Note: Posting late, as we appear to have overlooked posting these after the December meeting.

Note: The November board meeting didn't happen due to scheduling conflicts, so there are no minutes for that month.

Attendees

Board members

• Pat Riehecky
• Thomas Oulevey
• Rich Bowen
• Davide Cavalca
• Tru Huynh
• Mike
• Jim
• Bex
• Josh Boyer joined at :30

Directors Absent

• Josh Boyer sends regrets (but made it a bit late 🙂
• Johnny

Guests

• Lance
• Neal
• Shaun
• Peter Georg
• Aoife Moloney
• Steven
• Amy

Agenda

• Previous minutes

  • https://blog.centos.org/2021/11/october-2021-board-meeting-minutes/
  • November meeting was skipped

• Board seat nominations

  • https://lists.centos.org/pipermail/centos-devel/2021-November/077422.html
  • 11 nominations
  • 7 accepted, with nomination statements
  • 2 declined
  • 2 never responded in any way

• Proposal for -extras on CS9 (Brian)

  • https://lists.centos.org/pipermail/centos-devel/2021-November/077417.html
  • Proposal: Remove extra red tape from process to get packages into -extras repo
  • SIG-like structure for the repo, with SIG chairs as members
  • Members could tag packages for release when they’re ready
  • Will proceed unless there are objections expressed
  • What do we do about third-party repos like EPEL?
  • Need a policy drafted for this.
    • Policy on retiring unmaintained repos
  • Pat&Davide: document the process (and for SIGs) so they are well informed
    • Brian: yes
  • Tru : How do you resolve conflicts ?
    • Brian: just for -release packages so likely no conflicts
    • Tru: Concerned also about conflicts with third-party repos
  • Davide: would the infra SIG be a good parent organization?
  • Bex: reporting on how many releases are updating their repo defs (and what that means in context) might be a useful stat.
  • Davide: finding out how many folks are downstream consumers of a SIG Repo def could help identify a general number of users (which could be handy).
  • Move forward with the proposal and document it in the SIG Guide + above comments

On going discussion

• Secure boot and SIGs (ie, issue #67 below)
  • SIGs want to ship content that needs to be signed
  • Signing with personal keys results in a terrible user experience
  • Options
    1. Just use project key
    2. Make a separate key for these artifacts, and get this added to the shim
  • Pat: preference for 2/ - separate volonteers effort
  • Brian: For the Infra, figure out a long term gov for people interacting with Microsoft. Trusted set of people to manage keys.
  • Davide: Could be centralized for all SIGs ? Does it need to be someone at RH ?
  • Bex: Board perspective on why having all the released signed by the same key could be a problem ? Safeguard at the SIG acceptance level ?
  • Neal : Delegate key that can be removed / Think about users perspective for booting things in an easy way
  • Understand how delegate key and shim can be done ? Brian is happy to follow up the different technical questions.
  • Bex : Write a detailed proposal and bring it to Red Hat.
  • Neal: There’s a ticket for this (CS9 secureboot ?) - https://bugzilla.redhat.com/show_bug.cgi?id=2027505
  • Reasonnable to target CS9 only if need be.

Issues

https://git.centos.org/centos/board/issues

Issues to be closed (ACTION close all of them if no objection)

• None

New issues

• None

Pending issues

• #67 Trusting the SIGs by default, from a CentOS Project perspective (Secureboot)
  • See above↓
• #65 Intel OneApi and Centos stream (Clarification sought - do we actually have any contacts at Intel?
  • Rich has sent feedback via the website, but don’t know whether that will make it to a human.
• #45 CentOS variant artifacts (ISOs, disk images, etc.) branding
  • Resolved/Approved, but needs to be published. Someone needs to take an action item here.
  • Publish this in the SIG handbook - Rich will do this
  • Add note/reference in the TM guidelines, and vice versa
  • Neal will file a ticket requesting further policy around this
• #44 Remove former Directors from various accounts and permissions
  • This has been hanging around for 7 months, but it’s unclear how to proceed here.
  • Are former directors still on the mailing lists?
  • Are there specific actions we need to take here?
  • Mailing list, IRC channel, HackMD, mailing list ownership
    • Brian: create a ticket to Infra SIG when a board member goes.
    • Bex: seperate access link to your board role and to the community roles

Issues on hold

• #04 Definitive answer requested regarding logo design (On hold as I work with Brand to register. No Board action needed at this time.)
• #27 Providing Official AMIs in Amazon CN regions.
• #03 Getting official CentOS images into Azure

Community Architect updates

• Stream 9 “launch” messaging - https://blog.centos.org/2021/12/introducing-centos-stream-9/ and https://centos.org/stream9/
• FOSDEM Dojo CFP - https://wiki.centos.org/Events/Dojo/FOSDEM2022
  • AMA on the 4th of Feb

SIG Reports

• Virtualization - https://blog.centos.org/2021/12/centos-community-newsletter-december-2021/#:~:text=the past quarter.-,Virtualization,-Advanced Virtualization updates
• OpsTools - https://blog.centos.org/2021/12/centos-community-newsletter-december-2021/#:~:text=CentOS OpsTools SIG Quarterly Report