Porter enables you to package your application artifact, client tools, configuration and deployment logic together as an installer that you can distribute, and install with a single command.
[ ] Give a presentation and engage with the domain specific TAG(s) to increase awareness
This was completed and occurred on DD-MMM-YYYY, and can be discovered at $LINK.
- [ ] **TAG provides insight/recommendation of the project in the context of the landscape**
- [x] **All project metadata and resources are [vendor-neutral](https://contribute.cncf.io/maintainers/community/vendor-neutrality/).**
- [ ] **Review and acknowledgement of expectations for [Sandbox](https://sandbox.cncf.io) projects and requirements for moving forward through the CNCF Maturity levels.**
- Met during Project's application on DD-MMM-YYYY.
- [ ] **Due Diligence Review.**
Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisfies the Due Diligence Review criteria.
- [x] **Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.**
[Installation Docmentation](https://porter.sh/docs/getting-started/install-porter/)
[Best Practices](https://porter.sh/docs/best-practices/)
## Governance and Maintainers
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
### Suggested
- [x] **Clear and discoverable project governance documentation.**
[Governance.MD](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/GOVERNANCE.md?plain=1#L32)
- [ ] **Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.**
- [x] **Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.**
[Biweekly meetings are recorded and put on Youtube](https://www.youtube.com/@cncfportercommunity9206).
- [ ] **Governance clearly documents [vendor-neutrality](https://contribute.cncf.io/maintainers/community/vendor-neutrality/) of project direction.**
- [ ] **Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.**
- [x] **Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).**
[Contribution Ladder discusses roles, how to become each role, and removal.
](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/CONTRIBUTION_LADDER.md)
- [x] **Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).**
[ContributionLadder has emeritus](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/CONTRIBUTION_LADDER.md), inactivity period, and covers involuntary removal.
- [ ] **Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.**
- [x] **If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.**
### Required
- [x] **Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.**
[Owners.Md](https://github.com/getporter/porter/blob/main/OWNERS.md)
- [x] **A number of active maintainers which is appropriate to the size and scope of the project.**
Six
- [x] **Code and Doc ownership in Github and elsewhere matches documented governance roles.**
[Owners.MD](https://github.com/getporter/porter/blob/main/OWNERS.md)
- [x] **Document agreement that the project will adopt CNCF Code of Conduct.**
[Porter CoC (CNCF CoC)](https://github.com/getporter/porter/tree/75d49d290e28fac1b54561513fd933ea1b67c190?tab=coc-ov-file)
- [x] **CNCF Code of Conduct is cross-linked from other governance documents.**
[CoC](https://github.com/getporter/porter/tree/75d49d290e28fac1b54561513fd933ea1b67c190?tab=coc-ov-file)
- [x] **All subprojects, if any, are listed.**
[Porter Operator](https://github.com/getporter/operator)
## Contributors and Community
Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy.
### Suggested
- [x] **Contributor ladder with multiple roles for contributors.**
[ContributionLadder.MD](https://github.com/getporter/porter/blob/main/CONTRIBUTION_LADDER.md)
### Required
- [x] **Clearly defined and discoverable process to submit issues or changes.**
[Via Github](https://github.com/getporter/porter/issues/new/choose)
- [x] **Project must have, and document, at least one public communications channel for users and/or contributors.**
[Contact in Readme](https://github.com/getporter/porter/?tab=readme-ov-file#contact)
- [x] **List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.**
[Contact in Readme](https://github.com/getporter/porter/?tab=readme-ov-file#contact)
- [x] **Up-to-date public meeting schedulers and/or integration with CNCF calendar.**
Yes, recently updated! [(and is on website)](https://porter.sh/community/#dev-meeting)
- [x] **Documentation of how to contribute, with increasing detail as the project matures.**
[Contributing.MD](https://github.com/getporter/porter/blob/main/CONTRIBUTING.md)
- [x] **Demonstrate contributor activity and recruitment.**
[Insights](https://github.com/getporter/porter/graphs/contributors)
## Engineering Principles
### Suggested
- [x] **Roadmap change process is documented.**
[Proposal Documentation](https://porter.sh/docs/contribute/proposals/)
- [x] **History of regular, quality releases.**
[Latest, Canary and Quarterly Releases](https://github.com/getporter/porter/releases)
### Required
- [ ] **Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently.**
- [x] **Document what the project does, and why it does it - including viable cloud native use cases.**
[What is Porter? ](https://porter.sh/blog/share-a-cloud-application/#what-is-cnabporter)
- [x] **Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.**
[This Github project](https://github.com/orgs/getporter/projects/7/views/1) board that feeds into our [release board](https://github.com/orgs/getporter/projects/8)
- [x] **Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation.**
There’s a lot in the website’s documentation, [but this one is significant](https://porter.sh/architecture-runtime/).
- [x] **Document the project's release process.**
[Releases](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/GOVERNANCE.md?plain=1#L32)
## Security
Note: this section may be augmented by a joint-assessment performed by TAG Security.
### Suggested
N/A
### Required
- [x] **Clearly defined and discoverable process to report security issues.**
We leverage Github security reporting, and have it documented in the [SECURITY.md](https://github.com/getporter/porter/blob/main/SECURITY.md)
- [x] **Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)**
Two factor authentication enforced by getporter organization
- [x] **Document assignment of security response roles and how reports are handled.**
[SECURITY.md](https://github.com/getporter/porter/blob/main/SECURITY.md)
- [ ] **Document Security Self-Assessment.**
- [x] **Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.**
[](https://www.bestpractices.dev/projects/8720)
## Ecosystem
### Suggested
N/A
### Required
- [x] **Publicly documented list of adopters, which may indicate their adoption level (dev/trialing, prod, etc.)**
[ADOPTERS.md](https://github.com/getporter/porter/blob/main/ADOPTERS.md)
- [x] **Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)**
To be completed by the TOC
The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation.
- [ ] **TOC verification of adopters.**
Refer to the Adoption portion of this document.
- [ ] **Clearly documented integrations and/or compatibility with other CNCF projects as well as non-CNCF projects.**
Porter Mixins are extensions of Porter that interact with other Open Source tools, such as Terraform, Helm, and Spin. Contributors are encouraged to make their own mixins with the use of our Skeletor template.
The Porter Operator is also an Operator that enables a Kubernetes native usage of Porter.
Porter Incubation Application
v1.5 This template provides the project with a framework to inform the TOC of their conformance to the Incubation Level Criteria.
Project Repo(s): GetPorter/Porter Project Site: porter.sh Sub-Projects: Porter Operator, Porter Mixins Communication: #porter and #porter-maintainers in CNCF Slack
Project points of contacts:
Incubation Criteria Summary for Porter
Adoption Assertion
The project has been adopted by the following organizations in a testing and integration or production capacity:
See Adopters
Application Process Principles
Suggested
N/A
Required
- [ ] Give a presentation and engage with the domain specific TAG(s) to increase awareness
- This was completed and occurred on DD-MMM-YYYY, and can be discovered at $LINK.
- [ ] **TAG provides insight/recommendation of the project in the context of the landscape** - [x] **All project metadata and resources are [vendor-neutral](https://contribute.cncf.io/maintainers/community/vendor-neutrality/).** - [ ] **Review and acknowledgement of expectations for [Sandbox](https://sandbox.cncf.io) projects and requirements for moving forward through the CNCF Maturity levels.** - Met during Project's application on DD-MMM-YYYY. - [ ] **Due Diligence Review.** Completion of this due diligence document, resolution of concerns raised, and presented for public comment satisfies the Due Diligence Review criteria. - [x] **Additional documentation as appropriate for project type, e.g.: installation documentation, end user documentation, reference implementation and/or code samples.** [Installation Docmentation](https://porter.sh/docs/getting-started/install-porter/) [Best Practices](https://porter.sh/docs/best-practices/) ## Governance and Maintainers Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy. ### Suggested - [x] **Clear and discoverable project governance documentation.** [Governance.MD](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/GOVERNANCE.md?plain=1#L32) - [ ] **Governance has continuously been iterated upon by the project as a result of their experience applying it, with the governance history demonstrating evolution of maturity alongside the project's maturity evolution.** - [x] **Governance is up to date with actual project activities, including any meetings, elections, leadership, or approval processes.** [Biweekly meetings are recorded and put on Youtube](https://www.youtube.com/@cncfportercommunity9206). - [ ] **Governance clearly documents [vendor-neutrality](https://contribute.cncf.io/maintainers/community/vendor-neutrality/) of project direction.** - [ ] **Document how the project makes decisions on leadership, contribution acceptance, requests to the CNCF, and changes to governance or project goals.** - [x] **Document how role, function-based members, or sub-teams are assigned, onboarded, and removed for specific teams (example: Security Response Committee).** [Contribution Ladder discusses roles, how to become each role, and removal. ](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/CONTRIBUTION_LADDER.md) - [x] **Document a complete maintainer lifecycle process (including roles, onboarding, offboarding, and emeritus status).** [ContributionLadder has emeritus](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/CONTRIBUTION_LADDER.md), inactivity period, and covers involuntary removal. - [ ] **Demonstrate usage of the maintainer lifecycle with outcomes, either through the addition or replacement of maintainers as project events have required.** - [x] **If the project has subprojects: subproject leadership, contribution, maturity status documented, including add/remove process.** ### Required - [x] **Document complete list of current maintainers, including names, contact information, domain of responsibility, and affiliation.** [Owners.Md](https://github.com/getporter/porter/blob/main/OWNERS.md) - [x] **A number of active maintainers which is appropriate to the size and scope of the project.** Six - [x] **Code and Doc ownership in Github and elsewhere matches documented governance roles.** [Owners.MD](https://github.com/getporter/porter/blob/main/OWNERS.md) - [x] **Document agreement that the project will adopt CNCF Code of Conduct.** [Porter CoC (CNCF CoC)](https://github.com/getporter/porter/tree/75d49d290e28fac1b54561513fd933ea1b67c190?tab=coc-ov-file) - [x] **CNCF Code of Conduct is cross-linked from other governance documents.** [CoC](https://github.com/getporter/porter/tree/75d49d290e28fac1b54561513fd933ea1b67c190?tab=coc-ov-file) - [x] **All subprojects, if any, are listed.** [Porter Operator](https://github.com/getporter/operator) ## Contributors and Community Note: this section may be augmented by the completion of a Governance Review from TAG Contributor Strategy. ### Suggested - [x] **Contributor ladder with multiple roles for contributors.** [ContributionLadder.MD](https://github.com/getporter/porter/blob/main/CONTRIBUTION_LADDER.md) ### Required - [x] **Clearly defined and discoverable process to submit issues or changes.** [Via Github](https://github.com/getporter/porter/issues/new/choose) - [x] **Project must have, and document, at least one public communications channel for users and/or contributors.** [Contact in Readme](https://github.com/getporter/porter/?tab=readme-ov-file#contact) - [x] **List and document all project communication channels, including subprojects (mail list/slack/etc.). List any non-public communications channels and what their special purpose is.** [Contact in Readme](https://github.com/getporter/porter/?tab=readme-ov-file#contact) - [x] **Up-to-date public meeting schedulers and/or integration with CNCF calendar.** Yes, recently updated! [(and is on website)](https://porter.sh/community/#dev-meeting) - [x] **Documentation of how to contribute, with increasing detail as the project matures.** [Contributing.MD](https://github.com/getporter/porter/blob/main/CONTRIBUTING.md) - [x] **Demonstrate contributor activity and recruitment.** [Insights](https://github.com/getporter/porter/graphs/contributors) ## Engineering Principles ### Suggested - [x] **Roadmap change process is documented.** [Proposal Documentation](https://porter.sh/docs/contribute/proposals/) - [x] **History of regular, quality releases.** [Latest, Canary and Quarterly Releases](https://github.com/getporter/porter/releases) ### Required - [ ] **Document project goals and objectives that illustrate the project’s differentiation in the Cloud Native landscape as well as outlines how this project fulfills an outstanding need and/or solves a problem differently.** - [x] **Document what the project does, and why it does it - including viable cloud native use cases.** [What is Porter? ](https://porter.sh/blog/share-a-cloud-application/#what-is-cnabporter) - [x] **Document and maintain a public roadmap or other forward looking planning document or tracking mechanism.** [This Github project](https://github.com/orgs/getporter/projects/7/views/1) board that feeds into our [release board](https://github.com/orgs/getporter/projects/8) - [x] **Document overview of project architecture and software design that demonstrates viable cloud native use cases, as part of the project's documentation.** There’s a lot in the website’s documentation, [but this one is significant](https://porter.sh/architecture-runtime/). - [x] **Document the project's release process.** [Releases](https://github.com/getporter/porter/blob/75d49d290e28fac1b54561513fd933ea1b67c190/GOVERNANCE.md?plain=1#L32) ## Security Note: this section may be augmented by a joint-assessment performed by TAG Security. ### Suggested N/A ### Required - [x] **Clearly defined and discoverable process to report security issues.** We leverage Github security reporting, and have it documented in the [SECURITY.md](https://github.com/getporter/porter/blob/main/SECURITY.md) - [x] **Enforcing Access Control Rules to secure the code base against attacks (Example: two factor authentication enforcement, and/or use of ACL tools.)** Two factor authentication enforced by getporter organization - [x] **Document assignment of security response roles and how reports are handled.** [SECURITY.md](https://github.com/getporter/porter/blob/main/SECURITY.md) - [ ] **Document Security Self-Assessment.** - [x] **Achieve the Open Source Security Foundation (OpenSSF) Best Practices passing badge.** [](https://www.bestpractices.dev/projects/8720) ## Ecosystem ### Suggested N/A ### Required - [x] **Publicly documented list of adopters, which may indicate their adoption level (dev/trialing, prod, etc.)** [ADOPTERS.md](https://github.com/getporter/porter/blob/main/ADOPTERS.md) - [x] **Used in appropriate capacity by at least 3 independent + indirect/direct adopters, (these are not required to be in the publicly documented list of adopters)** To be completed by the TOC The project provided the TOC with a list of adopters for verification of use of the project at the level expected, i.e. production use for graduation, dev/test for incubation. - [ ] **TOC verification of adopters.** Refer to the Adoption portion of this document. - [ ] **Clearly documented integrations and/or compatibility with other CNCF projects as well as non-CNCF projects.** Porter Mixins are extensions of Porter that interact with other Open Source tools, such as Terraform, Helm, and Spin. Contributors are encouraged to make their own mixins with the use of our Skeletor template. The Porter Operator is also an Operator that enables a Kubernetes native usage of Porter.