kubernetes · pwittrock · Jan 29, 2019 · Jan 30, 2019 · Feb 4, 2019 · brendandburns
diff --git a/sig-cli/charter.md b/sig-cli/charter.md
@@ -5,25 +5,43 @@ the Roles and Organization Management outlined in [sig-governance].
 
 ## Scope
 
-The Command Line Interface SIG (SIG CLI) is responsible for kubectl and
-related tools. This group focuses on general purpose command line tools and
-libraries to interface with Kubernetes API's.
-
 ### In scope
 
-SIG CLI [README]
+The Command Line Interface SIG (SIG CLI) is responsible for kubectl, as well as accompanying
+libraries and documentation.  See kubectl [design principles](design-principles.md) for the
+focus of kubectl functionality.
+
+**Note:** Definition of kubectl may include commands developed by SIG CLI as kubectl plugins.
+
+Kubectl is a dynamic + resource-oriented CLI, and reference implementation for interacting
+with the API, as well as a basic tool for declarative and imperative management.
+
+SIG CLI focuses on command line tooling for working with Kubernetes APIs and Resource Config.
+This includes both generalized tooling for working with Resources, Resource Config
+and Resource Types (e.g. using resource / object metadata, duck-typing, openapi, discovery, 
+scale and status subresources, etc), as well as tooling for working with specific Kubernetes
+APIs (e.g. `logs`, `exec`, `create configmap`).
 
-#### Code, Binaries and Services
+The scope includes both low level tooling that may be used by things like scripts,
+as well as higher level porcelain to reduce user friction for simple,
+common, difficult or important tasks performed by users.  The
+scope also includes publishing a subset the libraries which were used to develop the tooling
+itself.
 
-SIG CLI code include general purpose command line tools and binaries for working
-with Kubernetes API's. Examples of these binaries include: [kubectl and kustomize].
+The decision whether to publish specific functionality as part of kubectl,
+as a separate tool, as a kubectl extension, or as a library are technical
+decisions made by the SIG and owners of the code under development.
 
 ### Out of scope
 
-SIG CLI is not responsible for command-line tools built and maintained by other
-SIGs, such as kubeadm, which is owned by SIG Cluster Lifecycle. SIG CLI is not
-responsible for defining the Kubernetes API that it interfaces with. The
-Kubernetes API is the responsibility of SIG API Machinery.
+- SIG CLI is not responsible for tools developed outside of the
+  SIG (even if they are part of the broader Kubernetes project).
+- SIG CLI is not responsible for kubectl subcommands developed outside of the
+  SIG (even if they are developed through kubectl extension mechanisms).
+- SIG CLI is not responsible for defining the Kubernetes API or Resource Types
+  that it interfaces with (which is owned by SIG Apps and SIG API Machinery).
+- SIG CLI is not responsible for integrating with *specific tools* or APIs
+  developed outside of the Kubernetes project.
 
 ## Roles and Organization Management
 
@@ -48,6 +66,5 @@ Option 1: by [SIG Technical Leads](https://github.com/kubernetes/community/blob/
 [Kubernetes Charter README]: https://github.com/kubernetes/community/blob/master/committee-steering/governance/README.md
 [sig-governance]: https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance.md
 [README]: https://github.com/kubernetes/community/blob/master/sig-cli/README.md
-[kubectl and kustomize]: https://github.com/kubernetes/community/blob/master/sig-cli/README.md#subprojects
 [Test Playbook]: https://docs.google.com/document/d/1Z3teqtOLvjAtE-eo0G9tjyZbgNc6bMhYGZmOx76v6oM
 
diff --git a/sig-cli/design-principles.md b/sig-cli/design-principles.md
@@ -0,0 +1,81 @@
+# Kubectl and SIG CLI Design Principles
+
+## Focus
+
+kubectl provides Resource and Resource Config oriented commands
+(as opposed to some other central concepts, such as packaging, integration, etc).
+This includes but is not limited to commands to generate, transform, create,
+update, delete, watch, print, edit, validate and aggregate information
+about Resources and Resource Config.  This functionality may be either
+declarative or imperative.
+
+Additionally kubectl provides:
+- commands targeted at sub-Resource APIs - e.g. exec, attach, logs
+- commands targeted at non-Resource Kubernetes APIs - e.g. openAPI, discovery, version, etc
+- porcelain commands for simple / common operations where no discrete
+  API implementation exists -e.g. `run`, `expose`, `rollout`, `cp`, `top`, `cordon`,
+  `drain` and `describe`.
+- porcelain functionality working with Resource Config files, urls, etc - 
+  e.g.`-f -R` flags, Kustomization `bases` and `resources`.
+
+*kubectl is part swiss-army knife and part reference implementation for interacting with the API
+and driving the fututure direction of the API through identifying API needs and addressing them
+client-side.*
+
+As such, it is also a proving group for widely used functionality that may be moved
+into the server.  Past examples of kubectl functionality that moved into the server include -
+garbage collection, rolling updates, apply, "get" and dry-run.
+
+It may also include porcelain that bridges standard non-Kubernetes native solution to Kubernetes
+native solutions - e.g. `docker run` -> `kubectl run`, `EXPOSE` -> `kubectl expose`.
+
+## Workflows
+
+The scope of CLI Tools focuses on enabling declarative and imperative workflows
+for invoking kubernetes APIs and authoring Resource Config.  Tools provide
+commands for both generalized (e.g. create resource from Resource Config) tasks and
+specialized (e.g. drain a node, exec into a container) tasks.
+
+It is the philosophy of the tools developed in SIG CLI to facilitate working
+directly with the Kubernetes APIs and Kubernetes style Resources, and to the
+extent possible, provide a transparent experience for how commands map to
+Kubernetes APIs and Resources.
+
+Building new abstractions and concepts for users to interact with in place of
+the Resource APIs rather than access them (e.g. through generalized templating,
+DSLs, etc) is not a goal of SIG CLI.
+
+## Extensibility
+
+CLI prefers to develop commands in such a way that they can provide a native
+experience for APIs developed as extensions.  This requires a philosophy of
+minimizing resource specific functionality and enabling it through data
+published by the cluster rather than hard-coding the API data into the tools.
+This includes developing specific extension mechanisms for kubectl such as plugins.
+Extensibility is a design preference, not a mandate, and should not come at a practical
+cost impacting the UX or functionality of the tool.
+
+CLI prefers to develop commands in such a way that enables tools and solutions
+developed independently (e.g. outside the SIG, K8S project, etc) to interoperate
+with the CLI tools - e.g. through pipes or wrapping / execing.  This is aligned
+with the goal of remaining close to the Kubernetes APIs.
+
+## Documentation
+
+SIG CLI is responsible for developing documentation to accompany kubectl that both describes
+the functionality and provides techniques for effective usage.
+
+#### Examples of Functionality In Kubectl
+
+Following are examples of functionality that is in kubectl.
+
+- Invoking Kubernetes APIs: Resource APIs, SubResource APIs, Discovery Service, Version, OpenAPI
+- Pre and Post processing API Resource Config, API Requests and API Responses
+- Aggregating multiple API Responses and post processing them
+- Collapsing multiple manual steps into a command
+- Generating Kubernetes Resource Config locally or creating Resources remotely
+- Transforming Kubernetes Resource Config locally or patching remotely
+- Blocking on propagation of an event or change to the cluster
+- Referencing a collection of either remote or local Resource Config
+- Configure how to talk to a specific cluster from the cli
+- Selecting which API group/version to invoke if ambiguous in the context of the command