Want to work with CNCF Supply Chain Security WG to make SPIRE an example of best practice? #5783
Labels
triage/in-progress
Issue triage is in progress
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Over at the CNCF TAG Security - Supply Chain Security WG, we're looking for a CNCF project to be an example of supply chain security best practice to point people to, and SPIRE came up at the last meeting as a potential candidate.
I brought this up in Slack and was directed to raise it here.
We recently published an updated version of our whitepaper.
Is there appetite in this community to collaborate on this? We've not done this before, so we'll need to figure out what works, but I suspect we'd need to have someone on point from SPIRE and someone from the Supply Chain WG (possibly myself) to first figure out the gaps (if any), and then work together to fill some of them. Culminating perhaps with a blog or something detailing the journey?
If there's interested in this, it would be much appreciated, and could bring the benefit of reducing the supply chain risk for this project, and ultimately others in the ecosystem!
Come find us in Slack
The text was updated successfully, but these errors were encountered: