Add initial draft of Podman project Governance #25398
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,207 @@ | ||
| # Project Governance | ||
|
|
||
| * [Contributor Ladder](#contributor-ladder-template) | ||
| * [Contributor](#contributor) | ||
| * [Reviewer](#reviewer) | ||
| * [Maintainer](#maintainer) | ||
| * [Core Maintainer](#core-maintainer) | ||
| * [Community Manager](#community-manager) | ||
| * [Emeritus Maintainer](#emeritus-maintainer) | ||
| * [Maintainers File](#maintainers-file) | ||
| * [Inactivity](#inactivity) | ||
| * [Involuntary Removal](#involuntary-removal-or-demotion) | ||
| * [Stepping Down/Emeritus Process](#stepping-downemeritus-process) | ||
| * [Updates to this Document](#updates-to-this-document) | ||
| * [Contact](#contact) | ||
|
|
||
| # Podman Project | ||
|
|
||
| This document defines the governance of the Podman Project, including its subprojects. It defines the various roles our maintainers fill, how to become a maintainer, and how project-level decisions are made. | ||
|
|
||
| # Contributor Ladder | ||
|
|
||
| The Podman project has a number of maintainer roles arranged in a ladder. Each role is a rung on the ladder, with different responsibilities and privileges. Community members generally start at the first levels of the "ladder" and advance as their involvement in the project grows. Our project members are happy to help you advance along the contributor ladder. At all levels, contributors are required to follow the CNCF Code of Conduct (COC). | ||
|
|
||
| Each of the project member roles below is organized into lists of three types of things. | ||
|
|
||
| * "Responsibilities" – functions of a member | ||
| * "Requirements" – qualifications of a member | ||
| * "Privileges" – entitlements of member | ||
|
|
||
| ### Contributor | ||
| Description: A Contributor supports the project and adds value to it. Contributions need not be code. People at the Contributor level may be new contributors, or they may only contribute occasionally. | ||
|
|
||
| * Responsibilities include: | ||
| * Follow the CNCF CoC | ||
| * Follow the project contributing guide | ||
| * Requirements (one or several of the below): | ||
| * Report and sometimes resolve issues against any of the project’s repositories | ||
| * Occasionally submit PRs against any of the project’s repositories | ||
| * Contribute to project documentation, including the manpages, tutorials, and Podman.io | ||
| * Attend community meetings when reasonable | ||
| * Answer questions from other community members on the mailing list, Slack, Matrix, and other communication channels | ||
| * Assist in triaging issues, following the [issue triage guide](./TRIAGE.md) | ||
| * Assist in reviewing pull requests, including testing patches when applicable | ||
| * Test release candidates and provide feedback | ||
| * Promote the project in public | ||
| * Help run the project infrastructure | ||
| * Privileges: | ||
| * Invitations to contributor events | ||
| * Eligible to become a Reviewer | ||
|
|
||
| ### Reviewer | ||
| Description: A Reviewer has responsibility for the triage of issues and review of pull requests on the Podman project or a subproject, consisting of one or more of the Git repositories that form the project. They are collectively responsible, with other Reviewers, for reviewing changes to the repository or repositories and indicating whether those changes are ready to merge. They have a track record of contribution and review in the project. | ||
|
|
||
| Reviewers have all the rights and responsibilities of a Contributor, plus: | ||
|
|
||
| * Responsibilities include: | ||
| * Regular contribution of pull requests to the Podman project or its subprojects | ||
| * Triage of GitHub issues on the Podman project or its subprojects | ||
| * Regularly fixing GitHub issues on the Podman project or its subprojects | ||
| * Following the [reviewing guide](./REVIEWING.md) and [issue triage guide](./TRIAGE.md) | ||
| * A sustained high level of pull request reviews on the Podman project or one of its subprojects | ||
| * Assisting new Contributors in their interactions with the project | ||
| * Helping other contributors become reviewers | ||
| * Requirements: | ||
| * Has a proven record of good-faith contributions to the project as a Contributor for a period of at least 6 months. The time requirement may be overridden by a supermajority (66%) vote of Maintainers and Core Maintainers. | ||
| * Has participated in pull request review and/or issue triage on the project for at least 6 months. The time requirement may be overridden by a supermajority (66%) vote of Maintainers and Core Maintainers. | ||
| * Is supportive of new and occasional contributors and helps get useful PRs in shape to merge | ||
| * Additional privileges: | ||
| * Has rights to approve pull requests in the Podman project or a subproject, marking them as ready for a Maintainer to review and merge | ||
| * Can recommend and review other contributors to become Reviewers | ||
| * Has permissions to change labels on Github to aid in triage | ||
|
|
||
| In repositories using an OWNERS file, Reviewers are listed as Reviewers in that file. | ||
|
|
||
| #### The process of becoming a Reviewer is: | ||
| 1. The contributor must be sponsored by a Maintainer. That sponsor will open a PR against the appropriate repository, which adds the nominee to the MAINTAINERS.md file as a reviewer. | ||
| 2. The contributor will add a comment to the pull request indicating their willingness to assume the responsibilities of a Reviewer. | ||
| 3. At least two Maintainers of the repository must concur to merge the PR. | ||
|
|
||
| ### Maintainer | ||
| Description: Maintainers are established contributors with deep technical knowledge of the Podman project and/or one of its subprojects. Maintainers are granted the authority to merge pull requests, and are expected to participate in making decisions about the strategy and priorities of the project. Maintainers are responsible for code review and merging in a single repository or subproject. It is possible to become Maintainer of additional repositories or subprojects, but each additional repository or project will require a separate application and vote. They are able to participate in all maintainer activities, including Core Maintainer meetings, but do not have a vote at Core Maintainer meetings. | ||
|
|
||
| In repositories using an OWNERS file, Maintainers are listed as Approvers in that file. | ||
mheon marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| A Maintainer must meet the responsibilities and requirements of a Reviewer, plus: | ||
| * Responsibilities include: | ||
| * Sustained high level of reviews of pull requests to the project or subproject, with a goal of one or more a week when averaged across the year. | ||
|
There was a problem hiding this comment. looks like cncf added us to their stat tracking, I have not looked into how they count PR reviews but here is the filter I came up with if we consider reviews over the last year per week, on the right it shows the averages for each person. Nothing unusual in terms of names there, personally I think 1 is a pretty low bar but at the same time I am also not a fan of having "arbitrarily" interactions counts, because then people might start to game the metrics. There was a problem hiding this comment. Confirm. I think one a week is a bit high for a maintainer; I'd go one a month. However, this is a reasonable level for a core maintainer. I, too, dislike an arbitrary number There was a problem hiding this comment. and re-reading, it's a goal, not a requirement, so not as bad. |
||
| * Merging pull requests which pass review | ||
| * Mentoring new Reviewers | ||
| * Participating in CNCF maintainer activities for the projects they are maintainers of | ||
| * Assisting Core Maintainers in determining strategy and policy for the project | ||
| * Participating in, and leading, community meetings | ||
|
There was a problem hiding this comment. I don't think you can have every maintainer leading the meetings. Also, if this is a common Governance, does the community meeting thing still hold as we only have it for "Podman". There was a problem hiding this comment. They'll have to be "Podman Project" community meetings from here on out There was a problem hiding this comment. Is there an official definition of "Podman Project"? From what I understand "containers" is an umbrella project for various projects not necessarily pertaining to Podman, while the Podman Project would include--I assume--projects such as buildah, c/*, netavark, etc. There was a problem hiding this comment. The CNCF submission (which they are referring to as Podman Container Tools, but I've just designated the Podman project in this doc) is Podman, Buildah, and Skopeo, which will eventually be getting their own separate GH org (IE moving out of containers/ on Github) to make it very clear what is CNCF and what isn't, but before that happens we'll update the readmes on relevant projects to indicate they are/are not CNCF. (As for the c/ libraries, Netavark/Aardvark - we can potentially add those to the Podman Project CNCF at a later date as subprojects. We'd like to get settled in and accustomed to running things in public before we expand further, though.) |
||
| * Requirements | ||
| * Experience as a Reviewer for at least 6 months, or status as an Emeritus Maintainer. The time requirement may be overridden by a supermajority (66%) vote of Maintainers and Core Maintainers. | ||
| * Demonstrates a broad knowledge of the project or one or more of its subprojects | ||
| * Is able to exercise judgment for the good of the project, independent of their employer, friends, or team | ||
| * Mentors contributors, reviewers, and new maintainers | ||
| * Collaborates with other Maintainers to work on complex contributions | ||
| * Can commit to maintaining a high level of contribution to the project or one of its subprojects | ||
| * Additional privileges: | ||
| * Represent the project in public as a senior project member | ||
| * Represent the project in interactions with the CNCF | ||
| * Have a voice, but not a vote, in Core Maintainer decision-making meetings | ||
|
|
||
| #### Process of becoming a maintainer: | ||
| 1. A current reviewer must be sponsored by a Maintainer of the repository in question or a Core Maintainer. The Maintainer or Core Maintainer will open a PR against the repository and add the nominee as a Maintainer in the MAINTAINERS.md file. The need for a sponsor is removed for Emeritus Maintainers, who may open this pull request themselves. | ||
| 2. The nominee will add a comment to the PR confirming that they agree to all requirements and responsibilities of becoming a Maintainer. | ||
| 3. A majority of the current Maintainers of the repository or subproject (including Core Maintainers) must then approve the PR. The need for a majority is removed for Emeritus Maintainers, who require only 2 current Maintainers or Core Maintainers to approve their return. | ||
|
|
||
| ### Core Maintainer | ||
| Description: As the Podman project is composed of a number of subprojects, most maintainers will not have full knowledge of the full project and all its technical aspects. Those that do are eligible to become Core Maintainers, responsible for decisions affecting the entire project. Core Maintainers may act as a maintainer in all repositories and subprojects of the Podman Project. It is recognized that fulfilling all responsibilities of a maintainer on all project repositories is an excessive time commitment, so Core Maintainers are encouraged to choose one repository to specialize in and to spend most of their time working in that repository. Core Maintainers are encouraged to assist other repositories that require additional reviews as time allows, and should make an effort to review pull requests in other repositories that will affect multiple repositories (especially ones that will effect the repository they have chosen to specialize in). | ||
|
|
||
| * Responsibilities include: | ||
| * All responsibilities of a maintainer on a single repository | ||
| * Determining strategy and policy for the project | ||
| * Requirements | ||
| * Experience as a Maintainer for at least 3 months | ||
| * Demonstrates a broad knowledge of all components, repositories, and subprojects of the Podman project. | ||
| * Is able to exercise judgment for the good of the project, independent of their employer, friends, or team | ||
| * Mentors new Maintainers and Core Maintainers | ||
| * Able to make decisions and contributions affecting the whole project, including multiple subprojects and repositories | ||
| * Can commit to maintaining a high level of contribution to the project as a whole | ||
| * Additional privileges: | ||
| * Merge privileges on all repositories in the project | ||
| * Represent the project in public as a senior project member | ||
| * Represent the project in interactions with the CNCF | ||
| * Have a vote in Core Maintainer decision-making meetings | ||
|
|
||
| #### Process of becoming a Core Maintainer: | ||
| 1. A current maintainer must be sponsored by Core Maintainer. The Core Maintainer will open a PR against the main Podman repository and add the nominee as a Core Maintainer in the MAINTAINERS.md file. | ||
| 2. The nominee will add a comment to the PR confirming that they agree to all requirements and responsibilities of becoming a Core Maintainer. | ||
| 3. A majority of the current Core Maintainers must then approve the PR. | ||
| 4. If, for some reason, all existing members are inactive according to the Inactivity policy below or there are no Core Maintainers due to resignations, a supermajority (66%) vote of maintainers can bypass this process and approve new Core Maintainers directly. | ||
TomSweeneyRedHat marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| ### Community Manager | ||
| Description: Community managers are responsible for the project’s community interactions, including project social media, website maintenance, gathering metrics, managing the new contributor process, ensuring documentation is easy to use and welcoming to new users, and managing the project’s interactions with the CNCF. This is a nontechnical role, and as such does not require technical contribution to the project. | ||
|
|
||
| * Responsibilities include: | ||
| * Participating in CNCF maintainer activities | ||
| * Arranging, participating in, and leading, community meetings | ||
| * Managing the project website and gathering associated metrics | ||
| * Managing the project’s social media accounts and mailing lists and gathering associated metrics | ||
| * Requirements | ||
| * Sustained high level of contribution to the community, including attending and engaging in community meetings, contributions to the website, and contributions to documentation, for at least six months | ||
| * Is able to exercise judgment for the good of the project, independent of their employer, friends, or team | ||
| * Can commit to maintaining a high level of contribution to the project's community, website, and social media presence | ||
| * Advocates for the community in Maintainer and Core Maintainer meetings | ||
| * Additional privileges: | ||
| * Represent the project in public | ||
| * Represent the project in interactions with the CNCF | ||
| * Have a voice, but not a vote, in Core Maintainer decision-making meetings | ||
|
|
||
| #### Process of becoming a Community Manager: | ||
| 1. Community Managers must be sponsored by a Core Maintainer. The Core Maintainer will open a PR against the main Podman repository and add the nominee as a Community Manager in the MAINTAINERS.md file. | ||
| 2. The nominee will add a comment to the PR confirming that they agree to all requirements and responsibilities of becoming a Community Manager. | ||
| 3. A majority of the current Core Maintainers must then approve the PR. | ||
|
|
||
| ### Emeritus Maintainer | ||
| Emeritus Maintainers are former Maintainers or Core Maintainers whose status has lapsed, either voluntarily or through inactivity. We recognize that these former maintainers still have valuable experience and insights, and maintain Emeritus status as a way of recognizing this. Emeritus Maintainer also offers a fast-tracked path to becoming a Maintainer again, should the contributor wish to return to the project. | ||
|
|
||
| Emeritus Maintainers have no responsibilities or requirements beyond those of an ordinary Contributor. | ||
|
|
||
| #### Process of becoming an Emeritus Maintainer: | ||
| 1. A current Maintainer or Core Maintainer may voluntarily resign from their position by making a pull request changing their role in the OWNERS file. They may choose to remove themselves entirely or to change their role to Emeritus Maintainer. | ||
| 2. Maintainers and Core Maintainers removed due to the Inactivity policy below may be moved to Emeritus Status. | ||
|
|
||
| --- | ||
|
|
||
| # Maintainers File | ||
|
|
||
| The definitive source of truth for maintainers of a repository is the MAINTAINERS.md file in that repository. The MAINTAINERS.md file in the main Podman repository is used for project-spanning roles, including Core Maintainer and Community Manager. Some repositories in the project will also have an OWNERS file, used by the CI system to map users to roles. Any changes to the OWNERS file must make a corresponding change to the MAINTAINERS.md file to ensure that file maintains up to date. Most changes to MAINTAINERS.md will require a change to the repository’s OWNERS file (e.g. adding a Reviewer) but some will not (e.g. promoting a Maintainer to a Core Maintainer, which comes with no additional CI-related privileges). | ||
|
|
||
| --- | ||
|
|
||
| # Inactivity | ||
|
|
||
| * Inactivity is measured by one or more of the following: | ||
| * Periods of no contribution of code, pull request review, or participation in issue triage for longer than 12 months | ||
| * Periods of no communication for longer than 3 months | ||
| * Consequences of being inactive include: | ||
| * Involuntary removal or demotion | ||
| * Being asked to move to Emeritus status | ||
|
|
||
| --- | ||
|
|
||
| # Involuntary Removal or Demotion | ||
|
|
||
| Involuntary removal/demotion of a contributor happens when responsibilities and requirements aren't being met. This may include repeated patterns of inactivity, an extended period of inactivity, a period of failing to meet the requirements of your role, and/or a violation of the Code of Conduct. This process is important because it protects the community and its deliverables while also opening up opportunities for new contributors to step in. | ||
|
|
||
| Involuntary removal or demotion of Maintainers and Reviewers is handled through a vote by a majority of the current Maintainers. Core Maintainers may be involuntarily removed by a majority vote of current Core Maintainers or, if all Core Maintainers have stepped down or are inactive according to the inactivity policy, by a supermajority (66%) vote of maintainers. | ||
mheon marked this conversation as resolved.
Show resolved
Hide resolved
There was a problem hiding this comment. Who handles CoC complaints? I'd suggest that the people who do have the power to remove the offender from the project entirely without a maintainer vote. It might be something to work on for later. There was a problem hiding this comment. I think we should probably do complaints through a vote of the core maintainers, I don't know if I want to add a role with arbitrary remove-from-project permissions without a check |
||
|
|
||
| --- | ||
|
|
||
| # Stepping Down/Emeritus Process | ||
| If and when contributors' commitment levels change, contributors can consider stepping down (moving down the contributor ladder) vs moving to emeritus status (completely stepping away from the project). | ||
|
|
||
| Maintainers and Reviewers should contact the Maintainers about changing to Emeritus status, or reducing your contributor level. Core Maintainers should contact other Core Maintainers. | ||
|
|
||
| --- | ||
|
|
||
| # Updates to this document | ||
| Updates to this Governance document require approval from a supermajority (66%) vote of the Core Maintainers. | ||
|
|
||
| # Contact | ||
| * For inquiries, please reach out to: | ||
| * [Tom Sweeney, Community Manager]([email protected]) | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Non-blocking, non-substantive:
Consider moving this to a comment. Reading this document, I emotionally feel that starting with a “terminology” section, the way some laws do, says “this was written by a bureaucracy for a bureaucracy, expect the processes to be painfully formalistic”.
I do agree that having some common structure to the ladder entries is useful, but maybe that structure can be understood well enough from context when reading the actual entries.
[I’m even wondering about not describing the ladder at all, but that’s really just a question, not even a weak preference.]
(This is exacerbated in that I’m also wondering what “responsibilities” are; starting with a terminology section I don’t immediately understand worries me. The “responsibilities” are not requirements / expectations, that’s a different section. But then again, the first example says “follow the CNCF CoC”, which is probably a hard requirement. And in the other ladder entries, they are closer to “privileges”. Is it that “requirements are how we quantify responsibilities”? Are “responsibilities” closer to ”typical kinds of contribution”? OTOH sometimes they imply specific access rights on the project.
Maybe the “follow CoC”, part which is already in the paragraph above, can be removed from the “contributor” ladder entry, and then
s/Responsibilities/Typical activities/?Ultimately all of this matters very little.)