-
Notifications
You must be signed in to change notification settings - Fork 162
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
105 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,71 @@ | ||
| If you have not previously done so, please fill out and submit the [Contributor License Agreement](https://cla.pivotal.io/sign/pivotal). | ||
| # Contributing | ||
|
|
||
| ## Pull Request Process | ||
|
|
||
| 1. [Fork][fork] the repository. | ||
| 2. [Clone][clone] your fork repository. | ||
| 3. Create a branch for the issue: `git checkout -b {{BRANCH_NAME}}` | ||
| 4. Make any changes deemed necessary. | ||
| 5. Commit your changes: `git commit -s`\ | ||
| _Learn more about the [sign-off](#sign-off-process) process below._ | ||
| 6. Push to GitHub: `git push origin {{BRANCH_NAME}}` | ||
| 7. [Create the pull request][create-pr]. | ||
|
|
||
|
|
||
| ## Sign-off Process | ||
|
|
||
| Every commit contributed to this project must be signed-off. | ||
|
|
||
| A sign-off is a single line added to your commit messages that certifies that you wrote and/or have the right to the | ||
| contributed changes. | ||
|
|
||
| The full text of the certification from [developercertificate.org](http://developercertificate.org/) is a follows: | ||
| ``` | ||
| Developer Certificate of Origin | ||
| Version 1.1 | ||
| Copyright (C) 2004, 2006 The Linux Foundation and its contributors. | ||
| 1 Letterman Drive | ||
| Suite D4700 | ||
| San Francisco, CA, 94129 | ||
| Everyone is permitted to copy and distribute verbatim copies of this | ||
| license document, but changing it is not allowed. | ||
| Developer's Certificate of Origin 1.1 | ||
| By making a contribution to this project, I certify that: | ||
| (a) The contribution was created in whole or in part by me and I | ||
| have the right to submit it under the open source license | ||
| indicated in the file; or | ||
| (b) The contribution is based upon previous work that, to the best | ||
| of my knowledge, is covered under an appropriate open source | ||
| license and I have the right under that license to submit that | ||
| work with modifications, whether created in whole or in part | ||
| by me, under the same open source license (unless I am | ||
| permitted to submit under a different license), as indicated | ||
| in the file; or | ||
| (c) The contribution was provided directly to me by some other | ||
| person who certified (a), (b) or (c) and I have not modified | ||
| it. | ||
| (d) I understand and agree that this project and the contribution | ||
| are public and that a record of the contribution (including all | ||
| personal information I submit with it, including my sign-off) is | ||
| maintained indefinitely and may be redistributed consistent with | ||
| this project or the open source license(s) involved. | ||
| ``` | ||
|
|
||
| The signature should look as such: | ||
|
|
||
| Signed-off-by: John Doe <john.doe@email.com> | ||
|
|
||
| > Pro-tip: `git` can automatically add the signature by adding the `-s` flag to the commit command:\ | ||
| > `git commit -s` | ||
| [fork]: https://help.github.com/en/github/getting-started-with-github/fork-a-repo | ||
| [clone]: https://help.github.com/en/github/creating-cloning-and-archiving-repositories/cloning-a-repository | ||
| [create-pr]: https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| ## Policies | ||
|
|
||
| This repository adheres to the following project policies: | ||
|
|
||
| - [Code of Conduct](CODE_OF_CONDUCT.md) - How we should act with each other. | ||
| - [Contributing](CONTRIBUTING.md) - General contributing standards. | ||
| - [Security](SECURITY.md) - Reporting security concerns. | ||
| - [Support](SUPPORT.md) - Getting support. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| We strongly encourage people to report security vulnerabilities privately to our security team before disclosing them in a public forum. | ||
|
|
||
| Please note that the e-mail address below should only be used for reporting undisclosed security vulnerabilities in Cloud Native Buildpacks products and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other security related queries at this address. | ||
|
|
||
| The e-mail address to use to contact the Cloud Native Buildpacks Security Team is security@buildpacks.io. | ||
|
|
||
| The fingerprint is: `7AA4 452E A0C3 56F8 894D C869 4E56 F857 5412 6F64` | ||
|
|
||
| It can be obtained from a public key server such as pgp.mit.edu. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # Support Policy | ||
|
|
||
| ## Security Vulnerabilities | ||
| If you believe that you've found a security vulnerability, please check [SECURITY.md](SECURITY.md) to learn how to disclose responsibly. | ||
|
|
||
| ## GitHub Issues | ||
| We choose not to use GitHub issues for general usage questions and support, preferring to use issues solely for the tracking of bugs and enhancements. If you have a general usage question please do not open a GitHub issue, but use one of the other channels described below. | ||
|
|
||
| If you are reporting a bug, please help to speed up problem diagnosis by providing as much information as possible. Ideally, that would include a small sample project that reproduces the problem.. | ||
|
|
||
| ## Slack | ||
| The kpack community monitors [Kubernetes slack](https://kubernetes.slack.com/channels/kpack). Before asking a question please search the history to see if the question has already been asked and answered. |