Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[new-product]: policy-controller #6042

Open
wants to merge 10 commits into
base: master
Choose a base branch
from

Conversation

Jubblin
Copy link

@Jubblin Jubblin commented Oct 18, 2024

addition of sigstore policy controller https://docs.sigstore.dev/policy-controller/overview/


identifiers:
- purl: pkg:github/sigstore/policy-controller
- repology: sigstore
Copy link
Member

@captn3m0 captn3m0 Oct 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like the package for sigstore-python in homebrew only at this point:

Suggested change
- repology: sigstore

https://repology.org/project/sigstore/information

This will very likely be installed as a container image, so we should include those in the identifers. I could find the following relevant images:

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated as requested

Copy link
Member

@captn3m0 captn3m0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The releaseCycle look inaccurate. Having a supportedK8sVersions (see kyverno.md custom column will be nice.

It is unclear to me if the product is considered stable for production use. There is no 1.x release, and the website says:

This component is still actively under development!

None of the releases so far mention stable or production.


> [policy-controller](https://github.com/sigstore/policy-controller) The policy-controller admission controller can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign.

We are intending to move to a monthly cadence for minor releases. Minor releases will be published around the beginning of the month. We may cut a patch release instead, if the changes are small enough not to warrant a minor release. We will also cut patch releases periodically as needed to address bugs.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All descriptions should use a neutral third-person voice, something like:

Suggested change
We are intending to move to a monthly cadence for minor releases. Minor releases will be published around the beginning of the month. We may cut a patch release instead, if the changes are small enough not to warrant a minor release. We will also cut patch releases periodically as needed to address bugs.
The project is planning to move to a monthly cadence for minor releases, which will be
published near the month start. A patch release might be made instead if
the changes are small enough.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated as suggested

@chenrui333 chenrui333 added the new-product This PR adds a new product to the website. label Oct 22, 2024
@Jubblin Jubblin requested a review from captn3m0 December 13, 2024 13:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
new-product This PR adds a new product to the website.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants