Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create the Product Security Committee #89

Closed
philips opened this Issue Jan 16, 2019 · 19 comments

Comments

Projects
10 participants
@philips
Copy link
Contributor

commented Jan 16, 2019

tl;dr @kubernetes/steering-committee LGTM this issue to approve the Kubernetes Product Security Team becoming the Product Security Committee.

The product security team was formed to handle disclosures to security@kubernetes.io and document disclosure processes at kubernetes.io/security.

For the last 1.5 years it has been operating as a nebulous team as part of SIG Release which was the recommendation of the steering committee at the time. Today though, we have a committee creation process.

LGTM this issue to form the Kubernetes Product Security Committee.

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Jan 16, 2019

@dims

This comment has been minimized.

Copy link
Member

commented Jan 16, 2019

LGTM 👍

@philips philips added this to Backlog in Steering via automation Jan 16, 2019

@philips philips moved this from Backlog to In Progress in Steering Jan 16, 2019

@spiffxp

This comment has been minimized.

Copy link
Member

commented Jan 16, 2019

LGTM

@tpepper

This comment has been minimized.

Copy link

commented Jan 16, 2019

LGTM from SIG Release side

@justaugustus

This comment has been minimized.

Copy link
Member

commented Jan 16, 2019

Another LGTM from SIG Release.
@spiffxp -- thanks for getting us closure on this so quickly! :)

dims added a commit to dims/test-infra that referenced this issue Jan 18, 2019

Add Label for Product Security Team (PST)
Legit per kubernetes/steering#89 :)

Change-Id: Ia0f9001d2c0ed9c35aef5ed5cb2e86817bf4999f

dims added a commit to dims/test-infra that referenced this issue Jan 18, 2019

Add Label for Product Security Team (PST)
Legit per kubernetes/steering#89 :)

Change-Id: Ia0f9001d2c0ed9c35aef5ed5cb2e86817bf4999f

OlegLoewen added a commit to OlegLoewen/test-infra that referenced this issue Jan 21, 2019

Add Label for Product Security Team (PST)
Legit per kubernetes/steering#89 :)

Change-Id: Ia0f9001d2c0ed9c35aef5ed5cb2e86817bf4999f
@dims

This comment has been minimized.

Copy link
Member

commented Jan 30, 2019

LGTM

@dims

This comment has been minimized.

Copy link
Member

commented Jan 30, 2019

Do we need to update some metadata somewhere?

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Feb 19, 2019

@parispittman Do you know where committees live? Or maybe @michelleN who has been helping get the CoCC one going?

@michelleN

This comment has been minimized.

Copy link
Member

commented Feb 19, 2019

@philips The CoCC info lives in the kubernetes/community repo here

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Feb 21, 2019

@spiffxp as part of the GitHub management team can you create the security committee github.com/kubernetes/security similar to github.com/kubernetes/steering? We have a number of documents that we need to manage like subscription lists for CVE disclosure which currently live here: https://github.com/kubernetes/sig-release/tree/master/security-release-process-documentation

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Feb 22, 2019

Thanks @cblecker.

Repo request here: kubernetes/org#520

@joelsmith

This comment has been minimized.

Copy link
Contributor

commented Feb 26, 2019

Now that the repo has been created, I've opened a PR to copy the docs from sig-release:
kubernetes/security#1
And another one to document the new committee in k/community:
kubernetes/community#3311

@nikhita

This comment has been minimized.

Copy link
Member

commented Mar 6, 2019

Looks like this is done? :)

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Mar 6, 2019

Yes, the last thing is to clean up the sig release repo and put in redirects from the old docs with deletion times.

If anyone has time to get to it before me I would appreciate it :)

@nikhita

This comment has been minimized.

Copy link
Member

commented Mar 6, 2019

If anyone has time to get to it before me I would appreciate it :)

Created kubernetes/sig-release#537. Let's wrap this up. :)

@nikhita

This comment has been minimized.

Copy link
Member

commented Mar 6, 2019

kubernetes/sig-release#537 merged 🎉

Closing.
/close

Steering automation moved this from In Progress to Done Mar 6, 2019

@k8s-ci-robot

This comment has been minimized.

Copy link
Contributor

commented Mar 6, 2019

@nikhita: Closing this issue.

In response to this:

kubernetes/sig-release#537 merged 🎉

Closing.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@philips

This comment has been minimized.

Copy link
Contributor Author

commented Mar 7, 2019

thanks @nikhita !!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.