December 2021 Board Meeting Minutes
Tuesday, 11, January 2022 Rich Bowen Board minutes No Comments

Note: Posting late, as we appear to have overlooked posting these after the December meeting.

Note: The November board meeting didn't happen due to scheduling conflicts, so there are no minutes for that month.

Attendees

Board members

  • Pat Riehecky
  • Thomas Oulevey
  • Rich Bowen
  • Davide Cavalca
  • Tru Huynh
  • Mike
  • Jim
  • Bex
  • Josh Boyer joined at :30

Directors Absent

  • Josh Boyer sends regrets (but made it a bit late 🙂
  • Johnny

Guests

  • Lance
  • Neal
  • Shaun
  • Peter Georg
  • Aoife Moloney
  • Steven
  • Amy

Agenda

  • Previous minutes

  • Board seat nominations

  • Proposal for -extras on CS9 (Brian)

    • https://lists.centos.org/pipermail/centos-devel/2021-November/077417.html
    • Proposal: Remove extra red tape from process to get packages into -extras repo
    • SIG-like structure for the repo, with SIG chairs as members
    • Members could tag packages for release when they’re ready
    • Will proceed unless there are objections expressed
    • What do we do about third-party repos like EPEL?
    • Need a policy drafted for this.
      • Policy on retiring unmaintained repos
    • Pat&Davide: document the process (and for SIGs) so they are well informed
      • Brian: yes
    • Tru : How do you resolve conflicts ?
      • Brian: just for -release packages so likely no conflicts
      • Tru: Concerned also about conflicts with third-party repos
    • Davide: would the infra SIG be a good parent organization?
    • Bex: reporting on how many releases are updating their repo defs (and what that means in context) might be a useful stat.
    • Davide: finding out how many folks are downstream consumers of a SIG Repo def could help identify a general number of users (which could be handy).
    • Move forward with the proposal and document it in the SIG Guide + above comments

On going discussion

  • Secure boot and SIGs (ie, issue #67 below)
    • SIGs want to ship content that needs to be signed
    • Signing with personal keys results in a terrible user experience
    • Options
      1. Just use project key
      2. Make a separate key for these artifacts, and get this added to the shim
    • Pat: preference for 2/ - separate volonteers effort
    • Brian: For the Infra, figure out a long term gov for people interacting with Microsoft. Trusted set of people to manage keys.
    • Davide: Could be centralized for all SIGs ? Does it need to be someone at RH ?
    • Bex: Board perspective on why having all the released signed by the same key could be a problem ? Safeguard at the SIG acceptance level ?
    • Neal : Delegate key that can be removed / Think about users perspective for booting things in an easy way
    • Understand how delegate key and shim can be done ? Brian is happy to follow up the different technical questions.
    • Bex : Write a detailed proposal and bring it to Red Hat.
    • Neal: There’s a ticket for this (CS9 secureboot ?) - https://bugzilla.redhat.com/show_bug.cgi?id=2027505
    • Reasonnable to target CS9 only if need be.

Issues

https://git.centos.org/centos/board/issues

Issues to be closed (ACTION close all of them if no objection)

  • None

New issues

  • None

Pending issues

  • #67 Trusting the SIGs by default, from a CentOS Project perspective (Secureboot)
    • See above↓
  • #65 Intel OneApi and Centos stream (Clarification sought - do we actually have any contacts at Intel?
    • Rich has sent feedback via the website, but don’t know whether that will make it to a human.
  • #45 CentOS variant artifacts (ISOs, disk images, etc.) branding
    • Resolved/Approved, but needs to be published. Someone needs to take an action item here.
    • Publish this in the SIG handbook - Rich will do this
    • Add note/reference in the TM guidelines, and vice versa
    • Neal will file a ticket requesting further policy around this
  • #44 Remove former Directors from various accounts and permissions
    • This has been hanging around for 7 months, but it’s unclear how to proceed here.
    • Are former directors still on the mailing lists?
    • Are there specific actions we need to take here?
    • Mailing list, IRC channel, HackMD, mailing list ownership
      • Brian: create a ticket to Infra SIG when a board member goes.
      • Bex: seperate access link to your board role and to the community roles

Issues on hold

  • #04 Definitive answer requested regarding logo design (On hold as I work with Brand to register. No Board action needed at this time.)
  • #27 Providing Official AMIs in Amazon CN regions.
  • #03 Getting official CentOS images into Azure

Community Architect updates

SIG Reports

Leave a Reply

Your email address will not be published. Required fields are marked *