vote: update governance

[leogr]

Proposal

What type of PR is this?

/kind documentation

What this PR does / why we need it:

As maintainers, we’ve been working on refreshing the Falco governance. Our aim is to make the decision-making process clearer and faster, to clarify roles and responsibilities, enshrine openness and vendor neutrality, and enable the formation of community subgroups when needed.

We have attempted to do this without introducing needless overhead: we respect contributor time and would like it focused in the most productive ways.

This draft integrates early feedback and is now being shared for broader feedback. We also intend to seek feedback from CNCF TAG Contributor Strategy’s Governance working group. Please leave your comments after reading the document thoroughly.

Here are the major points from the proposed governance:

• Principles: openness, respect, transparency and vibrant evolution are Falco’s principles
• Leadership: maintainers of the core repositories serve as the oversight and direction-setting group for the whole project, with limits set on per-company voting power.
• Technical Advisory Groups may now be chartered, to address specific topics where expertise and recommendations are required.
• Maintainer lifecycle: clear definition of how project members move from contributor to maintainer, to retiring to emeritus status
• Decision-making and voting: clear rules on lazy consensus by default, and how votes should be conducted.

Which issue(s) this PR fixes:

Fixes #158 Fixes https://github.com/falcosecurity/falco/issues/2132

Special notes for your reviewer:

• This PR is currently a wip (work in progress). We will gather feedback for a week from the broader community, and revise it as appropriate. Once the revision has been concluded, we will remove the wip and vote as a project on its adoption.
• One goal of this proposal is also to move all important documents from the https://github.com/falcosecurity/.github to https://github.com/falcosecurity/evolution (this repository). So, once this PR gets merged we will clean up the old document from here (N.B.:The old document history has been extracted and moved here.).
• https://github.com/falcosecurity/evolution/issues/171 tracks actions to be performed after this PR gets merged.

:mega: Voting (2022-08-22)

:book: Instructions

Please follow the voting instructions to cast your vote. As per our governance model we are following the "organizational voting". We must reach a 66% majority in agreement to implement changes. Review the following criteria.

Each organization/company is allotted 1 vote. Please decide among yourselves who will be the voting representative from your organization.

The table outlines all of the maintainers by organization (updated to 2022-08-22).

Organization	Maintainers
Amazon	@admiral0, @jonahjon
Chainguard	@cpanato
Clastix	@maxgio92
IBM	@araujof, @terylt
Independent	@leodido
LOVOO	@fjogeleit
Polytechnic of Turin	@andreagit97
RedHat	@molter73
Secureworks	@dwindsor
Sysdig	@fededp, @gnosek, @issif, @jasondellaluce, @ldegio, @leogr, @lucaguerra, @mstemm, @zuc

To cast your vote, please comment on this PR.

The proposed governance change is approved once we reach at least 7 of 10 votes in favor.

Remember that only maintainers have binding votes, but we appreciate non-binding votes from the community as a sign of support!

[poiana]

@geekygirldawn: changing LGTM is restricted to collaborators

In response to [this](https://github.com/falcosecurity/evolution/pull/169#pullrequestreview-1064960723): >This is definitely comprehensive and well-written. My only concern is that is seems very long, and with the content spread over 3 files, it might be a bit difficult for people to digest. We generally recommend that projects have a [CONTRIBUTOR_LADDER.md](https://github.com/cncf/project-template/blob/main/CONTRIBUTOR_LADDER.md) and [GOVERNANCE.md](https://github.com/cncf/project-template/blob/main/GOVERNANCE.md) - you can see our templates here: https://github.com/cncf/project-template > >I'm not necessarily saying that you should re-write this. What you've done is a little different from what we usually see, but that doesn't make it wrong :) Let's get feedback from @jberkus to see what he thinks before making any major updates. Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[leogr]

Since it seems like a recurring question, we want to clarify the structure and organization of these documents :smiley_cat:

• All the fundamental rules and principles have been included in GOVERNACE.md as we expect them not to be changed frequently. A super majority vote is indeed required to change it. The GOVERNACE.md document delegates further details and guidelines to other documents (eg REPOSITORIES.md and MAINTAINERS-GUIDELINES.md). Those other documents may need to be changed or improved more often, so a super majority vote is not required. This structure appeared more suited to managing the current state of our community.

• We intend to centralize and consolidate all important documents on this (evolution) repository. However, since that requires many editorial changes and opening numerous PRs, we just decided to postpone this effort to when the new governance gets approved. The only exception may be the management of community initiatives (including community calls) and communication channels we would like to leave in the community repository because it seems more appropriate.

Please let us know if you think this is okay for now or if there are any concerns :pray:

cc @geekygirldawn @jberkus

[jberkus]

@leogr let me suggest, then, that each document have a header/TOC that includes links to the other documents. CNCF contributors are used to finding all of a project's contributing and governance docs in one place. Since these aren't, it would be very helpful to link them together.

[leogr]

@leogr let me suggest, then, that each document have a header/TOC that includes links to the other documents. CNCF contributors are used to finding all of a project's contributing and governance docs in one place. Since these aren't, it would be very helpful to link them together.

Great suggestion! Thank you. I will fix it.

[jberkus]

So one last thing to think about: the current governance docs have no provisions to ensure diversity, except for the 40% single-company vote policy. But there's nothing to encourage increasing diversity of maintainers over time. In general, we've found that self-selecting maintainer councils that depend on potential maintainers self-nominating do not become more diverse. It might be worth thinking about ways to improve that. Mentoring programs and potential maintainer review processes (that is, looking for new maintainers rather than waiting for them to step forwards) work better than quotas, usually.

[jasondellaluce]

We are absolutely committed to improving maintainer diversity, and I think this new governance paves the way for the project to have a mentor program and have a group dedicating their time on it in the future.

I think the Principles section might be a good place to include the notion of diversity. We can also update the Maintainers' responsibilities to include that of mentoring, encouraging, and sponsoring new maintainers, furthering the interest of diversity of representation.

[leogr]

@leogr let me suggest, then, that each document have a header/TOC that includes links to the other documents. CNCF contributors are used to finding all of a project's contributing and governance docs in one place. Since these aren't, it would be very helpful to link them together.

We've realized that introducing a TOC/header in all documents requires moving other files in this repository and various editorial adjustments. So, we will fix that immediately after this PR gets merged. I've created an issue (:point_right: #171) to track all tasks to be performed later. So we will not forget.

Josh, thank you again for your valuable suggestions :pray:

[leogr]

After several weeks of discussions and improvements, we can consider the drafting phase ended and proceed with a vote (I'll post instructions soon) :star_struck:

So, I'm removing the wip:, but I put the PR on hold to avoid merging it by mistake. /hold Once the vote is concluded, we will cancel the hold and eventually merge it.

Last but not least, I want to say a huge thank you to all the folks involved in this effort and for all the valuable feedback we got. :pray: :hugs:

[leogr]

:mega: Voting is officially open (2022-08-22)

:book: Instructions

Please follow the voting instructions to cast your vote. As per our governance model we are following the "organizational voting". We must reach a 66% majority in agreement to implement changes. Review the following criteria.

Each organization/company is allotted 1 vote. Please decide among yourselves who will be the voting representative from your organization.

The table outlines all of the maintainers by organization (updated to 2022-08-22).

Organization	Maintainers
Amazon	@admiral0, @jonahjon
Chainguard	@cpanato
Clastix	@maxgio92
IBM	@araujof, @terylt
Independent	@leodido
LOVOO	@fjogeleit
Polytechnic of Turin	@andreagit97
RedHat	@molter73
Secureworks	@dwindsor
Sysdig	@fededp, @gnosek, @issif, @jasondellaluce, @ldegio, @leogr, @lucaguerra, @mstemm, @zuc

To cast your vote, please comment on this PR.

The proposed governance change is approved once we reach at least 7 of 10 votes in favor.

Remember that only maintainers have binding votes, but we appreciate non-binding votes from the community as a sign of support!

[maxgio92]

Thank you @leogr for this huge effort on writing down these update. It brings a big value. I think this set of changes can improve the health of the community, and clarifies important points where we needed.

I vote to update the governance as for this PR.

[jasondellaluce]

+1 Binding.

I think the newly proposed governance brilliantly represents the principles and processes of our community. Fantastic job from @leogr in gathering everyone's feedback and writing it down in this formal document.

[fjogeleit]

+1 Vote

great job @leogr

[Andreagit97]

As I said in the previous comment, I agree with the new concepts introduced by this document, so:

+1 Vote

I would to thank all maintainers for this huge work!

[araujof]

+1 Vote

Nicely written and inspiring governance document, @leogr! Thanks for your efforts!

[dwindsor]

+1 vote, thank you for taking the time to do this!

[cpanato]

+1 Vote

and thanks so much @leogr for doing this. it is a lot of hard work!

[Molter73]

+1 vote

As has been stated by others before me, thanks to everyone involved in this and specially to @leogr for his huge effort putting it together.

[jonahjon]

+1 Love it!

[leogr]

Thank you all for voting for this proposal :hugs:

We reached 9 of 10 votes, so the new governance is officially approved :partying_face:

cc @maxgio92

[leogr]

/unhold

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leogr, maxgio92

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/falcosecurity/evolution/blob/master/OWNERS)~~ [leogr,maxgio92] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment