.** https://lima-vm.io/docs/community/governance/ - [X] **Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.** See https://github.com/lima-vm/lima/commits/master/website/content/en/docs/Community - [X] **Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.** - [X] **Governance clearly documents [vendor-neutrality](https://contribute.cncf.io/maintainers/community/vendor-neutrality/) of project direction.** clearly says "As a Cloud Native Computing Foundation project, Lima will keep its vendor-neutrality." - [X] **Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.** Documented in https://lima-vm.io/docs/community/governance/ - [X] **Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).** Documented in https://lima-vm.io/docs/community/governance/ - [X] **Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).** Documented in https://lima-vm.io/docs/community/governance/ - [X] **Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.** e.g., https://github.com/lima-vm/lima/pull/2383 - [X] **If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.** Documented in https://lima-vm.io/docs/community/subprojects/ ### Required - [X] **Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.** Documented in https://lima-vm.io/docs/community/governance/ and in https://github.com/cncf/foundation/blob/main/project-maintainers.csv - [X] **A number of active maintainers which is appropriate to the size and scope of the project.** 4 maintainers. - [X] **Code and Doc ownership in Github and elsewhere matches documented governance roles.** - [X] **Document agreement that project will adopt CNCF Code of Conduct.** Documented in https://lima-vm.io/docs/community/governance/ - [X] **CNCF Code of Conduct is cross-linked from other governance documents.** Linked from https://lima-vm.io/docs/community/governance/ - [X] **All subprojects, if any, are listed.** Documented in https://lima-vm.io/docs/community/subprojects/ ## Contributors and Community Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy. ### Suggested - [X] **Contributor ladder with multiple roles for contributors.** Two roles: Committer (Full maintainership) and Reviewer (Limited maintainership, no git commit access) See . ### Required - [X] **Clearly defined and discoverable process to submit issues or changes.** Documented in https://lima-vm.io/docs/community/contributing/ - [X] **Project must have, and document, at least one public communications channel for users and/or contributors.** GitHub and Slack are documented in https://lima-vm.io/docs/community/ - [X] **List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.** Documented in https://lima-vm.io/docs/community/ - [X] **Up-to-date public meeting schedulers and/or integration with CNCF calendar.** This is completed as no-op, as the project has no sync meeting due to timezone diversity - [X] **Documentation of how to contribute, with increasing detail as the project matures.** Documented in https://lima-vm.io/docs/community/contributing/ - [X] **Demonstrate contributor activity and recruitment.** More than 120 contributors: https://github.com/lima-vm/lima/graphs/contributors ## Engineering Principles ### Suggested - [X] **Roadmap change process is documented.** Documented in https://lima-vm.io/docs/community/roadmap/ - [X] **History of regular, quality releases.** - v1.0 (Nov 2024): changed the default VM driver on macOS from QEMU to Virtualization.framework - v0.23 (Aug 2024): enhanced the templating system - v0.22 (May 2024): removed the support for `vde_vmnet` (deprecated since Sep 2022), in favor of the new `socket_vmnet` - v0.21 (Mar 2024): added the support for `limactl start-at-login` and inotify - v0.20 (Jan 2024) added the support for propagating the timezone from the host. Also fixed incompatibility with Go 1.22 - v0.19 (Dec 2023): improved stability on ARM Mac - v0.18 (Oct 2023): added the support for WSL2 See . ### Required - [X] **Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently.** Documented in and in . - [X] **Document what the project does, and why it does it - including viable cloud native use cases.** Same as above. - [X] **Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.** Documented in https://lima-vm.io/docs/community/roadmap/ - [X] **Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation.** Documented in: - https://lima-vm.io/docs/config/vmtype/ - https://lima-vm.io/docs/dev/internals/#vm-lifecycle - [X] **Document the project's release process.** Documented in https://lima-vm.io/docs/community/governance/#release-process ## Security Note: this section may be augemented by a joint-assessment performed by TAG Security. ### Suggested N/A ### Required - [X] **Clearly defined and discoverable process to report security issues.** Documented in https://github.com/lima-vm/.github/blob/main/SECURITY.md - [X] **Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)** All the Committers have 2FA enabled - [X] **Document assignment of security response roles and how reports are handled.** Documented in https://github.com/lima-vm/.github/blob/main/SECURITY.md - [X] **Document Security Self-Assessment.** Documented in https://github.com/cncf/tag-security/blob/main/community/assessments/projects/lima/self-assessment.md - [X] **Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.** [Passing](https://www.bestpractices.dev/en/projects/6505) ## Ecosystem ### Suggested N/A ### Required - [X] **Publicly documented list of adopters, which may indicate their adoption level (dev/trialing, prod, etc.)** - [Rancher Desktop](https://rancherdesktop.io/) by SUSE: Kubernetes and container management to the desktop - [Colima](https://github.com/abiosoft/colima) by Abiola Ibrahim: Docker (and Kubernetes) on macOS with minimal setup - [Finch](https://github.com/runfinch/finch) by AWS: Finch is a command line client for local container development - [Podman Desktop](https://podman-desktop.io/) by Red Hat: Podman Desktop GUI has a plug-in for Lima virtual machines See . - [X] **Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)** (See the list above) The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation. - [ ] **TOC verification of adopters.** Refer to the Adoption portion of this document. - [X] **Clearly documented integrations and/or compatibility with other CNCF projects as well as non-CNCF projects.** Lima was made so as to promote [containerd](https://www.cncf.io/projects/containerd/) (CNCF Graduated) including nerdctl (contaiNERD ctl) to Mac desktops. Lima can be used with Docker, Podman, [k3s](https://www.cncf.io/projects/k3s/) (CNCF Sandbox), Kubernetes, and other container engines too. See . ## Additional Information

N/A

---

Process: https://github.com/cncf/toc/blob/main/process/README.md#applying-to-become-an-incubating-or-graduating-project

cc @jandubois @afbjorklund @balajiv113 (Committers of Lima)

[AkihiroSuda]

@TheFoxAtWork Is anyone assigned for this?

[TheFoxAtWork]

@AkihiroSuda not yet- this project looks like its number 14 in the TOC queue https://github.com/orgs/cncf/projects/27/views/9 click on applications to move levels, left-most common.

We'll be making sure the applications currently in the queue are ready (meeting the criteria) before a TOC member picks them up for assignment