Merge branch 'main' into patch-1

Author: emalm

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,51 @@
+# Code of Conduct
+
+To ensure we maintain a welcome and thriving environment to collaborate we’ve come up with some general guidelines that apply to participants in the Cloud Foundry community.
+
+This markdown file is taken from the [online code of conduct](https://www.cloudfoundry.org/code-of-conduct/). If deviations occur, please alert the project and consider the online version to be the correct source.
+
+## Guidelines
+
+**Act Professionally**: Be courteous, respectful and polite to fellow community members: no racial, gender, or other abuse will be tolerated.
+
+**We value diversity and inclusiveness**: Make everyone in our community feel welcome, regardless of their background and the extent of their contributions, and do everything possible to encourage participation in our community. We do not tolerate exclusionary behavior.
+
+**Be careful in the words that we choose**: Whether we are participating as professionals or volunteers, we value professionalism in all interactions, and take responsibility for our own speech. Be kind to others. Do not insult or put down other participants. Harassment and other exclusionary behavior are not acceptable. This includes, but is not limited to:
+
+- Violent threats or language directed against another person.
+- Sexist, racist, or otherwise discriminatory jokes and language.
+- Posting sexually explicit or violent material.
+- Posting (or threatening to post) other people’s personally identifying information (“doxing”).
+- Sharing private content without prior consent, such as emails sent privately or non-publicly, or unlogged forums such as private IMs.
+- Personal insults, especially those using racist or sexist terms.
+- Unwelcome sexual attention.
+- Bullying or repeated harassment of others. In general, if someone asks you to stop, then stop.
+- Advocating for, staying silent about, not reporting, or encouraging, any of the above behavior.
+
+**Keep it legal**: Share only content that you own, do not share private or sensitive information, and do not break the law.
+
+**Stay on topic**: Make sure that you are posting to the correct channel and avoid off-topic discussions. Remember when you update an issue or respond to an email you are potentially sending to a large number of people.
+
+**Respect all Cloud Foundry community forums**: The previous list applies to all forms of interaction including, but not limited to: participation in the Dojos, social media such as Twitter, IRC, the mailing lists, the issue tracker, review comments, and any other forum that is used by the community. Events that take place in public spaces, such as conferences and meetup groups, will generally have their own code of conduct or similar community guidelines. As such, the guidelines for a specific event should be followed.
+
+**Step down considerately**: Members of every project come and go, and Cloud Foundry is no different. When somebody leaves or disengages from the project, in whole or in part, we ask that they do so in a way that minimizes disruption to the project. This means they should tell people they are leaving and take the proper steps to ensure that others can pick up where they left off.
+
+**Keep in mind**: Your work will be used by other people, and you, in turn, will depend on the work of others.
+
+Decisions that you make will often affect others in the community.
+
+Disagreements happen, but should not be an excuse for poor behavior and bad manners. When disagreements do happen, work together to solve them effectively and with comity.
+
+People may not understand jokes, sarcasm, and oblique references in the same way that you do. So remember that and be kind to the other members of the community.
+
+Sexist, racist, and other prejudicial or exclusionary comments are not welcome in the community.
+
+You are participating in an open source software project of a global scope. Please keep in mind how words, the tone of statements and sarcasm may be interpreted (or misinterpreted) by others.
+
+## Report an Incident
+
+To report incidents or to appeal reports of incidents, send an email to [[email protected]](mailto:[email protected]). Please include any available relevant information, including links to any publicly accessible material relating to the matter. Every effort will be taken to ensure a safe and collegial environment in which to collaborate on matters relating to the Foundation. In order to protect the community, the Foundation reserves the right to take appropriate action, potentially including the removal of an individual from any and all participation in the project. The Foundation will work towards an equitable resolution in the event of a misunderstanding.
+
+## Credits
+
+This code of conduct is based on the example policy from the Geek Feminism wiki, created by the Ada Initiative and other volunteers, as well as several other policies, including the Ohio LinuxFest anti-harassment policy, written by Esther Filderman and Beth Lynn Eicher, and the Con Anti-Harassment Project. Mary Gardiner, Valerie Aurora, Sarah Smith, and Donna Benjamin generalized the policies and added supporting material. Many members of LinuxChix, Geek Feminism and other groups contributed to this work. Additional thanks to the Ubuntu, Chef, Puppet, Docker, CouchDB and OpenStack communities for providing inspiration for these guidelines.

.github/ISSUE_TEMPLATE/toc-candidate-nomination.md

@@ -9,6 +9,8 @@ assignees: ''
 
 Candidate Name: [name of person being nominated]
 
+Candidate GitHub Username: [GitHub username of person being nominated]
+
 Affiliation: [employer of candidate]
 
 Nomination Statement: [Describe why this person (or you!) would make a good member of the TOC]

.github/workflows/org-management-check-prs.yml

@@ -3,51 +3,22 @@ on:
   pull_request:
     paths:
       - 'org/*'
+      - 'toc/TOC.md'
+      - 'toc/working-groups/*.md'
 
 jobs:
-  peribolos-check:
+  org-config-generation-check:
     runs-on: ubuntu-18.04
-    services:
-      ghproxy:
-        image: rkoster/ghproxy
-        options: >-
-          --mount type=bind,source=/etc/passwd,target=/etc/passwd,readonly
-          --mount type=bind,source=/etc/group,target=/etc/group,readonly
-        ports:
-          - 8888:8888
-        volumes:
-          - ${{ github.workspace }}/ghproxy-cache:/cache
     steps:
-      - name: ghproxy-cache
-        uses: actions/cache@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
         with:
-          path: ${{ github.workspace }}/ghproxy-cache
-          key: ghproxy-cache-${{ github.run_number }}
-          restore-keys: |
-            ghproxy-cache-
+          python-version: 3.9
       - uses: actions/checkout@v2
         with:
           path: community
-      - name: write github token
+      - name: Generate github org configuration
         run: |
-          echo "${GH_TOKEN}" > token
-        env:
-          GH_TOKEN: ${{ secrets.GH_TOKEN }}
-      - name: peribolos-check
-        uses: docker://gcr.io/k8s-prow/peribolos
-        with:
-          entrypoint: /ko-app/peribolos
-          args: >-
-            --confirm=false
-            --github-endpoint http://ghproxy:8888
-            --required-admins=thelinuxfoundation
-            --min-admins=5
-            --github-token-path=token
-            --require-self=false
-            --config-path=community/org/cloudfoundry.yml
-            --fix-org
-            --fix-org-members
-            --fix-repos
-            --fix-teams
-            --fix-team-members
-            --fix-team-repos
+          python -m pip install --upgrade pip
+          pip install -r community/org/requirements.txt
+          python community/org/org_management.py -o cloudfoundry.out.yml

.github/workflows/org-management-peribolos-dump.yml

@@ -0,0 +1,57 @@
+name: 'Dump Github Organization Settings'
+on:
+  workflow_dispatch
+
+jobs:  
+  generate-peribolos-dump:
+    runs-on: ubuntu-18.04
+    concurrency:
+      group: peribolos
+    services:
+      ghproxy:
+        image: rkoster/ghproxy
+        options: >-
+          --mount type=bind,source=/etc/passwd,target=/etc/passwd,readonly
+          --mount type=bind,source=/etc/group,target=/etc/group,readonly
+        ports:
+          - 8888:8888
+        volumes:
+          - ${{ github.workspace }}/ghproxy-cache:/cache
+    steps:
+      - name: ghproxy-cache
+        uses: actions/cache@v3
+        with:
+          path: ${{ github.workspace }}/ghproxy-cache
+          key: ghproxy-cache-${{ github.run_number }}
+          restore-keys: |
+            ghproxy-cache-
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # full clone so a PR can be created if needed
+          path: community
+      - name: write github private key
+        run: |
+          echo "${GH_PRIVATE_KEY}" > private_key
+          echo "${GH_TOKEN}" > token
+        env:
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          GH_PRIVATE_KEY: ${{ secrets.GH_PRIVATE_KEY }}
+      - name: generate-peribolos-dump
+        uses: docker://gcr.io/k8s-prow/peribolos
+        with:
+          entrypoint: /bin/sh
+          # Switch back to app auth once following PR gets merged: https://github.com/kubernetes/test-infra/pull/24882
+          # args: --dump-full --dump cloudfoundry --github-app-id=${{ secrets.GH_APP_ID }} --github-app-private-key-path=private_key > org/cloudfoundry.yml
+          args: -c "/ko-app/peribolos --dump-full --dump cloudfoundry --github-endpoint http://ghproxy:8888 --github-token-path=token > community/org/cloudfoundry.yml"
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          path: community
+          add-paths: org/cloudfoundry.yml
+          commit-message: Run peribolos -dump-full
+          branch: peribolos-dump
+          draft: true
+          title: 'Sync org/cloudfoundry.yml with reality'
+          body: |
+            This PR contains a fresh peribolos dump.
+            PR is intended for debugging. Don't merge as-is because parts of the cloudfoundry org configuration are generated from WG charters.

.github/workflows/org-management.yml

@@ -5,6 +5,8 @@ on:
       - 'main'
     paths:
       - 'org/*'
+      - 'toc/TOC.md'
+      - 'toc/working-groups/*.md'
       - '.github/workflows/org-management.yml'
   schedule:
     - cron: '0 */5 * * *'
@@ -32,10 +34,18 @@ jobs:
           key: ghproxy-cache-${{ github.run_number }}
           restore-keys: |
             ghproxy-cache-
-      - uses: actions/checkout@v2
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: 3.9
+      - uses: actions/checkout@v3
         with:
-          fetch-depth: 0 # full clone so a PR can be created if needed
           path: community
+      - name: Generate github org configuration
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r community/org/requirements.txt
+          python community/org/org_management.py -o cloudfoundry.out.yml
       - name: write github private key
         run: |
           echo "${GH_PRIVATE_KEY}" > private_key
@@ -44,7 +54,6 @@ jobs:
           GH_TOKEN: ${{ secrets.GH_TOKEN }}
           GH_PRIVATE_KEY: ${{ secrets.GH_PRIVATE_KEY }}
       - name: peribolos
-        continue-on-error: true
         id: peribolos
         uses: docker://gcr.io/k8s-prow/peribolos
         with:
@@ -57,38 +66,11 @@ jobs:
             --github-app-id=${{ secrets.GH_APP_ID }}
             --github-app-private-key-path=private_key
             --require-self=false
-            --config-path=community/org/cloudfoundry.yml
+            --config-path=cloudfoundry.out.yml
             --fix-org
             --fix-org-members
             --fix-repos
             --fix-teams
             --fix-team-members
             --fix-team-repos
-      - name: debug
-        run: echo "${{ toJSON(steps.peribolos.outcome == 'failure') }}"
-      - name: generate-peribolos-dump
-        if: ${{ steps.peribolos.outcome == 'failure' }}
-        uses: docker://gcr.io/k8s-prow/peribolos
-        with:
-          entrypoint: /bin/sh
-          # Switch back to app auth once following PR gets merged: https://github.com/kubernetes/test-infra/pull/24882
-          # args: --dump-full --dump cloudfoundry --github-app-id=${{ secrets.GH_APP_ID }} --github-app-private-key-path=private_key > org/cloudfoundry.yml
-          args: -c "/ko-app/peribolos --dump-full --dump cloudfoundry --github-endpoint http://ghproxy:8888 --github-token-path=token > community/org/cloudfoundry.yml"
-      - name: Create Pull Request
-        if: ${{ steps.peribolos.outcome == 'failure' }}
-        uses: peter-evans/create-pull-request@v4
-        with:
-          path: community
-          add-paths: org/cloudfoundry.yml
-          commit-message: Run peribolos -dump-full
-          branch: peribolos-dump
-          title: 'Sync org/cloudfoundry.yml with reality'
-          body: |
-            Peribolos failed to sync here: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}
-
-            This PR contains a fresh periobos dump which once merged should resolve the sync issues.
-      - name: Fail job on sync failure
-        if: ${{ steps.peribolos.outcome == 'failure' }}
-        run: |
-          echo "sync job failed, dump PR created"
-          exit 1
+            --allow-repo-archival 

.gitignore

@@ -1,3 +1,6 @@
 
 toc/elections/2021/private.csv
 /.secrets
+.vscode
+__pycache__
+cloudfoundry.out.yml

elections/2021/TOC/README.md

@@ -0,0 +1,62 @@
+# 2021 CFF TOC Election Guide
+
+## Overview
+
+Each year, the CFF technical community holds an election for open seats on the 
+Technical Oversight Committee (TOC). The rules governing this election are set in the 
+[CFF's project charter](../../../governing-board/charter.md) (See section 7(b) and 7(e)
+for the relevant details).
+
+This guide exists to serve as a guide to this year's election process.
+
+## Schedule
+
+| Date                       | Event                    |
+| -------------------------- | ------------------------ |
+| May 11                   | Announcement of Election (at least 4 weeks before results) |
+| May 11 through May 28  | Candidate nomination period (at least 2 weeks long and ending 2 weeks before results |
+| June 1     | Election Begins via email ballots (alow 2 work days to prepare election system) |
+| June 15     | Election Closes (at least 2 weeks after election begins) |
+| *June 17*   | Announcement of Results (at least 2 work days after election ends) |
+
+## Candidate Processes
+
+**Nominations**
+
+Every eligible voter can nominate candidates for the TOC, and we encourage you to do so. If you are 
+eligible to serve on the TOC, you can self nominate! If you want to nominate someone else, do so as 
+well! 
+
+You can nominate someone for the TOC by [submitting an issue using this template](https://github.com/cloudfoundry/community/issues/new?assignees=&labels=election&template=toc-candidate-nomination.md&title=TOC+Candidate+Nomination+for+%5BPerson+Name%5D). 
+
+The deadline is May 28th to be nominated (and for the nominee to indicate acceptance).
+
+It is strongly recommended that you confirm that a nominee is interested and willing
+to accept the nomination prior to submitting the nomination issue.
+
+**Confirming Nominee Eligibility**
+
+Once a nomination is received, the CFF staff will contact the nominee to confirm acceptance
+of the nomination. If the nominee accepts, they will be added to the list of nominees at the bottom
+of this file. The nomination issue will be closed, noting if the nominee accepted or declined the 
+nomination.
+
+## Voting Process
+
+The election will be conducted using a time-limited [Condorcet](https://civs.cs.cornell.edu/rp.html) ranking 
+on [CIVS](http://civs.cs.cornell.edu/) using the Schulze method. 
+
+Voters will receive an email with a ballot link. Voters will have until the end of the election cycle 
+to submit their ballot.
+
+## Election Results
+
+The newly elected body will be announced via [email protected] on 17 Jun, 2021.
+
+Following the announcement, the raw voting results and winners will be published.
+
+## Nominees
+
+|    Name    | Organization/Company |  GitHub  |
+|:----------:|:--------------------:|:--------:|
+| Name | Employer | [@githubid](https://github.com/githubid) |

toc/elections/2021/ballots.csv renamed to elections/2021/TOC/ballots.csv

@@ -0,0 +1,50 @@
+# 2021 CFF Technical Oversight Committee Election Results
+
+Many thanks to everyone who took the time to register and vote in the first Cloud Foundry Foundation annual election for our newly forming Technical Oversight Committee (TOC). I also extend my deep thanks to all of the nominees who agreed to run in the election. Overall, our community’s participation in this election process was outstanding (especially given that this was our first time doing this!)
+
+And with that preamble, I’m pleased to announce our first CFF Technical Oversight Committee will be:
+
+* Eric Malm (VMware)
+* David Stevenson (VMware)
+* Jan von Loewenstein (SAP)
+* Stephan Merker (SAP)
+* Lee Porte (GOV.UK)
+
+Congratulations to Eric, David, Jan, Stephan and Lee! I’m looking forward to working with you to get the TOC up and running.
+
+## Details
+
+One of the [primary principles](https://github.com/cloudfoundry/community/blob/main/toc/PRINCIPLES.md) that our technical governance process is based on is transparency. That applies to the election process and results themselves, with the only exception being that ballot records are anonymous. 
+
+With that in mind, here are the election details:
+
+Election Supervisor: Chip Childers
+
+Announced end of poll: June 15, 2021
+
+Actual time poll closed: 6/15/2021, 8:07:44 PM ET
+
+Private poll (125 authorized voters)
+
+Actual votes cast: 98
+
+Complete results of the election, using the Schulze rules for Condorcet completion, are:
+
+1. Eric Malm  (Condorcet winner: wins contests with all other choices)
+2. David Stevenson  loses to Eric Malm by 62–22
+3. Jan von Loewenstein  loses to Eric Malm by 73–22, loses to David Stevenson by 60–34
+4. Stephan Merker  loses to Eric Malm by 70–25, loses to Jan von Loewenstein by 46–31
+5. Beyhan Veli  loses to Eric Malm by 72–23, loses to Stephan Merker by 42–35
+6. Lee Porte  loses to Eric Malm by 83–8, loses to Beyhan Veli by 48–41
+7. Andrew Edgar  loses to Eric Malm by 82–10, loses to Lee Porte by 43–41
+8. Daniel Vaughan  loses to Eric Malm by 90–1, loses to Andrew Edgar by 58–14
+
+Our TOC rules for a maximum of 2 TOC members from the same employer must be applied to these results, placing Lee Porte on the TOC instead of Beyhan Veli.
+
+Eric and David were the top two nominees of the group, meaning that both of them will have the full two year TOC member term. Jan, Stephan and Lee will each have a one year term, and their seats on the TOC will be up for election again in 2022. Keep in mind that this difference in term lengths only applies to this first election. In 2022, those three TOC seats will be elected for the standard TOC member term of two years. Of course, Jan, Stephan and Lee will be more than welcome to run in 2022.
+
+Records of all cast ballots are available in [CSV format here](ballots.csv).
+
+## 2022-05-17 Amendment
+
+In the TOC meeting on May 17th, 2022, the TOC decided it would be more equitable to distribute the seats with the 2021-2023 terms evenly between the VMware and the SAP representatives. The TOC also decided to allocate the 2-year seat to Stephan Merker, since Jan von Loewenstein intends not to run for a continued position on the TOC after the 2021-2022 term.