Open yada opened 3 months ago
π @yada
Welcome to the Microcks community! π
Thanks and congrats π for opening your first issue here! Be sure to follow the issue template or please update it accordingly.
π’ If you're using Microcks in your organization, please add your company name to this list. π It really helps the project to gain momentum and credibility. It's a small contribution back to the project with a big impact.
If you need to know why and how to add yourself to the list, please read the blog post "Join the Microcks Adopters list and Empower the vibrant open source Community π"
Hope you have a great time there!
Roadmap initialized on https://github.com/microcks/.github/issues/15 must be replicated in this repo main branch => We should update GH Action exclusions rules to avoid triggering build on this file update.
@lbroudoux same for https://github.com/microcks/.github/blob/main/ADOPTERS.md => We should update GH Action exclusions rules to avoid triggering build on this file update.
Starting to have effects π
Very good progress done so far:
Now we need to focus on some security checks to target 100%, let do it π
This issue has been automatically marked as stale because it has not had recent activity :sleeping:
It will be closed in 30 days if no further activity occurs. To unstale this issue, add a comment with a detailed explanation.
There can be many reasons why some specific issue has no activity. The most probable cause is lack of time, not lack of interest. Microcks is a Cloud Native Computing Foundation project not owned by a single for-profit company. It is a community-driven initiative ruled under open governance model.
Let us figure out together how to push this issue forward. Connect with us through one of many communication channels we established here.
Thank you for your patience :heart:
Security just raised to 59 π
The score decreased as we added more repos. See: https://github.com/cncf/clomonitor/pull/1571 But this was expected, and we are working on automation to improve it. Ref: https://github.com/microcks/.github/issues/16
The overall score for all our repos is back to 70 π Still, some improvement is to come.
Reason/Context
See: https://www.cncf.io/reports/security-slam-2023/
Microcks has a CLO Monitor score of 68% π€ the goal is to be at 100% or close to... π
This will also improve the project's Best Practices Score: https://insights.lfx.linuxfoundation.org/foundation/cncf/overview/best-practice-score?project=microcks&routedFrom=Github&bestPractice=false
Once we achieve our CLO Monitor objective, we'll be in good shape to create a new issue (if still necessary) and aim for a 100% score on insights.lfx.linuxfoundation.org, demonstrating our continuous improvement π
Description
We can check how other projects have achieved 100%: https://clomonitor.io/projects/cncf/kyverno π Thanks for the inspiration on this issue https://clomonitor.io/projects/cncf/k8gb
Or (close to 100%): https://clomonitor.io/projects/cncf/flux-project https://clomonitor.io/projects/cncf/cilium
Implementation ideas
Here is the current list of tasks to fix: https://clomonitor.io/projects/cncf/microcks
CLOMonitor report
Summary
Repository: microcks URL: https://github.com/microcks/microcks Checks sets:
COMMUNITY
+CODE
Checks passed per category
Documentation
License
Best Practices
EXEMPT
EXEMPT
Security
Legal
For more information about the check sets available and how each of checks works, please see the CLOMonitor's documentation.