Excerpts from Rob C's message of 2016-09-23 17:46:46 +0100: > I wanted to provide a quick update from Security. > > We had our weekly IRC meeting yesterday, dhellman was kind enough to attend > to help broker some of the discussion. In advance of the meeting I prepared > a blog post where I tried to articulate my position and where I think > things need to go next [1]. This was discussed at length during the IRC > meeting [2]. We discussed the option of becoming a WG or staying in the big > tent, this resulted in a vote, where the team all indicated their desire to > stay within the big tent. > > My proposal for the future is outlined in some depth with [1] but the > summary is that we've identified the areas that we need to improve on in > order to be better members of the community, we want to stay within the > big-tent and for me to maintain leadership through this transformational > process with a view to having multiple candidates stand in the next > election. > > Cheers > -Rob
Thanks, Rob. Based on the discussions yesterday I think the team has a better understanding of the communication issues and I'm convinced that everyone is committed to improving. I support keeping the team in the tent. Doug > > [1] > https://openstack-security.github.io/organization/2016/09/22/maturing-the-security-project.html > [2] > http://eavesdrop.openstack.org/meetings/security/2016/security.2016-09-22-17.00.log.html > > On Fri, Sep 23, 2016 at 4:23 AM, Davanum Srinivas <dava...@gmail.com> wrote: > > > Steven, > > > > Fair point. > > > > Thanks, > > Dims > > > > On Thu, Sep 22, 2016 at 11:04 PM, Steven Dake (stdake) <std...@cisco.com> > > wrote: > > > Dims, > > > > > > This isn’t any of my particular business except it could affect emerging > > technology projects (which I find important to OpenStack’s future) > > negatively – so I thought I’d chime in. > > > > > > A lack of activity in a specs repo doesn’t mean much to me. For > > example, as Kolla was an emerging project we didn’t use any specs process > > at all (or very rarely). There is a reason behind this. Now that Kolla is > > stable and reliable and we feel we are not an emerging project, we plan to > > make use of a specs repo starting in Ocata. > > > > > > I have no particular concerns with the other commentary – but please > > don’t judge a project by activity or lack of activity in one repo of its > > deliverables. Judge it holistically (You are judging holistically. I > > believe a lack of one repo’s activity shouldn’t be part of that judgement). > > > > > > Regards > > > -steve > > > > > > > > > On 9/21/16, 2:08 PM, "Davanum Srinivas" <dava...@gmail.com> wrote: > > > > > > Jakub, > > > > > > Please see below. > > > > > > On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik < > > jakub.pav...@tcpcloud.eu> wrote: > > > > Hello all, > > > > > > > > it took us 2 years of hard working to get these official. > > OpenStack-Salt is > > > > now used by around 40 production deployments and it is focused > > very on > > > > operation and popularity is growing. You are removing the project > > week after > > > > one of top contributor announced that they will use that as part of > > > > solution. We made a mistakes, however I do not think that is > > reason to > > > > remove us. I do no think that quality of the project is measured > > like this. > > > > Our PTL got ill and did not do properly his job for last 3 weeks, > > but this > > > > can happen anybody. > > > > > > > > It is up to you. If you think that we are useless for community, > > then > > > > remove us and we will have to continue outside of this community. > > However > > > > growing successful use cases will not be under official openstack > > community, > > > > which makes my feeling bad. > > > > > > Data points so far are: > > > 1. No response during Barcelona planning for rooms > > > 2. Lack of candidates for PTL election > > > 3. No activity in the releases/ repository hence no entries in > > > https://releases.openstack.org/ > > > 4. Meetings are not so regular? > > > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > (supposed > > > to be weekly) > > > 5. Is the specs repo really active? > > > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > > > work being done elsewhere? > > > 6. Is there an effort to add stuff to the CI jobs running on > > openstack > > > infrastructure? (can't seem to find much > > > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul% > > 2Flayout.yaml&repos=project-config) > > > > > > I'll stop here and switch to #openstack-salt channel to help work you > > > all through if there is a consensus/willingness from the > > > openstack-salt team that there's significant work to be done. If you > > > think you are better off not on the governance, that would be your > > > call as well. > > > > > > Thanks, > > > Dims > > > > > > > Thanks, > > > > > > > > Jakub > > > > > > > > > > > > On 21.9.2016 21:03, Doug Hellmann wrote: > > > >> > > > >> Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 > > +0200: > > > >>> > > > >>> On 2016/09/21 13:23, Doug Hellmann wrote: > > > >>>> > > > >>>> The idea of splitting the contributor list comes up pretty > > regularly > > > >>>> and we rehash the same suggestions each time. Given that what > > we > > > >>>> have now worked fine for 57 of the 59 offical teams (the Astara > > > >>>> team knew in advance it would not have a PTL running, and Piet > > had > > > >>>> some sort of technical issue submitting his candidacy for the UX > > > >>>> team), I'm not yet convinced that we need to make large-scale > > changes > > > >>>> to our community communication standard practices in support of > > the > > > >>>> 2 remaining teams. > > > >>>> > > > >>>> That's not to say that the system we have now is perfect, but we > > > >>>> can't realistically support multiple systems at the same time. > > We > > > >>>> need everyone to use the same system, otherwise we have (even > > more) > > > >>>> fragmented communication. So, we either need everyone to agree > > to > > > >>>> some new system and then have people step forward to implement > > it, > > > >>>> or we need to all agree to do our best to use the system we have > > > >>>> in place now. > > > >>> > > > >>> I think it may work as is (with proper mail filters), but as > > someone > > > >>> already > > > >>> mentioned in this thread it would be better to have someone more > > > >>> experienced > > > >>> in Openstack community projects as a core team member or PTL to > > catch all > > > >>> these things otherwise it may happen that inexperienced PTL/team > > just > > > >>> miss > > > >>> something like now. > > > >> > > > >> If the team needs help, please ask for it. We should be able to > > find > > > >> someone to do a little mentoring and provide some guidance. > > > >> > > > >>> Still I don't think it's such a big issue to just fire project > > from Big > > > >>> Tent - > > > >>> who will benefit from that? Again someone already mentioned what > > will it > > > >>> mean > > > >>> for such team (loss of potencial developers, etc.). > > > >>> Moreover for teams who are actively working on project as it > > seems that > > > >>> both > > > >>> OpenStackSalt and Security teams do. > > > >> > > > >> Signing up to be a part of the big tent is not free. Membership > > comes > > > >> with expectations and obligations. Failing to meet those may be an > > > >> indication that the team isn't ready, or that membership is not a > > good > > > >> fit. > > > >> > > > >>> And I thought that real work on a project is our primary goal.. > > this > > > >>> situation > > > >>> is like loosing job when I left dirty coffee cup at my workspace. > > > >> > > > >> I hope you consider team leadership and community participation to > > > >> be more important than your analogy implies. > > > >> > > > >> Doug > > > >> > > > >>>> Did your release liaison follow the instructions to make that > > happen? > > > >>>> http://git.openstack.org/cgit/openstack/releases/tree/ > > README.rst > > > >>> > > > >>> That seems to be the reason. There was new release planned with > > support > > > >>> for > > > >>> containerized deployment which would follow that guide (as first > > releases > > > >>> were > > > >>> done during/shortly after openstack-salt move to Big Tent). > > > >>> As mentioned above - more experienced PTL would be helpful here > > and we > > > >>> are > > > >>> currently talking with people who could fit that position. > > > >>> > > > >>>>>> I see no emails tagged with [salt] on the mailing list since > > March of > > > >>>>>> this year, aside from this thread. Are you using a different > > communication > > > >>>>>> channel for team coordination? You mention IRC, but how are > > new contributors > > > >>>>>> expected to find you? > > > >>>>> > > > >>>>> Yes, we are using openstack-salt channel and openstack > > meetings over > > > >>>>> IRC. This channel is mentioned eg. in readme here [1] and > > community > > > >>>>> meetings page [2] which are on weekly basis (logs [3]). > > > >>>>> > > > >>>>> We also had a couple of people comming to team IRC talking to > > us about > > > >>>>> project > > > >>>>> so I believe they can find the way to contact us even without > > our heavy > > > >>>>> activity at openstack-dev (which should be better as I > > admitted). > > > >>>> > > > >>>> That works great for folks in your timezones. It's less useful > > for > > > >>>> anyone who isn't around at the same time as you, which is one > > reason > > > >>>> our community emphasizes using email communications. Email gives > > > >>>> you asynchronous discussions for timezone coverage, allows folks > > > >>>> who are traveling or off work for a period to catch up on and > > > >>>> participate in discussions later, etc. > > > >>>> > > > >>>>> [1] https://github.com/openstack/openstack-salt > > > >>>>> [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt > > > >>>>> [3] http://eavesdrop.openstack.org/meetings/openstack_salt/ > > 2016/ > > > >>>>> > > > >>>>>>> Of course I don't want to excuse our fault. In case it's not > > too > > > >>>>>>> late, > > > >>>>>>> we will try to be more active in mailing lists like > > openstack-dev and > > > >>>>>>> not miss such important events next time. > > > >>>>>>> > > > >>>>>>> [1] http://stackalytics.com/?module=openstacksalt-group > > > >>>>>>> > > > >>>>>>> -Filip > > > >>>>>>> > > > >>>>>>> On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > > > >>>>>>> <thie...@openstack.org> > > > >>>>>>> wrote: > > > >>>>>>> > > > >>>>>>>> Hi everyone, > > > >>>>>>>> > > > >>>>>>>> As announced previously[1][2], there were no PTL candidates > > within > > > >>>>>>>> the > > > >>>>>>>> election deadline for a number of official OpenStack > > project teams: > > > >>>>>>>> Astara, UX, OpenStackSalt and Security. > > > >>>>>>>> > > > >>>>>>>> In the Astara case, the current team working on it would > > like to > > > >>>>>>>> abandon > > > >>>>>>>> the project (and let it be available for any new team who > > wishes to > > > >>>>>>>> take > > > >>>>>>>> it away). A change should be proposed really soon now to go > > in that > > > >>>>>>>> direction. > > > >>>>>>>> > > > >>>>>>>> In the UX case, the current PTL (Piet Kruithof) very quickly > > > >>>>>>>> reacted, > > > >>>>>>>> explained his error and asked to be considered for the > > position for > > > >>>>>>>> Ocata. The TC will officialize his nomination at the next > > meeting, > > > >>>>>>>> together with the newly elected PTLs. > > > >>>>>>>> > > > >>>>>>>> That leaves us with OpenStackSalt and Security, where > > nobody reacted > > > >>>>>>>> to > > > >>>>>>>> the announcement that we are missing PTL candidates. That > > points to > > > >>>>>>>> a > > > >>>>>>>> real disconnect between those teams and the rest of the > > community. > > > >>>>>>>> Even > > > >>>>>>>> if you didn't have the election schedule in mind, it was > > pretty hard > > > >>>>>>>> to > > > >>>>>>>> miss all the PTL nominations in the email last week. > > > >>>>>>>> > > > >>>>>>>> The majority of TC members present at the meeting yesterday > > > >>>>>>>> suggested > > > >>>>>>>> that those project teams should be removed from the Big > > Tent, with > > > >>>>>>>> their > > > >>>>>>>> design summit space allocation slightly reduced to match > > that (and > > > >>>>>>>> make > > > >>>>>>>> room for other not-yet-official teams). > > > >>>>>>>> > > > >>>>>>>> In the case of OpenStackSalt, it's a relatively new > > addition, and if > > > >>>>>>>> they get their act together they could probably be > > re-proposed in > > > >>>>>>>> the > > > >>>>>>>> future. In the case of Security, it points to a more > > significant > > > >>>>>>>> disconnect (since it's not the first time the PTL misses the > > > >>>>>>>> nomination > > > >>>>>>>> call). We definitely still need to care about Security (and > > we also > > > >>>>>>>> need > > > >>>>>>>> a home for the Vulnerability Management team), but I think > > the > > > >>>>>>>> "Security > > > >>>>>>>> team" acts more like a workgroup than as an official > > project team, > > > >>>>>>>> as > > > >>>>>>>> evidenced by the fact that nobody in that team reacted to > > the lack > > > >>>>>>>> of > > > >>>>>>>> PTL nomination, or the announcement that the team missed > > the bus. > > > >>>>>>>> > > > >>>>>>>> The suggested way forward there would be to remove the > > "Security > > > >>>>>>>> project > > > >>>>>>>> team", have the Vulnerability Management Team file to be > > its own > > > >>>>>>>> official project team (in the same vein as the stable > > maintenance > > > >>>>>>>> team), > > > >>>>>>>> and have Security be just a workgroup rather than a project > > team. > > > >>>>>>>> > > > >>>>>>>> Thoughts, comments ? > > > >>>>>>>> > > > >>>>>>>> [1] > > > >>>>>>>> http://lists.openstack.org/pipermail/openstack-dev/2016- > > > >>>>>>>> September/103904.html > > > >>>>>>>> [2] > > > >>>>>>>> http://lists.openstack.org/pipermail/openstack-dev/2016- > > > >>>>>>>> September/103939.html > > > >>>>>>>> > > > >>>>>>>> -- > > > >>>>>>>> Thierry Carrez (ttx) > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> ______________________________ > > ____________________________________________ > > > >>>>>>>> OpenStack Development Mailing List (not for usage questions) > > > >>>>>>>> Unsubscribe: > > > >>>>>>>> openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > >>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/ > > openstack-dev > > > >>>>>>>> > > > >>>>>>> > > > >>>>>>> ____________________________________________________________ > > ______________ > > > >>>>>>> OpenStack Development Mailing List (not for usage questions) > > > >>>>>>> Unsubscribe: > > > >>>>>>> openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > >>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/ > > openstack-dev > > > >>>>>> > > > >>>>>> > > > >>>>>> ____________________________________________________________ > > ______________ > > > >>>>>> OpenStack Development Mailing List (not for usage questions) > > > >>>>>> Unsubscribe: > > > >>>>>> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > > >>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/ > > openstack-dev > > > >>>> > > > >>>> > > > >>>> ____________________________________________________________ > > ______________ > > > >>>> OpenStack Development Mailing List (not for usage questions) > > > >>>> Unsubscribe: > > > >>>> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > > >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/ > > openstack-dev > > > >> > > > >> ____________________________________________________________ > > ______________ > > > >> OpenStack Development Mailing List (not for usage questions) > > > >> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > > > > > -- > > > > Jakub Pavlik > > > > CTO > > > > > > > > [tcp ◕ cloud] > > > > > > > > +420 602 177 027 > > > > jakub.pav...@tcpcloud.eu > > > > > > > > tcp cloud a.s. > > > > Thamova 16 > > > > 186 00 Praha 8 - Karlin > > > > Czech republic > > > > http://tcpcloud.eu > > > > http://opentcpcloud.org > > > > > > > > > > > > > > > > ____________________________________________________________ > > ______________ > > > > OpenStack Development Mailing List (not for usage questions) > > > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > > > > > -- > > > Davanum Srinivas :: https://twitter.com/dims > > > > > > ____________________________________________________________ > > ______________ > > > OpenStack Development Mailing List (not for usage questions) > > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > > > > > ____________________________________________________________ > > ______________ > > > OpenStack Development Mailing List (not for usage questions) > > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject: > > unsubscribe > > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > -- > > Davanum Srinivas :: https://twitter.com/dims > > > > __________________________________________________________________________ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev