private-distributors-list: add Kinvolk
vbatts opened this issue · comments
Actively monitored security email alias for our project: security@kinvolk.io
1. Be an actively maintained and CNCF certified distribution of Kubernetes components.
cncf/k8s-conformance#959 (comment)
2. Have a user base not limited to your own organization.
Lokomotive has open-source users, as well as supported users.
3. Have a publicly verifiable track record up to present day of fixing security issues.
This is still early, but releases on https://github.com/kinvolk/lokomotive
4. Not be a downstream or rebuild of another distribution.
Lokomotive has its roots from https://github.com/poseidon/typhoon and still a good relationship, but had differing goals so it fully diverged last year.
Works with upstream otherwise.
5. Be a participant and active contributor in the community.
https://github.com/iaguis
https://github.com/alban
https://github.com/surajssd
6. Accept the Embargo Policy.
yes
7. Be willing to contribute back.
yes
8. Have someone already on the list vouch for the person requesting membership on behalf of your distribution.
Not yet, I will work on this next
General 👍 from me, based on my experiences with @vbatts during my time at Red Hat.
+1 from me!
Sorry for the delay @vbatts. I will forward any recent notices that you may have missed.
No worries!