From 734fd2917339533da19dd7c1b326c479942f6c7e Mon Sep 17 00:00:00 2001 From: Mark Lodato Date: Tue, 10 Oct 2023 08:44:16 -0400 Subject: [PATCH 1/4] impl: Create new project lifecycle process As discussed in the 2023-10-09 specification meeting, create a new "Project lifecycle" for major projects (new version, new track, etc). The main idea is to assign a "project shepherd" to oversee the project. This person is responsible for moving the project along. The reason for creating this is that many projects seem to stagnate without a single responsible person. This commit populates the initial list of projects as per our discussion at the meeting. Signed-off-by: Mark Lodato --- CONTRIBUTING.md | 43 +++++++++++++++++++++++++++++++++++++++++++ README.md | 23 +++++++++++++++++++---- 2 files changed, 62 insertions(+), 4 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3b8b9803b..758da965c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -210,3 +210,46 @@ You can automatically append a sign-off to a commit by passing the `-s` / **Note**: this requires your `user.name` and `user.email` are set correctly in your git config. + +## Project lifecycle + +Major projects that require considerable effort, such as a new release, a new +track, or a new level, should have a top-level GitHub issue and a shepherd to +oversee the project and move it along. Without a shepherd, a project is likely +to stagnate. If you would like to be a shepherd for a project, just nominate +yourself in the issue. + +Responsibilities of the shepherd: + +- Maintaining the top-level GitHub issue to track the overall project +- Breaking down the project into tasks +- Pinging open issues and pull requests when stale +- Getting consensus among Contributors and Maintainers +- Suggesting priorities +- Providing regular updates to the community +- Adding a project entry in [README.md](README.md) + +Template for GitHub issue: + +- Title: `Project: ` +- Assignee: \ +- Labels: [`project`](https://github.com/slsa-framework/slsa/labels/project) +- Description: + + ```markdown + This is a tracking issue for [SHORT DESCRIPTION]. + + [Project shepherd]: YOUR NAME (@GITHUB_USERNAME) + + Sub-issues: + + - [ ] #1234 + - [ ] #4568 + + [Project shepherd]: https://github.com/slsa-framework/slsa/blob/main/CONTRIBUTING.md#project-lifecycle + + --- + + [any other text] + + ``` diff --git a/README.md b/README.md index 14ce04379..f38ad40b9 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,25 @@ specification, and overall project management. Other git repositories within the [slsa-framework](https://github.com/slsa-framework) organization have repo-specific issue trackers. +## How to get involved + +See https://slsa.dev/community for ways to get involved in SLSA development. + +## Active projects + +| Project | [Shepherd] | +| ------- | ---------- | +| [Build Level 4] | David A Wheeler (@david-a-wheeler) | +| [Build Platform Operations Track] | Marcela Melera (@marcelamelera), Chad Kimes (@chkimes) | +| [Source Track] | Kris K (@kpk47) | +| [Version 1.1 release] | Joshua Lock (@joshuagl) | + +[Shepherd]: CONTRIBUTING.md#project-lifecycle +[Build Level 4]: https://github.com/slsa-framework/slsa/issues/977 +[Build Platform Operations Track]: https://github.com/slsa-framework/slsa/issues/975 +[Source Track]: https://github.com/slsa-framework/slsa/issues/956 +[Version 1.1 release]: https://github.com/slsa-framework/slsa/issues/900 + ## URL Aliases We have several [redirect](docs/_redirects) configured on slsa.dev for @@ -35,10 +54,6 @@ convenience of the team: (or [.../spec](https://slsa.dev/notes/spec)) - https://slsa.dev/notes/tooling -## How to get involved - -See https://slsa.dev/community for ways to get involved in SLSA development. - ## Governance SLSA is an [OpenSSF](https://openssf.org) project. See From 54f900f66283c6a9a352bc9ca30edadf035df4bf Mon Sep 17 00:00:00 2001 From: Mark Lodato Date: Tue, 10 Oct 2023 13:37:42 -0400 Subject: [PATCH 2/4] fix Marcela's name Co-authored-by: Marcela Melara Signed-off-by: Mark Lodato --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f38ad40b9..3f26bbf88 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ See https://slsa.dev/community for ways to get involved in SLSA development. | Project | [Shepherd] | | ------- | ---------- | | [Build Level 4] | David A Wheeler (@david-a-wheeler) | -| [Build Platform Operations Track] | Marcela Melera (@marcelamelera), Chad Kimes (@chkimes) | +| [Build Platform Operations Track] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) | | [Source Track] | Kris K (@kpk47) | | [Version 1.1 release] | Joshua Lock (@joshuagl) | From f088652f6543dea2df7313269d0d1b8fd6705fab Mon Sep 17 00:00:00 2001 From: Mark Lodato Date: Wed, 11 Oct 2023 08:59:55 -0400 Subject: [PATCH 3/4] update name of the hardware track Signed-off-by: Mark Lodato --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3f26bbf88..e1b44cf52 100644 --- a/README.md +++ b/README.md @@ -28,13 +28,13 @@ See https://slsa.dev/community for ways to get involved in SLSA development. | Project | [Shepherd] | | ------- | ---------- | | [Build Level 4] | David A Wheeler (@david-a-wheeler) | -| [Build Platform Operations Track] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) | +| [Hardware Attested Builds] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) | | [Source Track] | Kris K (@kpk47) | | [Version 1.1 release] | Joshua Lock (@joshuagl) | [Shepherd]: CONTRIBUTING.md#project-lifecycle [Build Level 4]: https://github.com/slsa-framework/slsa/issues/977 -[Build Platform Operations Track]: https://github.com/slsa-framework/slsa/issues/975 +[Hardware Attested Builds]: https://github.com/slsa-framework/slsa/issues/975 [Source Track]: https://github.com/slsa-framework/slsa/issues/956 [Version 1.1 release]: https://github.com/slsa-framework/slsa/issues/900 From 901d59dd372b2c430bc77372e10ffe97b26205e7 Mon Sep 17 00:00:00 2001 From: Mark Lodato Date: Thu, 12 Oct 2023 11:35:15 -0400 Subject: [PATCH 4/4] Rename Hardware Attested Builds to Platforms Signed-off-by: Mark Lodato --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e1b44cf52..9a308519c 100644 --- a/README.md +++ b/README.md @@ -28,13 +28,13 @@ See https://slsa.dev/community for ways to get involved in SLSA development. | Project | [Shepherd] | | ------- | ---------- | | [Build Level 4] | David A Wheeler (@david-a-wheeler) | -| [Hardware Attested Builds] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) | +| [Hardware Attested Platforms] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) | | [Source Track] | Kris K (@kpk47) | | [Version 1.1 release] | Joshua Lock (@joshuagl) | [Shepherd]: CONTRIBUTING.md#project-lifecycle [Build Level 4]: https://github.com/slsa-framework/slsa/issues/977 -[Hardware Attested Builds]: https://github.com/slsa-framework/slsa/issues/975 +[Hardware Attested Platforms]: https://github.com/slsa-framework/slsa/issues/975 [Source Track]: https://github.com/slsa-framework/slsa/issues/956 [Version 1.1 release]: https://github.com/slsa-framework/slsa/issues/900