Skip to content

Add microcks - Governance Review #2099

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
krol3 wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Add microcks - Governance Review #2099

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
222 changes: 222 additions & 0 deletions projects/microcks/security-assessment/governance-review/2026-03.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,222 @@
# WIP microcks - Governance Review - 2026-03-17

What follows is a governance review and assessment for the [microcks](https://github.com/microcks/microcks) project.

- Site: https://microcks.io/
- Incubation issue: [cncf/toc#1552](https://github.com/cncf/toc/issues/1552)
- Governance review issue: [cncf/toc#2035](https://github.com/cncf/toc/issues/2035)

This review is based on the [governance review template](https://github.com/cncf/toc/blob/main/toc_subprojects/project-reviews-subproject/governance-review-template.md).

## Summary and Assessment

**Status:** Exemplary | Satisfactory | Mostly Satisfactory | Needs Work | In Crisis

### Executing the Assessment

### Must-Fix Items

**The following issues have been identified that need to be resolved before
[project milestone or other requirement]:**

-
-

### Points of Excellence

**The following aspects of governance are exemplary, and can be referenced as
examples for other projects to copy:**

- Community Meeting notes are conveniently discoverable in GitHub, [Microcks hosts two monthly community meetings](https://github.com/microcks/community/blob/main/JOIN-OUR-MEETINGS.md).
-

### Areas for Improvement

**Over the next year, the project should work on the following issues to improve
its governance, these are considered non-blocking:**

- contributors
-

---

## Review

**The following review primarily consists of an audit on the project's
self-assessment in their matriculation application.**


### Governance Summary


### Governance Evolution

**Governance has continuously been iterated upon by the project as a result of
their experience applying it, with the governance history demonstrating
evolution of maturity alongside the project's maturity evolution.**
<br>

**Incubating:** Suggested

The [Governance](https://github.com/microcks/microcks/blob/master/GOVERNANCE.md), [CodeOwners](https://github.com/microcks/microcks/blob/master/CODEOWNERS) and [Steering Committee ](https://github.com/microcks/community/blob/main/steering/STEERING.md) are

### Discoverability

**Clear and discoverable project governance documentation.**
<br>
**Incubating:** Suggested | **Graduated:** Required



### Accuracy and Clarity

**Governance is up to date with actual project activities, including any
meetings, elections, leadership, or approval processes.**
<br>
**Incubating:** Suggested | **Graduated:** Required


**Governance clearly documents [vendor-neutrality] of project direction.**
<br>
**Incubating:** Suggested | **Graduated:** Required

### Decisions and Role Assignments

**Document how the project makes decisions on leadership roles, contribution
acceptance, requests to the CNCF, and changes to governance or project goals.**
<br>
**Incubating:** Suggested | **Graduated:** Required


**Document how role, function-based members, or sub-teams are assigned,
onboarded, and removed for specific teams (example: Security Response
Committee).**
<br>
**Incubating:** Suggested | **Graduated:** Required



### Maintainers and Maintainer Lifecycle

**Document a complete maintainer lifecycle process (including roles, onboarding,
offboarding, and emeritus status).**
<br>
**Incubating:** Suggested | **Graduated:** Required


**Demonstrate usage of the maintainer lifecycle with outcomes, either through
the addition or replacement of maintainers as project events have required.**
<br>
**Incubating:** Suggested | **Graduated:** Required


**Document complete list of current maintainers, including names, contact
information, domain of responsibility, and affiliation.**
<br>
**Incubating:** Required | **Graduated:** Required


**A number of active maintainers which is appropriate to the size and scope of
the project.**
<br>
**Incubating:** Required | **Graduated:** Required


**Project maintainers from at least 2 organizations that demonstrates
survivability.**
<br>
**Incubating:** N/A | **Graduated:** Required



### Ownership

**Code and Doc ownership in Github and elsewhere matches documented governance
roles.**
<br>
**Incubating:** Required | **Graduated:** Required



### Code of Conduct

**Document adoption and adherence to the CNCF Code of Conduct or the project's
CoC which is based off the CNCF CoC and not in conflict with it.**
<br>
**Incubating:** Required | **Graduated:** Required


**CNCF Code of Conduct is cross-linked from other governance documents.**
<br>
**Incubating:** Required | **Graduated:** Required



### Subprojects

**All subprojects, if any, are listed.**
<br>
**Incubating:** Required | **Graduated:** Required

<!--
If subprojects are not listed, use the table below to list the missing ones here.
Suggest using a spreadsheet and then this site to format: https://www.tablesgenerator.com/markdown_tables

| Area | Ownership and Operation | Communications | Project Alignment | Notes |
|:-----|:-----------------------:|:---------------:|:------------------|:---|
|*sub-project*| Complete/Partial/Missing | Complete/Partial/Other | Complete/Partial/Conflict | |

-->


**If the project has subprojects: subproject leadership, contribution, maturity
status documented, including add/remove process.**
<br>
**Incubating:** Suggested | **Graduated:** Required




### Contributors and Community

**Contributor ladder with multiple roles for contributors.**
<br>
**Incubating:** Suggested | **Graduated:** Suggested


**Clearly defined and discoverable process to submit issues or changes.**
<br>
**Incubating:** Required | **Graduated:** Required


**Project must have, and document, at least one public communications channel
for users and/or contributors.**
<br>
**Incubating:** Required | **Graduated:** Required


**List and document all project communication channels, including subprojects
(mail list/slack/etc.). List any non-public communications channels and what
their special purpose is.**
<br>
**Incubating:** Required | **Graduated:** Required


**Up-to-date public meeting schedulers and/or integration with CNCF calendar.**
<br>
**Incubating:** Required | **Graduated:** Required


**Documentation of how to contribute, with increasing detail as the project
matures.**
<br>
**Incubating:** Required | **Graduated:** Required


**Demonstrate contributor activity and recruitment.**
<br>
**Incubating:** Required | **Graduated:** Required


[project milestone or other requirement]: https://github.com/cncf/toc/tree/main/process#how-to-apply-to-move-levels
[vendor-neutrality]: https://contribute.cncf.io/maintainers/community/vendor-neutrality/
Loading