Wednesday, November 1, 2023

Why should you contribute to community projects? Some information about CNCF and OpenSSF.

I start with a premise for those who may not already know: the open-source software ecosystem often revolves around foundations, with the most famous probably being the Linux Foundation.

Regarding the cloud-native domain, the reference foundation is the Cloud Native Computing Foundation, commonly known as CNCF.

The CNCF is a foundation created by the Linux Foundation in 2015, specifically to handle the management of projects in the cloud-native domain. In simple terms, we could define it as a third-party, vendor-neutral entity that regulates the development and activities related to all the major projects related to containerized technologies like Kubernetes.

The foundation consists of a large number of sub-entities, working groups that oversee various projects, and much of the work is done by volunteers. To participate, the rules of the CNCF's code of conduct must be adhered to.

Speaking about Kubernetes and the main projects associated with it, you can imagine the amount of work required to make this system function and how many people at all levels can be needed to contribute to both technical and non-technical projects.

Throughout my career, I have always tried to be a part of what surrounded my professional world, taking part in events, speaking at events, and even organizing them.

Even in my current role at SIGHUP, I have maintained the same approach and operating mode. Since the past few months, I have been part of the Italian team responsible for the Italian localization of the CNCF's glossary.

I share this with you because I find it extremely rewarding to participate in these kinds of initiatives, getting to know new people, perhaps stepping out of one's comfort zone a bit, and being of assistance to people and companies one may not know, all for the sake of fostering a better ecosystem.

As you can imagine, contributions can be made at all levels, with different teams for the different scopes. Of course, it's common to work with people from all around the world and from diverse backgrounds.

As a colleague told me a few days ago, "if you enter a meeting and feel like a fool compared to the other participants, it probably means you're in the right place," because participating in meetings, even as an observer, with high-level individuals is a great opportunity for professional growth.

Well, now that I've piqued your interest, how can you participate or find a project that suits you?

I suggest a series of links where you can find information about CNCF events and projects:

What I've mentioned above also applies to another foundation, very interesting, born in 2020, called the Open Source Security Foundation, commonly abbreviated as OpenSSF. This foundation is an initiative of the Linux Foundation and focuses on enhancing the security of open-source software.

Since I work in security, I closely follow various initiatives of this foundation.

At the moment, due to time constraints, I'm not an active contributor, but members of my team have already had the opportunity to contribute and participate in various working group meetings. It's important to always adhere to the code of conduct when participating and contributing.

In this case as well, I'll provide you with some useful links where you can find collaboration ideas for OpenSSF:


No comments:

Post a Comment