WG Governance Content Tracking

[jberkus]

trafficstars

The primary duty of WG Governance is developing a variety of content to help projects develop governance.

This is a tracking issue to track which content we've created so far.

Advisories

These are general advisories to projects on developing their own governance. There is considerable overlap here with Contributor Growth docs.

• [x] What is Governance (jberkus)
• [x] How to write a How To Contribute (carolynvs and team)
• [x] How to create a contributor ladder (parispittman and team)
• [ ] How to write role definitions, with examples: (cointrib Growth, josh to coord)
  • [ ] member
  • [ ] contributor
  • [ ] leader
• [x] How to do leadership selection, with examples: (dawn foster and team)
  • [ ] committer-based
  • [ ] self-selecting council
  • [ ] elections
  • [ ] how to make your leadership more diverse
• [ ] basic policies and procedures for projects (jberkus)
• [ ] security issue handling guidelines (SIG-Security?) (Jennifer)
• [ ] How to shut down/archive a project (April)
• [ ] How to keep your communications open (April)
• [x] Resource list (in progress)
• [x] goverance.md (good ideas in https://sustainers.github.io/governance-readiness/)
• [x] charter (Dawn)

Requirements

These are documents specifically on fulfilling the CNCF requirements for each project stage. They will also involve adding depth to each requirement, which will need to be approved by the TOC.

Sandbox:

• [ ] have how to contribute document (link to template, mostly)
• [ ] adopt the CoC and CoC enforcement (needs to work with CNCF staff)
• [ ] Adopting the CNCF CoC and IP Policy, a practical guide

Incubating:

• [ ] have basic leadership & selection documentation
• [ ] three end-users
  • [ ] getting end-user participation
  • [ ] definition of an end user

Graduated

• [ ] have full governance documentation
  • [ ] how to contribute
  • [ ] full role definitions (min. member, contributor, leader)
  • [ ] contributor promotion (ladder)
  • [ ] security issue handling
  • [ ] if project uses DCO/CA, full docs
• [ ] multi-organization requirement
  • [ ] attracting outside maintainers
  • [ ] adding a varied Steering Committee

[parispittman]

will help out with the contributor ladder stuff; just got a bunch of project examples (10+) including external CNCF. I think @carolynvs is interested, too.

[geekygirldawn]

I'll work on the "How to do leadership selection" part.

[iennae]

I think there needs to be a archive or hand-off process to think through what happens when there are not enough active maintainers and graceful closure rather than just abandoning projects.

[geekygirldawn]

Here's a doc with a first draft of the leadership selection for feedback, comments, edits :)

[iennae]

Cultivating project leadership - assessing your current team and migrating to a governance model

[jberkus]

What Is Governance, in progress:

[geekygirldawn]

Here's a doc with some initial thoughts about charters. Would love feedback on it!

[carolynvs]

I just came across a guide from Google that explains how to set up a security reporting process for a project, including a SECURITY.md template. https://github.com/google/oss-vulnerability-guide This would be a great resource for building out advise for CNCF incubating and graduated projects for creating their own reporting process.

[aliok]

We need to create separate tickets for the items in this issue's description.

Check open issues to add items here in this umbrella ticket to track them.

[aliok]

Additional item here: Governance Remediation Process