|
| 1 | +------------------------------------------------------------- |
| 2 | +name: Rita Zhang |
| 3 | +ID: ritazh |
| 4 | +info: |
| 5 | +- employer: Microsoft |
| 6 | +- slack: ritazh |
| 7 | +------------------------------------------------------------- |
| 8 | + |
| 9 | +## SIGS |
| 10 | + |
| 11 | +- SIG Auth chair |
| 12 | +- Kubernetes Security Response Committee member |
| 13 | +- WG AI Conformance organizer |
| 14 | +- Maintainer: kubernetes-sigs/secrets-store-csi-driver, open-policy-agent/gatekeeper |
| 15 | + |
| 16 | +## What I have done |
| 17 | + |
| 18 | +I’ve spent the last several years advancing security and policy in Kubernetes and the CNCF ecosystem. As a SIG Auth chair and a Security Response Committee member, I’ve helped shape authentication, authorization, policy, and [CVE incident-response](https://github.com/kubernetes/kubernetes/issues?q=is%3Aissue%20state%3Aclosed%20label%3Aofficial-cve-feed%20ritazh) that balance strong safeguards with end user usability. |
| 19 | + |
| 20 | +My technical work spans SIG Auth, SIG Node, WG Device Management, SIG Testing, SIG APIMachinery, and WG LTS. I have driven features like [DRA AdminAccess](https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/5018-dra-adminaccess), [KMSv2](https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/3299-kms-v2-improvements), and [Structured Authorization Configuration](https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3221-structured-authorization-configuration), and contributed numerous bug fixes and enhancements that improve reliability and security for every Kubernetes user. |
| 21 | + |
| 22 | +I co-founded and maintain [Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver) and [Open Policy Agent Gatekeeper](https://github.com/open-policy-agent/gatekeeper), bring secret-management and scalable policy best practices to clusters. I’ve also reviewed and contributed to **Validating Admission Policy** to make policy enforcement more reliable and portable. |
| 23 | + |
| 24 | +I mentor contributors and unblock cross-SIG work by clarifying requirements, driving consensus, and simplifying complex issues so more people can contribute confidently. |
| 25 | + |
| 26 | +## What I’ll do |
| 27 | + |
| 28 | +I care deeply about the health of this project and the people who make it possible. If elected, I’ll focus on: |
| 29 | + |
| 30 | +- **Secure-by-default:** stronger defaults and guardrails without surprising users. |
| 31 | +- **AI conformance:** establish standards so vendors can meet the requirements with less friction. |
| 32 | +- **Cross-SIG collaboration:** reduce “handoff” pain and enable incremental wins. |
| 33 | +- **Contributor growth:** expand mentorship and reviewer pipelines for sustainability. |
| 34 | +- **Project health & sustainability:** ensure the Kubernetes and subprojects are healthy, maintainers are supported, and contributors happy. |
| 35 | +- **Security readiness:** ensure timely fixes for security issues, deprecate unhealthy projects without security contacts, and require clear project status to reduce consumer confusion and increase maintainer accountabiliity. |
| 36 | + |
| 37 | +## Resources About Me |
| 38 | + |
| 39 | +- GitHub: [ritazh](https://github.com/ritazh) |
| 40 | +- LinkedIn: [Rita Zhang](https://www.linkedin.com/in/ritazhang/) |
| 41 | +- Bluesky: [@ritazh.bsky.social](https://bsky.app/profile/ritazh.bsky.social) |
| 42 | +- X: [ritazzhang](https://x.com/ritazzhang) |
| 43 | +- Talks/References: |
| 44 | + - [A Practical Guide To Kubernetes Policy as Code](https://sched.co/1tcxh) |
| 45 | + - [Working Together to Improve Security Visibility in Kubernetes](https://sched.co/1hoxr) |
| 46 | + - [Pushing Authorization Further: CEL, Selectors and Maybe RBAC++](https://sched.co/1hoyX) |
| 47 | + - [A Day in a Life of a Data Scientist, conquer ML Lifecycle on Kubernetes](https://sched.co/FuKv) |
0 commit comments