Ratify - Weekly Meeting Notes

tags: ratify meeting-notes

We hold a weekly Ratify community meeting on Wed 5:00-6:00pm (Pacific Time)
Get Ratify Community Meeting Calendar here

Zoom Link - https://us02web.zoom.us/j/87420862575?pwd=b2xhSU1KYVY1cXIwKy9Xb2pXeDRHUT09

Copy the template
## Meeting date

### Announcement:

### Attendees:
- 

### Actionable Agenda Items:
- _add your items_

### Presentation/Discussion Agenda Items:
- _add your items_

### Notes:

Mar 27, 2025

Attendees:

Agenda Items:

Notes:

Mar 12, 2025

Announcement:

Attendees:

  • Binbin Li
  • Shahram Kalantari
  • Akash Singhal
  • Shiwei Zhang
  • Yi Zha
  • Feynman Zhou
  • Susan Shi
  • Juncheng Zhu

Actionable Agenda Items:

Notes:

  • Ratify maintainers will comment on the issue with suggested error message and ask the user to review
  • Ratify maintainers agreed to change the meeting cadance to bi-weekly and have two meeting series for two different regions/time zones (US West and APAC):
    • The first series will be at 5:00 PM Pacific time (8:00 AM Beijing time/11:00 AM Australia time) on the 2nd Wednesday of each month.
    • The second series will be at 6:30 PM pacific time (9:30 AM Beijing time/12:30 PM Australia time) on the 4th Thursday of each month.

Recording

https://youtube.com/live/aI45e_G-ifg

Feb 26, 2025

Announcement:

Attendees:

  • Binbin Li
  • Akash Singhal
  • Shiwei Zhang
  • Yi Zha
  • Feynman Zhou
  • Luis Dieguez
  • Juncheng Zhu
  • Sajay Antony

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • poll for new community meeting time.
  • issue-2131 AWS auth issue in v1.4. Follow up with Michael.

Notes:


Feb 19, 2025

Announcement:

Attendees:

  • Binbin Li
  • Feynman Zhou
  • Juncheng Zhu
  • Shiwei Zhang
  • Yi Zha
  • Susan Shi
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • Follow-up on Alibaba joining community meeting? @Feynman
  • How can Ratify configures a private registry (https) with a self-signed certificate to ratify auth provider?

Notes:


Feb 12, 2025

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Feynman Zhou
  • Juncheng Zhu
  • Luis Dieguez
  • Shiwei Zhang
  • Yi Zha
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

  • Consider different time series community meeting

  • aligned on keeping ratify as the cli name

recording: https://youtube.com/live/j29cAJCUm5E?feature=share


Feb 5, 2025

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Feynman Zhou
  • Akash Singhal
  • Josh Duffney
  • Juncheng Zhu
  • Luis Dieguez
  • Shiwei Zhang
  • Yi Zha

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • Demo on WASM artifact verification - Josh

Notes:


Jan 29, 2025

Announcement:

  • Josh will give an demo on wasm artifact verification next week
  • Expect limited attendance due to folks being on vacation

Attendees:

  • Akash Singhal
  • Yi Zha
  • Shahram Kalantari
  • Juncheng Zhu

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • New patch releases v1.2.3 & v1.3.2
  • Status update on v1.4.0
    • Cut a new release with important security fixes included
    • PR to cut new v1.4 versioned docs out by Feynman

Notes:


Jan 22, 2025

Moderator: Susan Shi
Notes: Binbin Li

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Akash Singhal
  • Feynman Zhou
  • Junchneg Zhu
  • Shahram Kalantari
  • Yi Zha
  • Shiwei Zhang
  • Sajay Antony
  • Toddy Mladenov

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

  • Akash will host the next community meeting. Follow up to make sure still access to creds

Jan 15, 2025

Moderator: Binbin Li
Notes: Susan Shi

Announcement:

Attendees:

  • Akash Singhal
  • Binbin Li
  • Feynman Zhou
  • Yi Zha
  • Shahram Kalantari
  • Shiwei Zhang
  • Juncheng Zhu
  • Susan Shi

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

  • How to maintain the expired link in ratify docs. https://github.com/ratify-project/ratify/pull/2030

  • Ratify v2 rename suggestion:

    • Command to verify artifact: ratify verify?
    • Binary to start ratify service: ratifyd? replace ratify serve
    • Probably have new commands to configure ratify service or wraps up kubectl command: ratifyctl?
  • CNCF LFX mentorship 2025 - maybe we could consider some doc-related projects and other contributor-friendly sub-projects

  • status check: domain transfer and other cncf onboarding tickets

Notes:

  • We will try to maintain links in active design and proposal doc. We should look into moving non active design doc/proposal into archive, and expired links won't trigger alerts.

  • Create a tracking a issue to brainstorm on binary name

  • Feynman to create a youtube channel for Ratify recording, work with Susan for recording automation

  • Feynman to follow up on trade mark update and maintainer list update

  • Akash will creat tarcking items for TOC items:

    • SLSA provenance
    • Signed binary ( today we only sign the ratify image)
    • Self assessment


Jan 8, 2025

Moderator: Susan Shi
Notes: Binbin Li

Attendees:

  • Susan Shi
  • Binbin Li
  • Feynman Zhou
  • Yi Zha
  • Shahram Kalantari
  • Shiwei Zhang
  • Juncheng Zhu

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

  • add your items

Notes:

  • Keep crl cache config section consistent with other caches.
  • Try out KMP status check in multi-tenancy scenario.
    • It depends on how role/rolebinding setup for each namespace user. By setting up the correct permission for different users, we can avoid accessing status in different namespaces.

Jan 1 2025

Moderator: Binbin Li

Announcement:

  • Ratify-go project created

Attendees:

  • Juncheng Zhu
  • Shahram Kalantari
  • Binbin Li
  • Shiwei Zhang

Actionable Agenda Items:

  • v1.4 status check

Presentation/Discussion Agenda Items:

  • add your items

Notes:


Dec 31 2024

Moderator: Juncheng

Attendees:

  • Juncheng Zhu
  • Shahram Kalantari

Discuss Items

  • RC release would be cut after PR #2002 get merged

Dec 18 2024

Moderator: Binbin Li

Announcement:

Attendees:

  • Binbin Li
  • Feynman Zhou
  • Juncheng Zhu
  • Shahram Kalantari
  • Yi Zha
  • Shiwei Zhang

Actionable Agenda Items:

  • Check v1.4 status
    • CRL
    • Helm chart update for notation trust policy
    • Bugbash doc
  • Kubernetes support matrix of Ratify

Presentation/Discussion Agenda Items:

  • add your items

Notes:


Dec 11 2024

Moderator: Binbin Li
Notes: Susan Shi

Announcement:

Attendees:

  • add your items

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

Targeting 1.4 RC Dec 20
Official release: first week of Jan 25

We will find out about kubeCon EU talk acceptance in Jan2025


Dec 04 2024

Moderator: Susan Shi
Notes:Binbin Li

Attendees:

  • Susan Shi
  • Binbin Li
  • Yi Zha
  • Josh Duffney
  • Feynman Zhou
  • Juncheng Zhu
  • Luis Dieguez
  • Shiwei Zhang
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

Nov 27 2024

Modrator: Binbin Li
Notes: Susan Shi

Announcement:

Attendees:

  • Binbin Li
  • Feynman Zhou
  • Josh Duffney
  • Juncheng Zhu
  • Yi Zha
  • Akash Singhal

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes:

  • nVersion PR is ready for review.
  • Move CRL configuration to Ratify level instead of CRD level
  • Create PR to merge Ratify v2 design to docs. And create separate repos.

recording: https://youtu.be/57QR09f2r24


Nov 20 2024

Modrator: Susan Shi Notes: Binbin Li

Attendees:

  • Susan Shi
  • Binbin Li
  • Akash Singhal
  • Feynman Zhou
  • Josh Duffney
  • Shahram Kalantari
  • Shiwei Zhang
  • Yi Zha
  • Juncheng Zhu

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

  • Shahram will continue to figure out the auth configuration in Azure Authentication Refactoring in Ratify
  • Domain transfer status: Feynman escalated CNCF to help with the domain transfer in a service ticket. We will need to wait CNCF's response to finish the domain name server delegation
  • Alibaba Cloud team committed that they will raise a PR to add their adoption info and review the v2 scope

recording: https://youtu.be/CCDcib3L8j4


Nov 13 2024

Modrator: Binbin Li
Notes: Susan Shi

Announcement:

Attendees:

  • Binbin Li
  • Akash Singhal
  • Feynman Zhou
  • Susan Shi
  • Shahram Kalantari
  • Juncheng Zhu
  • Shiwei Zhang

Actionable Agenda Items:

  • PR reviews:
    • feat: CRL Cache Provider, TODO: please loop in Feynman and Yi if there are any CR changes. Please include a sample CR for review in PR

    • support alibaba cloud rrsa store auth provider, please resolve conversation and perform another round of review this week

  • Issue Triage

Presentation/Discussion Agenda Items:

  • add your items

Notes:

  • Check codecov coverage

recording: https://youtu.be/biaBp3m09Uc


Nov 6 2024

Modrator: Susan Shi Notes:Binbin

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Juncheng Zhu
  • Shahram Kalantari
  • Shiwei Zhang
  • Yi Zha
  • Sajay Antony
  • Josh Duffney

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • V2 Scope document
    • TODO:
      1. reword the first goal with a positive sentiment
      2. call out increase test coverage explicitly
      3. propose priorities for each solution/improvement
      4. link to issues to show customer need
  • Kubecon topics:

We would like to advertise new capabilities. All feedback welcome:
- Cosign Verifier enhancements.
- Kubernetes multi-tenancy support
- Coming soon: Support verifying Notary Project timestamped signature + Certificate Revocation list support

Future looking:
1.We are interested to know types container validations performed and at which phase. Ratify main repo support cli and external data through GK, but we also have poc for Containerd, docker plugin
- ratify-project/ratify-containerd: ratify containerd PoC
- ratify-project/docker-ratify: A docker plugin wrapper for ratify
2. do you have requirements around multi-arch validation, attestation
3. genereal improvement

Notes:

recording: https://youtu.be/F_fNi8t7DNI


Oct 30 2024

Modrator: Binbin Li Notes: Akash Singhal

Announcement:

Call For Proposals (CFP) submit proposals and booth application to KubeCon EU 2025. The deadline is Nov 24, 2024 https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/program/cfp/

Attendees:

  • Binbin Li
  • Akash Singhal
  • Joshua Duffney
  • Yi Zha
  • Feynman Zhou
  • Luis Dieguez
  • Shahram Kalantari

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • Status check for onboard task
    • Domain transfer
    • Zoom account migration
  • Customer feedback on HA scenario. See meeting notes
    • In-memory cache is enough for 5k pods cluster (notation verifier only)
    • Support for multi-arch image validation.
    • customer will run a stress test and provide feedback
    • future consideration: remove extra external dependencies required for HA
  • Log messages being printed to stderr. https://github.com/ratify-project/ratify/issues/1902
    • Binbin will take a look
  • PR review

Notes:

  • Status check for onboard task
    • We need to confirm a certain time with CNCF to implement the domain transfering because it will cause the website unavailable until it is finished.
    • Zoom account migration is blocked due to another dependency needs to be finished by CNCF, see this issue.
  • CFP discussion: call to spend time looking at CFP proposal website and think of any ideas for presentation

recording: https://youtu.be/KdOdG9z_wDQ


Oct 23 2024

Moderator: Binbin Li
Notes: Susan Shi

Announcement:

  • v1.3.1 release coming soon.

Attendees:

  • Susan Shi
  • Binbin Li
  • Shahram Kalantari
  • Juncheng Zhu
  • Josh Duffney
  • Luis Dieguez

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes:

recording: https://youtu.be/aDl8jLbvBZw

TODO: Add CVE to v1.3.1 release note


Oct 16 2024

Moderator: Susan Shi
Notes: Binbin Li

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Akash Singhal
  • Shahram Kalantari
  • Shiwei Zhang
  • Juncheng Zhu
  • Josh Duffney
  • Luis Dieguez

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • trivy version
  • Status check for onboarding task ( moved to next week):
    • Transfer domain: follow up with previous owner
    • Zoom account: open cncf ticket
    • governance:
      • github/GOVERNANCE.md at main · notaryproject/.github
      • community/governance/GOVERNANCE.md at main · oras-project/community (github.com)
      • github/GOVERNANCE.md at main · ratify-project/.github

Notes:

  • Take another look at vuln found by trivy on kubectl
  • Shahram follow up with new contributor on the ReportMetrics PR.
  • CNCF onboarding and governance:

Oct 09 2024

Moderator: Binbin Li
Notes: Susan Shi

Attendees:

  • Binbin Li
  • Luis Dieguez
  • Akash Singhal
  • Yi Zha
  • Shahram Kalantari
  • Shiwei Zhang
  • Juncheng Zhu
  • Susan Shi
  • Feynman Zhou
  • Josh Duffney

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes:

recording: https://youtu.be/WMyCUnHyy6o

[Feynman]

  • Transfer domain: follow up with previous owner
  • Zoom account: open cncf ticket
  • Maintainer please review open governance item

Oct 02 2024

Moderator: Susan Shi Notes: Akash Singhal

Announcement:

Attendees:

  • Susan Shi
  • Josh Duffney
  • Shahram Kalantari
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes:

recording: https://youtu.be/uT-n6Pmpm8k


Sep 25 2024

Moderator: Binbin Li
Notes: Susan Shi

Attendees:

  • Binbin Li
  • Susan Shi
  • Juncheng Zhu
  • Shaharam Kalantari
  • Yi Zha
  • Josh Duffney

Actionable Agenda Items:

  • Review CRL default helm chart experience
    • should ttl config be in KMP or verifier config
    • [Yi] currently cosign CRL is lower priority
  • Milestone review for v1.4
    • Shahram is working on the ACR SDK upgrade, draft pr available soon
    • Josh is working on the design proposal for N versions support
    • Binbin will be focusing on Ratify v2 design

Presentation/Discussion Agenda Items:

  • add your items

Notes

  • TODO:
    • update CRL proposal with any CR config changes
    • follow up with notoryproject on the latest trust policy spec regarding to ttl config
    • follow up on CAs for real world testing

-recording: https://youtu.be/noxvtbaInpU


Sep 18 2024

Moderator: Susan Shi
Notes: Binbin Li

Announcement:

Ratify v1.3.0 available at https://github.com/ratify-project/ratify/releases/tag/v1.3.0

New Features:
1.Support keyless verification in trust policy of Cosign verifier in #1503
2.Support verifying Notary Project timestamped signature in #1538 and #1758
3. Support periodic retrieval of key and certificate from Key Management Providers based on the proposal in #1727 and #1773

Attendees:

  • Binbin Li
  • Susan Shi
  • Feynman Zhou
  • Juncheng Zhu
  • Sajay Antony
  • Shaharam Kalantari
  • Shiwei Zhang
  • Yi Zha

Actionable Agenda Items:

  • Release 1.3 Status

  • docs: Create proposal for annotation-based filtering

    • key points: The exact mechanism for requiring the filtration should be specific to each verifier as the behavior and logic differs based on is actually being attested, as such, it will be part of the verifier configuration.
    • [Sajay] we might want to consider a max age filter
  • Info: The Developer Certificate of Origin (DCO) on Pull Requests is enabled for every repo. It requires all commit messages to contain the Signed-off-by line with an email address that matches the commit author. DCO is a part of the CNCF onboarding list. (Feynman)

  • CNCF onboarding list completion status and timeline

Presentation/Discussion Agenda Items:

  • Debug session demo for cli /server mode

Notes

  • Release v1.3 Ratify-web @Juncheng
  • Follow up on annotation-based filtering offline or arrange another meeting friendly to them.
  • Update Ratify contributing doc to clarify that config.json is required for both CLI and server mode.

recording: https://youtu.be/o5ufkZRDiIg


Sep 11 2024

Moderator: Binbin Li
Notes: Akash Singhal

Announcement:

Attendees:

  • Andy Vermeulen [Rokt]
  • Sushant Adhikari [Rokt]
  • Binbin Li [Microsoft]
  • Akash Singhal [Microsoft]
  • Luis Dieguez [Microsoft]
  • Yi Zha [Microsoft]
  • Shahram Kalantari [Microsoft]
  • Juncheng Zhu [Microsoft]
  • Feynman Zhou [Microsoft]

Actionable Agenda Items:

  • Onboard Ratify to CNCF sandbox project. https://github.com/cncf/toc/issues/1412
    • Feynman will drive completing checklist tracked here
  • Move Ratify community meetings under a CNCF zoom.
    • Action Item: Feynman will file a ticket on CNCF to add meeting to calendar.
  • v1.3 milestone: 1 PR left to merge; waiting on Azure e2e tests to pass. Juncheng will drive cutting release branch and kicking off release. On target for 9/16 release date.

Presentation/Discussion Agenda Items:

  • Design Proposal for Tag and digest co-existing ISSUE 1657 https://github.com/ratify-project/ratify/pull/1793
    • Andy/Sushant will follow up on comments and work on implementation PR
    • General comments:
      • Switch to a string based value to allow for extensible mutation behavior
      • Image references of the form <repo>:<tag>@sha256: will not perform extra tag to digest resolution based on tag. This may lead to digest provided in reference not corresponding to the provided tag; however, Ratify considers digest as source of truth and not tag so digest will have precedence.
      • Feature flags are not necessary and original proposal to propogate mutation behavior via command flag in deployment will be used

Notes

recording: https://youtu.be/3Vv6Gb-VlXQ


Sep 4 2024

Moderator: Susan Shi
Notes: Binbin Li

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Josh Duffney
  • Feynman Zhou
  • Juncheng Zhu
  • Shahram Kalantari
  • Shiwei Zhang
  • Yi Zha

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes

recording: https://youtu.be/W4M6yn3BdsA


Aug 28 2024

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Feynman Zhou
  • Shahram Kalantari
  • Juncheng Zhu
  • Yi Zha
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes

  • Add Codecov badge
  • Todo: create discussion item tracking VAP investigation
  • Todo: understand GK's plan for VAP/External data provider

recording: https://youtu.be/_jDF5F3lF6Q


Aug 21 2024

Moderator: Binbin Li Notes: Susan Shi

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Akash Singhal
  • Josh Duffney
  • Juncheng Zhu
  • Shahram Kalantari

Actionable Agenda Items:

  • Triage issues
  • Milestone 1.3 review

Presentation/Discussion Agenda Items:

Notes

Key Topics:

PR Reviews: The team discussed the status of various PRs, including addressing comments and the potential for merging.

Error Message Refactoring: A refactoring effort to improve error message brevity and clarity was discussed, including increasing the maximum length of error messages.

Notation Version Update: The team discussed the need for testing following the upcoming release of a new version of notation, anticipating no major code changes but a focus on validation.

Documentation Improvement: The idea of adding a spell check feature to the web repository was proposed to help catch typos automatically.

Release Planning: The release date for notation 1.2 and ratify 1.3 was discussed, with a decision to push release to Sep16.

Security Checks: The discussion included the implementation of security checks via the scorecard action job, aiming to cover release branches in future updates.

recording: https://youtu.be/1AgDU2CaLfc


Aug 14 2024

Moderator: Susan Shi

Notes: Binbin Li

Announcement:

Attendees:

  • Susan Shi
  • Binbin Li
  • Akash Singhal
  • Josh Duffney
  • Juncheng Zhu
  • Luis Dieguez
  • Shahram Kalantari
  • Yi Zha
  • Feynman Zhou

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes

  • Add configurable param to enable mutating to tag@digest
  • Add doc tracking deprecating features in v2 recroding: https://youtu.be/PvECDgofelg

Aug 6 2024

Moderator: Binbin Li
Notes: Susan Shi

Announcement:

Attendees:

  • add your items

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes

recording: https://youtu.be/kDQ0-BJWr7g


July 31 2024

Moderator: Susan Shi
Notes: Binbin Li

Announcement:

Attendees:

  • Susan Shi
  • Luis Dieguez
  • Shiwei Zhang
  • Yi Zha
  • Sajay Antony
  • Binbin Li
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes

  • Wait for validation result on TSA bump-up doc
  • Agreement on the error message pattern.
  • Follow up with Josh on the AKS test
  • Validate if docker reference tag+digest works
  • Update CLI config to differentiate cert type input:
    • Update the prerequisite of config refactoring
  • Switch name field in CRDs to type:
    • Check the issue status, @Juncheng
  • Sync with Josh on SetFormatter issue. Probably we can close it. @Binbin

recording: https://youtu.be/y2fo6_kL5hw


July 24 2024

Moderator: Binbin Li
Notes: Susan Shi

Attendees:

  • Josh Duffney
  • Akash Singhal
  • Binbin Li
  • Susan Shi
  • Luis Dieguez
  • Yi Zha
  • Shiwei Zhang
  • Feynman Zhou

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes

recording: https://youtu.be/vLtf_3ElxUA


July 17 2024

Moderator: Susan Shi Notes: Akash Singhal

Announcement:

Attendees:

  • Susan Shi
  • Akash Singhal

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes

Action Items:

  1. Error Message Validation: Analyze current errors with PMs to identify discrepancies between expected and current behavior. (Bin Bin) 46:22

  2. Create issues for resolving discrepancies between expected and current behavior in error messages. (Bin Bin) 46:33

  3. Ratify ContainerD POC: Review the overview document and provide feedback on the learnings and future investment. (Team) 1:08:11

recording: https://youtu.be/5PsJOKqwsmY


July 10 2024

Moderator: Akash Singhal Notes: Binbin Li

Announcement:

Attendees:

  • Binbin Li
  • Akash Singhal
  • Yi Zha
  • Feynman Zhou
  • Josh Duffney
  • Juncheng Zhu
  • Luis Dieguez

Actionable Agenda Items:

Presentation/Discussion Agenda Items:

Notes

  • Create an issue in .github repo to nominate or self-nominate maintainers.
  • Add a contributor ladder doc
  • Trigger the discussion on timeout error handling, but we'll focus on general error handling in v1.3 milestone.

recording: https://youtu.be/hyCQvCJ8ROA


July 3 2024

Moderator: Binbin Li Notes: Susan Shi

Attendees:

  • Susan Shi
  • Josh Duffney
  • Juncheng Zhu
  • Akash Singhal
  • Luis Dieguez
  • Shiwei Zhang
  • Feynman Zhou
  • Binbin Li

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

Notes

TODO: Add Ratify Project Community Repo

notaryproject/.github: Organization-wide repository for common governance documents. And oras-project/community: OCI Registries as Storage (github.com)

https://github.com/notaryproject/.github https://github.com/oras-project/community

Error validation Assignments:

KMP - JunCheng
Store - Feynman
notation verifier - Susan
Cosign verfier - Binbin
JunCheng - Access control
Policy - Yi
? - Akash

CoPilot captured action item:

Project Transfer: Initiate the transfer of Docker and Container D plugins to the Ratify project offline.

Project Donation Process: Draft a clear guidance document on the new project donation process. (Team) 6:40

Community Repo Creation: Create a community GitHub repo for Ratify to host governance documents and proposals.

Test Case Assignment: Assign specific test cases to developers for error handling and verification testing.

AWS Testing Support: Reach out to Jesse for AWS testing support on store configurations. (Feynman)

Governance Doc Repo: Decide on the practice for maintaining governance documents in Ratify

KMP Update Review: Review the proposed changes for KMP update and refresh mechanism. (Team)

Alibaba Cloud Partnership: Share details of the discussion with Alibaba Cloud and coordinate support for their engagement with Ratify and Notary Project. (Feynman)

recording: https://youtu.be/s2Rvki1VNq8


Archive

2023-Jul 2024-Jun

https://github.com/ratify-project/ratify/blob/dev/archive/meeting-notes/ratify-weekly-notes-2023-Jun-2024-Jun.md

2023-Jan 2023-Jun

https://github.com/deislabs/ratify/blob/main/archive/meeting-notes/ratify-weekly-notes-2023-Jan-2023-Jun.md

2022-Jul 2022-Dec

https://github.com/deislabs/ratify/blob/main/archive/meeting-notes/ratify-weekly-notes-2022-Jul-2022-Dec.md

2022-Jan 2022-Jun

https://github.com/deislabs/ratify/blob/main/archive/meeting-notes/ratify-weekly-notes-2022-Jan-2022-Jun.md)

2021-Jul 2021-Dec

https://github.com/deislabs/ratify/blob/main/archive/meeting-notes/ratify-weekly-notes-2021-Jul-2021-Dec.md

Meeting Date

Attendees:

  • add yourself

Actionable Agenda Items:

  • add your items

Presentation/Discussion Agenda Items:

  • add your items

Notes:

Select a repo