Thank you Niclas, this will help us a lot in figuring out our helm
situation
via Newton Mail
[https://cloudmagic.com/k/d/mailapp?ct=dx&cv=10.0.50&pv=10.15.6&source=email_footer_2]
On Wed, Sep 9, 2020 at 5:36 AM, Kaxil Naik <kaxiln...@gmail.com> wrote:
Credits to Jarek on that one, he is the one who is actually drafting the
proposal.
On Wed, Sep 9, 2020, 13:31 Niclas Hedhman <nic...@apache.org> wrote:
> Corporate requirements are typically that they can build everything from
> sources and have clear instructions (preferably scriptable) on how to do
> that.
>
> Good to hear that ComDev is in the loop and you are together working on
> draft proposals. It will be greatly appreciated.
>
>
> Niclas
>
>
>
> On Wed, Sep 9, 2020, 13:00 Jarek Potiuk <jarek.pot...@polidea.com>
wrote:
>
> > Added Niclas to my response :). Responding to devlist when someone
from
> > outside of it sends a message is tricky :)
> >
> > On Wed, Sep 9, 2020 at 12:35 PM Jarek Potiuk
<jarek.pot...@polidea.com>
> > wrote:
> >
> >> Hello Niclas,
> >>
> >> Thanks for that.
> >>
> >> I feel that this guidance already answers most of my questions.
> >>
> >> I volunteered to lead proposal discussion and preparation for the ASF
> >> Board on this subject (and I am sure other PMCs from Airflow will
also
> be
> >> engaged a lot, so I hope we can work out some reasonable policies on
> that.
> >> I hope to have the first draft proposal for discussion this week. I
also
> >> invited Apache Security team members who are already commenting on
that
> >> thread, as I think those policies should at least provide guidance on
> all
> >> those topics: licensing, security, stability, and "rebuildability"
(for
> the
> >> lack of a better term). Those are IMHO super important if we want to
> >> address the needs of corporate users especially (looking at the
> >> requirements of the corporates we are working with).
> >>
> >> J
> >>
> >>
> >> On Wed, Sep 9, 2020 at 8:38 AM Niclas Hedhman <nic...@apache.org>
> wrote:
> >>
> >>> Hi everyone,
> >>>
> >>> The report submitted to the September Board meeting is requesting
> >>> guidance
> >>> on binary releases, such as Docker and Helm. I act as the board's
> >>> shepherd
> >>> of Airflow, and here to help if needed.
> >>>
> >>> First of all, Apache Software Foundation releases Open SOURCE
software,
> >>> and
> >>> the source release is always the primary one. There are many reasons
> for
> >>> this, such as security (one can know for sure what it contains),
> >>> jurisprudence (trace origin,++) and usability on platforms that the
> >>> community may not provide binaries for.
> >>>
> >>> Many communities provides additional binary releases, that has been
> >>> called
> >>> "Convenience Binaries", but the term is under review/reconsideration
as
> >>> they are for some communities (say, OpenOffice) the primary
artifacts
> >>> for
> >>> the majority of users (OpenOffice users are typically not
developers).
> >>> The
> >>> exact policies around this are being reviewed and worked on at the
> >>> moment.
> >>> Things like credentials to DockerHub or npm are for instance of
> concern,
> >>> as
> >>> well as the long-term stability of some of these distribution
systems.
> >>>
> >>> That said; in general, as long as the binaries are buildable (with
> >>> instructions) and the product can be built and used without reliance
on
> >>> such external systems, then it is mostly OK and it is up to each
> >>> community
> >>> to decide if binaries are provided and how. If there are specific
> >>> questions
> >>> on release policy or special requests, then contact the
Infrastructure
> >>> team
> >>> and ask if it is Ok with them. If there are more general
> >>> thoughts/feedback/discussion items in this space, ComDev is the
place
> to
> >>> approach.
> >>>
> >>> I will also try to do my best to answer questions here...
> >>>
> >>> Niclas Hedhman
> >>>
> >>
> >>
> >> --
> >>
> >> Jarek Potiuk
> >> Polidea <https://www.polidea.com/> | Principal Software Engineer
> >>
> >> M: +48 660 796 129 <+48660796129>
> >> [image: Polidea] <https://www.polidea.com/>
> >>
> >>
> >
> > --
> >
> > Jarek Potiuk
> > Polidea <https://www.polidea.com/> | Principal Software Engineer
> >
> > M: +48 660 796 129 <+48660796129>
> > [image: Polidea] <https://www.polidea.com/>
> >
> >
>
