DevStats page added.
Will also be added to All CNCF around Monday next week.

Also added to All CNCF, table.

Checking in on this one: @hiddeco -

• Submitted a Pull request to add your project as a sandbox project to https://landscape.cncf.io/

This both puts your project on the landscape and the CNCF projects page, so it's pretty important!

Checking in on this one: @hiddeco -

• Submitted a Pull request to add your project as a sandbox project to https://landscape.cncf.io/

This both puts your project on the landscape and the CNCF projects page, so it's pretty important!

Quick ping on this, this gets you on the sandbox project page on the website. @hiddeco - anyone else I should work with on this?

I am still awaiting the official handover from Mozilla Foundation, which is blocking further announcements.

I am still awaiting the official handover from Mozilla Foundation, which is blocking further announcements.

Ah, got it! I will hold then.

Bit of a jigsaw puzzle here in terms of getting things done in the right order, as we are lacking an artwork at present which seems to be pretty much required for the landscape.

I am working on resolving the maintainers list first, will then get us onto https://maintainers.cncf.io, to then make use of the ServiceDesk.

However, I can confirm at present:

• Understand the project proposal process and reqs: https://github.com/cncf/toc/blob/main/process/project_proposals.md#introduction

  Understand the services available for your project at CNCF https://www.cncf.io/services-for-projects/

  Review the online programs guidelines: https://github.com/cncf/foundation/blob/master/online-programs-guidelines.md

  Understand the trademark guidelines: https://www.linuxfoundation.org/en/trademark-usage/

  Understand the license allowlist: https://github.com/cncf/foundation/blob/master/allowed-third-party-license-policy.md#approved-licenses-for-allowlist

  Slack: Are your slack channels migrated to the Kubernetes or CNCF Slack? (see https://slack.com/help/articles/217872578-Import-data-from-one-Slack-workspace-to-another for more details)

  Is your project in its own separate neutral github organization?
  To pick up a draggable item, press the space bar. While dragging, use the arrow keys to move the item. Press space again to drop the item in its new position, or press escape to cancel.

Plus:

• GitHub: ensure DCO or CLA are enabled for all GitHub repositories of the project
  To pick up a draggable item, press the space bar. While dragging, use the arrow keys to move the item. Press space again to drop the item in its new position, or press escape to cancel.

As licensing scanning tool, my preference would go out to FOSSA.

Aha! This explains a bunch of things. Ok.
@RobertKielty for FOSSA for next week.

@RobertKielty
Hi! Were the FOSSA invites sent?

We have been invited, project should be available in FOSSA dashboard now. We are running into a

You are not permitted to edit this project.

however (using a push-only API key generated from my account), see: getsops/sops#1308

@RobertKielty - what might be the hangup here?

Added to LFX Insights

• Insights documentation
• Insights support
• Insights feedback

I have sent out an email to cncf-SOPS-maintainer@lists.cncf.io with details of the FOSSA Setup and I DM'd @sabre1041 on Slack to share credentials.

I will mark FOSSA setup as complete when @sabre1041 has let me know that that SOPS repos are being scanned.

SOPS Are scanning 5 projects with FOSSA

@hiddeco There are a few remaining tasks here before we can close out onboarding. Can you please review and complete these items:

• Ensure your project meets the CNCF IP Policy: https://github.com/cncf/foundation/blob/master/charter.md#11-ip-policy

  Is your project working on written, open governance? see https://contribute.cncf.io/maintainers/governance/

  Start on an OpenSSF Best Practices Badge https://bestpractices.coreinfrastructure.org/en
  To pick up a draggable item, press the space bar. While dragging, use the arrow keys to move the item. Press space again to drop the item in its new position, or press escape to cancel.

@hiddeco ping, looks like some simple tasks to check off and then we can mark onboarding complete.

Ensure your project meets the CNCF IP Policy: https://github.com/cncf/foundation/blob/master/charter.md#11-ip-policy

We do meet the DCO, etc. requirements except for the licensing.

This is a tricky issue, as SOPS was donated by Mozilla to the CNCF it has a MPL-2.0 license. Changing this license or reforming it into the preferred Apache-2.0 license is technically possible but difficult, and would need guidance from the CNCF. I sadly lost access to my previous conversations with Chris A. due to Weaveworks closing shop, but I believe he thought it could be done.

Is your project working on written, open governance? see https://contribute.cncf.io/maintainers/governance/

We filed an issue for this, but things have not changed much since then and we are still operating in a "self-elected" manner. I will discuss with the other maintainers, and see if we can prioritize formalizing this in a document.

Start on an OpenSSF Best Practices Badge https://bestpractices.coreinfrastructure.org/en

This seems like the easiest one to pick up :-).

Thanks for the update @hiddeco.

Once you just document the current governance and start on an OpenSSF badge we can mark those tasks complete (they don't have to be done, just started). Please let me know when that happens.

On the MPL front... yes, that may be a bit more complex. I'll find out what we need to do there.

@hiddeco for the MPL issue can you please open an issue with this new license exception request template? We can then use that to track updates on what needs to be done.

@hiddeco any progress on these 3 remaining onboarding tasks?

The GOVERNANCE.md and OpenSSF badge should be pretty straightforward as they just need an initial start.

And for MPL, that one will be a matter of opening an issue with the new template.