-
Notifications
You must be signed in to change notification settings - Fork 628
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SANDBOX PROJECT ONBOARDING] OpenFGA #921
Comments
Add OpenFGA Maintainers For cncf/toc#921 For openfga/community#33 > Create maintainer list + add to aggregated https://maintainers.cncf.io/ list by submitting a PR to it Signed-off-by: Andrés Aguiar <andres.aguiar@auth0.com>
@amye our CI/CD pipeline currently uses tools like Semgrep/Snyk for vulnerability scanning/FOSSA for licensing, in their non-free tiers, paid by Okta. Those runs from Github Actions. I see we can get FOSSA with CNCF's help, not sure if we can get Snyk for vulnerability scanning. Can we keep using Snyk for vulnerability scanning and the paid Semgrep tier, or should we move to free tiers? Thanks |
Do you have a preference? We are currently using https://cla-assistant.io/ for CLAs, can we use https://easycla.lfx.linuxfoundation.org/#/ instead? |
We don't have analytics on the website. Should we integrate an analytics service? Any preference? |
If you don't already have one, no need! |
Yes, the EasyCLA team is at https://jira.linuxfoundation.org/plugins/servlet/theme/portal/4/create/143 - they'll be able to help you out! |
@jeefy can help with Synk or FOSSA |
|
@amye Can we keep Semgrep using our Okta license, or do we need to move to create an account for OpenFGA and move to a free tier? Thanks! |
DevStats page added. |
For transferring the domain here https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/create/63 should I set it this way? Project: "None" Thanks! |
|
|
|
|
@jeefy could you please help me with Synk and FOSSA? |
@amye In our notice.txt files we have "Copyright 2022 Okta, Inc.". I see other projects use "The Authors". Is it OK if we use "The OpenFGA Project Authors"? Should we mention CNCF? |
Andres, please see:
https://github.com/cncf/foundation/blob/main/copyright-notices.md#copyright-notices
…On Thu, Oct 20, 2022 at 8:44 AM Andrés Aguiar ***@***.***> wrote:
@amye <https://github.com/amye> In our notice.txt files we have
"Copyright 2022 Okta, Inc.". I see other projects use "The Authors". Is it
OK if we use "The OpenFGA Project Authors"? Should we mention CNCF?
—
Reply to this email directly, view it on GitHub
<#921 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSINN5DWYJGCXCUWY6Z3WEFEELANCNFSM6AAAAAAQLVWZDI>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
Check https://openfga.dev/ |
Also make sure you work on any issues found here :)
https://clomonitor.io/projects/cncf/openfga
…On Fri, Oct 21, 2022 at 7:28 AM Andrés Aguiar ***@***.***> wrote:
- Website: ensure LF footer is there and website guidelines
<https://github.com/cncf/foundation/blob/master/website-guidelines.md>
followed (if your project doesn't have a dedicated website, please adopt
those guidelines to the README file of your project on GitHub).
Check https://openfga.dev/
—
Reply to this email directly, view it on GitHub
<#921 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAPSIOQTJUNDPE5WQXRYVTWEKD7ZANCNFSM6AAAAAAQLVWZDI>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Cheers,
Chris Aniszczyk
https://aniszczyk.org
|
@jeefy now the Github org is part of CNCF's org, would it be possible to setup the integration with Synk and FOSSA? Thanks a lot. |
@amye can you confirm if I should use @caniszczyk 's emails as "LF Stakeholder" when transferring the domains? Thanks! |
It can be me, that's fine. |
https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-24780 |
I think we are done from our side, we still need help to:
Thanks for your help! |
Domain transfer was completed. |
@amye The rest of the items that are unchecked are completed too:
We don't have Slack channels, we are using Discord. Should we create a Slack channel in CNCF's Slack?
In Openfga.dev, there's a CNCF icon at the bottom left that links to https://www.linuxfoundation.org/legal/trademark-usage let us know if that does not work. |
I'll let @jeefy weigh in on Fossa, but last thing: do you want a space on community.cncf.io? |
@amye Not yet, can we do it later, when we start to see the need? Thanks! |
Awesome! |
@jeefy can you help us integrate FOSSA/Snyk? |
@jeefy ping :) We really need to get that integration done... Thanks! |
This is our our list, @RobertKielty may also be assisting here :) |
Not only did this fall off my radar, my radar just ceased functioning. My bad. @aaguiarz all maintainers should have invitations to Snyk in their inboxes (if not already, soon) |
Thanks @jeefy ! Can we also get access to FOSSA? We have it already configured for OSS Licensing Compliance but we are using our keys. |
We got there! |
All tasks have been completed! |
Welcome to CNCF Project Onboarding!
This is an issue created to help onboard your project into the CNCF after the TOC has voted to accept your project.
We would like to complete onboarding within one month of acceptance.
From the project side, please ensure that you:
Things that CNCF will need from the project:
Things that the CNCF will do or help the project to do:
The text was updated successfully, but these errors were encountered: