TBD by TOC Sponsor
Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisfies the Due Diligence Review criteria.
[x] Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.
Installation:
k8gb requires a single Gslb CRD to enable Global Load Balancing.
[ ] Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.
[x] Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.
- [x] **Governance clearly documents [vendor-neutrality](https://contribute.cncf.io/maintainers/community/vendor-neutrality/) of project direction.**
- [x] **Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.**
- See [Leadership](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#project-lead)
- See [Changes](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#changes)
- See [Contributions](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#contributors) and [Contributing](https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md)
- [x] **Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).**
- See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers)
- See [Conflict Resolution](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#conflict-resolutions)
- [x] **Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).**
- See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers)
- [x] **Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.**
- See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers)
- [x] **If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.**
- No subprojects
### Required
- [x] **Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.**
- See https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers
- [x] **A number of active maintainers which is appropriate to the size and scope of the project.**
- 6 active maintainers from Upbound, Absa Group, Kedify, and Open Systems.
- [x] **Code and Doc ownership in Github and elsewhere matches documented governance roles.**
- See [Codeowners](https://github.com/k8gb-io/k8gb/blob/master/CODEOWNERS)
- [x] **Document agreement that project will adopt CNCF Code of Conduct.**
- k8gb has adopted the CNCF Code of Conduct. See https://github.com/k8gb-io/k8gb/blob/master/CODE_OF_CONDUCT.md
- [x] **CNCF Code of Conduct is cross-linked from other governance documents.**
- CNCF Code of Conduct is linked at [Code of Conduct](https://github.com/k8gb-io/k8gb/blob/master/CODE_OF_CONDUCT.md) and cross-linked from there to [Governance](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md) and [Security Insights](https://github.com/k8gb-io/k8gb/blob/master/SECURITY-INSIGHTS.yml)
- [x] **All subprojects, if any, are listed.**
- No subprojects
## Contributors and Community
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
### Suggested
- [ ] **Contributor ladder with multiple roles for contributors.**
### Required
- [x] **Clearly defined and discoverable process to submit issues or changes.**
- See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md
- [x] **Project must have, and document, at least one public communications channel for users and/or contributors.**
- See https://www.k8gb.io/ "[Join #k8gb on CNCF Slack](https://cloud-native.slack.com/archives/C021P656HGB)"
- Existing public communications channels:
- Slack: [#k8gb](https://cloud-native.slack.com/archives/C021P656HGB)
- LinkedIn: https://www.linkedin.com/company/k8gb/
- Twitter / X: https://x.com/k8gb_io
- Community meetings: https://zoom-lfx.platform.linuxfoundation.org/meetings/k8gb?view=week
- [x] **List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.**
- Project website: [k8gb.io](http://k8gb.io/)
- GitHub Repo: https://github.com/k8gb-io/k8gb
- Slack: [#k8gb](https://cloud-native.slack.com/archives/C021P656HGB)
- Mailing-list: [cncf-k8gb-maintainers@lists.cncf.io](mailto:cncf-k8gb-maintainers@lists.cncf.io)
- LinkedIn: https://www.linkedin.com/company/k8gb/
- [x] **Up-to-date public meeting schedulers and/or integration with CNCF calendar.**
- Zoom: https://zoom-lfx.platform.linuxfoundation.org/meeting/92572060749?password=645f8346-1952-44fa-bd9b-45208260fc10 is Linux Foundation hosted
- Community meeting invite: https://zoom-lfx.platform.linuxfoundation.org/meetings/k8gb?view=week lives on the Linux Foundation calendar
- [x] **Documentation of how to contribute, with increasing detail as the project matures.**
- See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md
- [x] **Demonstrate contributor activity and recruitment.**
- 27 community members, including 6 active maintainers, have contributed to k8gb's 32 releases.
- See devstat metrics: https://k8gb.devstats.cncf.io/d/66/developer-activity-counts-by-companies?orgId=1
## Engineering Principles
### Suggested
- [x] **Roadmap change process is documented.**
- See https://github.com/k8gb-io/k8gb/blob/master/ROADMAP.md
- [x] **History of regular, quality releases.**
- 27 community members have contributed to k8gb's 32 releases: https://github.com/k8gb-io/k8gb/releases
### Required
- [x] **Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently.**
- See https://www.k8gb.io/#key-differentiators
- [x] **Document what the project does, and why it does it - including viable cloud native use cases.**
- See https://www.k8gb.io/ and https://www.k8gb.io/#motivation-and-architecture
- [x] **Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.**
- See https://github.com/k8gb-io/k8gb/blob/master/ROADMAP.md
- [x] **Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation.**
- See the extended architecture documentation [here](https://www.k8gb.io/docs/)
- Internal k8gb architecture and its components are described [here](https://www.k8gb.io/docs/components.html)
- [x] **Document the project's release process.**
- See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md#release-process
## Security
Note: this section may be augmented by a joint-assessment performed by TAG Security.
### Suggested
N/A
### Required
- [x] **Clearly defined and discoverable process to report security issues.**
- See [Security](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md) - especially [Reporting a Vulnerability](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md#reporting-a-vulnerability).
- [x] **Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)**
- The setting "Require two-factor authentication for everyone in the k8gb organization." is enabled for https://github.com/k8gb-io organization.
- [x] **Document assignment of security response roles and how reports are handled.**
- See [Security](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md) - especially [Review Process](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md#review-process).
- [x] **Document Security Self-Assessment.**
- See https://github.com/k8gb-io/k8gb/blob/master/self-assessment.md
- See also https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md and https://github.com/k8gb-io/k8gb/blob/master/SECURITY-INSIGHTS.yml
- [x] **Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.**
- k8gb has achieved the OpenSSF Best Practices passing badge: https://www.bestpractices.dev/en/projects/4866. It is linked on the https://www.k8gb.io/ index page and the main README of https://github.com/k8gb-io/k8gb.
## Ecosystem
### Suggested
N/A
### Required
- [x] **Publicly documented list of adopters, which may indicate their adoption level (dev/trialing, prod, etc.)**
- See https://github.com/k8gb-io/k8gb/blob/master/ADOPTERS.md
- [x] **Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)**
- See https://github.com/k8gb-io/k8gb/blob/master/ADOPTERS.md
The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation.
- [ ] **TOC verification of adopters.**
Refer to the Adoption portion of this document.
- [x] **Clearly documented integrations and/or compatibility with other CNCF projects as well as non-CNCF projects.**
- See https://www.k8gb.io/#installation-and-configuration-tutorials for examples of known integrations with other CNCF projects as well as non-CNCF projects.
## Additional Information
k8gb Incubation Application
v1.5 This template provides the project with a framework to inform the TOC of their conformance to the Incubation Level Criteria.
Project Repo(s): https://github.com/k8gb-io/k8gb Project Site: https://github.com/k8gb-io/k8gb Sub-Projects: None Communication: https://cloud-native.slack.com/archives/C021P656HGB
Project points of contact:
Yury Tsarev (@ytsarev) yury@upbound.io
@donovanmuller
@k0da
@kuritka
@jkremser
@abaguas
Bradley Andersen (@elohmrow) bradley.andersen@pm.me
[ ] (Post Incubation only) Book a meeting with CNCF staff to understand project benefits and event resources.
Incubation Criteria Summary for k8gb
Adoption Assertion
Application Process Principles
Suggested
N/A
Required
[x] Give a presentation and engage with the domain specific TAG(s) to increase awareness
[ ] TAG provides insight/recommendation of the project in the context of the landscape
[x] All project metadata and resources are vendor-neutral.
[x] Review and acknowledgement of expectations for Sandbox projects and requirements for moving forward through the CNCF Maturity levels.
[x] Due Diligence Review.
[x] Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.
Governance and Maintainers
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
Suggested
[x] Clear and discoverable project governance documentation.
[ ] Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.
- [x] Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.
- [x] **Governance clearly documents [vendor-neutrality](https://contribute.cncf.io/maintainers/community/vendor-neutrality/) of project direction.** - [x] **Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.** - See [Leadership](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#project-lead) - See [Changes](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#changes) - See [Contributions](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#contributors) and [Contributing](https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md) - [x] **Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).** - See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers) - See [Conflict Resolution](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#conflict-resolutions) - [x] **Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).** - See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers) - [x] **Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.** - See [Maintainers](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers) - [x] **If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.** - No subprojects ### Required - [x] **Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.** - See https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md#maintainers - [x] **A number of active maintainers which is appropriate to the size and scope of the project.** - 6 active maintainers from Upbound, Absa Group, Kedify, and Open Systems. - [x] **Code and Doc ownership in Github and elsewhere matches documented governance roles.** - See [Codeowners](https://github.com/k8gb-io/k8gb/blob/master/CODEOWNERS) - [x] **Document agreement that project will adopt CNCF Code of Conduct.** - k8gb has adopted the CNCF Code of Conduct. See https://github.com/k8gb-io/k8gb/blob/master/CODE_OF_CONDUCT.md - [x] **CNCF Code of Conduct is cross-linked from other governance documents.** - CNCF Code of Conduct is linked at [Code of Conduct](https://github.com/k8gb-io/k8gb/blob/master/CODE_OF_CONDUCT.md) and cross-linked from there to [Governance](https://github.com/k8gb-io/k8gb/blob/master/GOVERNANCE.md) and [Security Insights](https://github.com/k8gb-io/k8gb/blob/master/SECURITY-INSIGHTS.yml) - [x] **All subprojects, if any, are listed.** - No subprojects ## Contributors and Community Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy. ### Suggested - [ ] **Contributor ladder with multiple roles for contributors.** ### Required - [x] **Clearly defined and discoverable process to submit issues or changes.** - See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md - [x] **Project must have, and document, at least one public communications channel for users and/or contributors.** - See https://www.k8gb.io/ "[Join #k8gb on CNCF Slack](https://cloud-native.slack.com/archives/C021P656HGB)" - Existing public communications channels: - Slack: [#k8gb](https://cloud-native.slack.com/archives/C021P656HGB) - LinkedIn: https://www.linkedin.com/company/k8gb/ - Twitter / X: https://x.com/k8gb_io - Community meetings: https://zoom-lfx.platform.linuxfoundation.org/meetings/k8gb?view=week - [x] **List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.** - Project website: [k8gb.io](http://k8gb.io/) - GitHub Repo: https://github.com/k8gb-io/k8gb - Slack: [#k8gb](https://cloud-native.slack.com/archives/C021P656HGB) - Mailing-list: [cncf-k8gb-maintainers@lists.cncf.io](mailto:cncf-k8gb-maintainers@lists.cncf.io) - LinkedIn: https://www.linkedin.com/company/k8gb/ - [x] **Up-to-date public meeting schedulers and/or integration with CNCF calendar.** - Zoom: https://zoom-lfx.platform.linuxfoundation.org/meeting/92572060749?password=645f8346-1952-44fa-bd9b-45208260fc10 is Linux Foundation hosted - Community meeting invite: https://zoom-lfx.platform.linuxfoundation.org/meetings/k8gb?view=week lives on the Linux Foundation calendar - [x] **Documentation of how to contribute, with increasing detail as the project matures.** - See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md - [x] **Demonstrate contributor activity and recruitment.** - 27 community members, including 6 active maintainers, have contributed to k8gb's 32 releases. - See devstat metrics: https://k8gb.devstats.cncf.io/d/66/developer-activity-counts-by-companies?orgId=1 ## Engineering Principles ### Suggested - [x] **Roadmap change process is documented.** - See https://github.com/k8gb-io/k8gb/blob/master/ROADMAP.md - [x] **History of regular, quality releases.** - 27 community members have contributed to k8gb's 32 releases: https://github.com/k8gb-io/k8gb/releases ### Required - [x] **Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently.** - See https://www.k8gb.io/#key-differentiators - [x] **Document what the project does, and why it does it - including viable cloud native use cases.** - See https://www.k8gb.io/ and https://www.k8gb.io/#motivation-and-architecture - [x] **Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.** - See https://github.com/k8gb-io/k8gb/blob/master/ROADMAP.md - [x] **Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation.** - See the extended architecture documentation [here](https://www.k8gb.io/docs/) - Internal k8gb architecture and its components are described [here](https://www.k8gb.io/docs/components.html) - [x] **Document the project's release process.** - See https://github.com/k8gb-io/k8gb/blob/master/CONTRIBUTING.md#release-process ## Security Note: this section may be augmented by a joint-assessment performed by TAG Security. ### Suggested N/A ### Required - [x] **Clearly defined and discoverable process to report security issues.** - See [Security](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md) - especially [Reporting a Vulnerability](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md#reporting-a-vulnerability). - [x] **Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)** - The setting "Require two-factor authentication for everyone in the k8gb organization." is enabled for https://github.com/k8gb-io organization. - [x] **Document assignment of security response roles and how reports are handled.** - See [Security](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md) - especially [Review Process](https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md#review-process). - [x] **Document Security Self-Assessment.** - See https://github.com/k8gb-io/k8gb/blob/master/self-assessment.md - See also https://github.com/k8gb-io/k8gb/blob/master/SECURITY.md and https://github.com/k8gb-io/k8gb/blob/master/SECURITY-INSIGHTS.yml - [x] **Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.** - k8gb has achieved the OpenSSF Best Practices passing badge: https://www.bestpractices.dev/en/projects/4866. It is linked on the https://www.k8gb.io/ index page and the main README of https://github.com/k8gb-io/k8gb. ## Ecosystem ### Suggested N/A ### Required - [x] **Publicly documented list of adopters, which may indicate their adoption level (dev/trialing, prod, etc.)** - See https://github.com/k8gb-io/k8gb/blob/master/ADOPTERS.md - [x] **Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)** - See https://github.com/k8gb-io/k8gb/blob/master/ADOPTERS.md The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation. - [ ] **TOC verification of adopters.** Refer to the Adoption portion of this document. - [x] **Clearly documented integrations and/or compatibility with other CNCF projects as well as non-CNCF projects.** - See https://www.k8gb.io/#installation-and-configuration-tutorials for examples of known integrations with other CNCF projects as well as non-CNCF projects. ## Additional Information