Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Mo Khan, Micah Hausler
2023-04-20
tldr - powered by Generative AI
The presentation discusses the process of reporting and handling security issues in Kubernetes, including the role of the Security Committee and the Bug Bounty program.
- The Security Committee assesses reported issues and works with code owners to determine if they are legitimate security issues.
- CVEs are issued for security issues and the release team is involved if the issue affects core Kubernetes.
- Distributors are notified for medium or high severity issues that may affect their users.
- The Bug Bounty program offers rewards for responsibly reported security issues.
- Reporting security issues through HackerOne or the email list is encouraged.
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Tim Pepper, Christoph Blecker, Nabarun Pal, Stephen Augustus, Benjamin Elder, Bob Killen
2022-10-28
tldr - powered by Generative AI
The biggest challenges facing Kubernetes are sustainability, test code base, and enabling part-time contributors.
- Kubernetes faces challenges with sustainability due to a lack of reviews, approvals, and responsive approvals
- The project is skewed towards full-time contributors and needs to figure out a process to enable part-time contributors
- The test code base is a challenge for contributors, as tests they didn't write are failing