December 2021 Board Meeting Minutes
Note: Posting late, as we appear to have overlooked posting these after the December meeting.
Note: The November board meeting didn't happen due to scheduling conflicts, so there are no minutes for that month.
Attendees
Board members
- Pat Riehecky
- Thomas Oulevey
- Rich Bowen
- Davide Cavalca
- Tru Huynh
- Mike
- Jim
- Bex
- Josh Boyer joined at :30
Directors Absent
- Josh Boyer sends regrets (but made it a bit late 🙂
- Johnny
Guests
- Lance
- Neal
- Shaun
- Peter Georg
- Aoife Moloney
- Steven
- Amy
Agenda
-
Previous minutes
- https://blog.centos.org/2021/11/october-2021-board-meeting-minutes/
- November meeting was skipped
-
Board seat nominations
- https://lists.centos.org/pipermail/centos-devel/2021-November/077422.html
- 11 nominations
- 7 accepted, with nomination statements
- 2 declined
- 2 never responded in any way
-
Proposal for -extras on CS9 (Brian)
- https://lists.centos.org/pipermail/centos-devel/2021-November/077417.html
- Proposal: Remove extra red tape from process to get packages into -extras repo
- SIG-like structure for the repo, with SIG chairs as members
- Members could tag packages for release when they’re ready
- Will proceed unless there are objections expressed
- What do we do about third-party repos like EPEL?
- Need a policy drafted for this.
- Policy on retiring unmaintained repos
- Pat&Davide: document the process (and for SIGs) so they are well informed
- Brian: yes
- Tru : How do you resolve conflicts ?
- Brian: just for -release packages so likely no conflicts
- Tru: Concerned also about conflicts with third-party repos
- Davide: would the infra SIG be a good parent organization?
- Bex: reporting on how many releases are updating their repo defs (and what that means in context) might be a useful stat.
- Davide: finding out how many folks are downstream consumers of a SIG Repo def could help identify a general number of users (which could be handy).
- Move forward with the proposal and document it in the SIG Guide + above comments
On going discussion
- Secure boot and SIGs (ie, issue #67 below)
- SIGs want to ship content that needs to be signed
- Signing with personal keys results in a terrible user experience
- Options
- Just use project key
- Make a separate key for these artifacts, and get this added to the shim
- Pat: preference for 2/ - separate volonteers effort
- Brian: For the Infra, figure out a long term gov for people interacting with Microsoft. Trusted set of people to manage keys.
- Davide: Could be centralized for all SIGs ? Does it need to be someone at RH ?
- Bex: Board perspective on why having all the released signed by the same key could be a problem ? Safeguard at the SIG acceptance level ?
- Neal : Delegate key that can be removed / Think about users perspective for booting things in an easy way
- Understand how delegate key and shim can be done ? Brian is happy to follow up the different technical questions.
- Bex : Write a detailed proposal and bring it to Red Hat.
- Neal: There’s a ticket for this (CS9 secureboot ?) - https://bugzilla.redhat.com/show_bug.cgi?id=2027505
- Reasonnable to target CS9 only if need be.
Issues
https://git.centos.org/centos/board/issues
Issues to be closed (ACTION close all of them if no objection)
- None
New issues
- None
Pending issues
- #67 Trusting the SIGs by default, from a CentOS Project perspective (Secureboot)
- See above↓
- #65 Intel OneApi and Centos stream (Clarification sought - do we actually have any contacts at Intel?
- Rich has sent feedback via the website, but don’t know whether that will make it to a human.
- #45 CentOS variant artifacts (ISOs, disk images, etc.) branding
- Resolved/Approved, but needs to be published. Someone needs to take an action item here.
- Publish this in the SIG handbook - Rich will do this
- Add note/reference in the TM guidelines, and vice versa
- Neal will file a ticket requesting further policy around this
- #44 Remove former Directors from various accounts and permissions
- This has been hanging around for 7 months, but it’s unclear how to proceed here.
- Are former directors still on the mailing lists?
- Are there specific actions we need to take here?
- Mailing list, IRC channel, HackMD, mailing list ownership
- Brian: create a ticket to Infra SIG when a board member goes.
- Bex: seperate access link to your board role and to the community roles
Issues on hold
- #04 Definitive answer requested regarding logo design (On hold as I work with Brand to register. No Board action needed at this time.)
- #27 Providing Official AMIs in Amazon CN regions.
- #03 Getting official CentOS images into Azure
Community Architect updates
- Stream 9 “launch” messaging - https://blog.centos.org/2021/12/introducing-centos-stream-9/ and https://centos.org/stream9/
- FOSDEM Dojo CFP - https://wiki.centos.org/Events/Dojo/FOSDEM2022
- AMA on the 4th of Feb
SIG Reports
- Virtualization - https://blog.centos.org/2021/12/centos-community-newsletter-december-2021/#:~:text=the past quarter.-,Virtualization,-Advanced Virtualization updates
- OpsTools - https://blog.centos.org/2021/12/centos-community-newsletter-december-2021/#:~:text=CentOS OpsTools SIG Quarterly Report
Leave a Reply