private-distributors-list: add Kinvolk

Question

private-distributors-list: add Kinvolk

vbatts opened this issue 4 years ago · comments

Actively monitored security email alias for our project: security@kinvolk.io

1. Be an actively maintained and CNCF certified distribution of Kubernetes components.
cncf/k8s-conformance#959 (comment)

2. Have a user base not limited to your own organization.
Lokomotive has open-source users, as well as supported users.

3. Have a publicly verifiable track record up to present day of fixing security issues.
This is still early, but releases on https://github.com/kinvolk/lokomotive

4. Not be a downstream or rebuild of another distribution.
Lokomotive has its roots from https://github.com/poseidon/typhoon and still a good relationship, but had differing goals so it fully diverged last year.
Works with upstream otherwise.

5. Be a participant and active contributor in the community.
https://github.com/iaguis
https://github.com/alban
https://github.com/surajssd

6. Accept the Embargo Policy.

yes

7. Be willing to contribute back.

yes

8. Have someone already on the list vouch for the person requesting membership on behalf of your distribution.
Not yet, I will work on this next

Mo Khan · Answer 1 · Wed Jun 03 2020 00:33:22 GMT+0800 (China Standard Time)

General 👍 from me, based on my experiences with @vbatts during my time at Red Hat.

Luke Hinds · Answer 2 · Wed Jun 03 2020 01:02:34 GMT+0800 (China Standard Time)

+1 from me!

Joel Smith · Answer 3 · Fri Jul 10 2020 09:11:39 GMT+0800 (China Standard Time)

Sorry for the delay @vbatts. I will forward any recent notices that you may have missed.

Vincent Batts · Answer 4 · Fri Jul 10 2020 10:12:17 GMT+0800 (China Standard Time)

No worries!