|
| 1 | +<!-- SPDX-License-Identifier: CC-BY-4.0 --> |
| 2 | + |
| 3 | +# Conformance Programs for CNCF Projects |
| 4 | + |
| 5 | +## Background and Context |
| 6 | + |
| 7 | +A core strength of CNCF projects, like any other open source project, is that |
| 8 | +anyone can use and modify them for any purpose. The Apache-2.0 license used by |
| 9 | +CNCF projects permits anyone to reuse and modify the code however they want |
| 10 | +(subject to complying with the applicable open source licenses). This ability to |
| 11 | +modify, extend and improve upon the project enables the code to evolve beyond |
| 12 | +the contributors' expectations for use cases and functionality. |
| 13 | + |
| 14 | +At the same time, there is benefit to the broader community in seeing downstream |
| 15 | +products and offerings remaining generally aligned and minimizing divergence. |
| 16 | +Doing so improves compatibility and interoperability among solutions that are |
| 17 | +built upon CNCF projects. This benefits end users and consumers because it helps |
| 18 | +ensure that their expectations are met about the functionality provided by a |
| 19 | +solution that leverages a CNCF project. It can also help ensure compatibility of |
| 20 | +plugins, or consistency in interfaces when customers move from one community or |
| 21 | +vendor offering to another. |
| 22 | + |
| 23 | +Rather than prohibiting divergence by limiting license rights to the code, CNCF |
| 24 | +projects can instead put in place a **conformance program**. This document |
| 25 | +discusses conformance programs and provides some guidelines and recommendations |
| 26 | +for CNCF projects that are considering adopting one. |
| 27 | + |
| 28 | +## Active CNCF Conformance Programs |
| 29 | + |
| 30 | +Project | Program repo | Program website |
| 31 | +------- | ------------ | --------------- |
| 32 | +Kubernetes | https://github.com/cncf/k8s-conformance/ | https://www.cncf.io/certification/software-conformance/ |
| 33 | +Prometheus | TBD | TBD |
| 34 | + |
| 35 | +## Purpose |
| 36 | + |
| 37 | +With a **conformance program**, a project defines what it means for a downstream |
| 38 | +community project or vendor solution to be "conformant", in the particular |
| 39 | +context of their project's technology and ecosystem. |
| 40 | + |
| 41 | +Depending on the nature of the project's technology and use, "conformant" |
| 42 | +solutions could include one or more of the following categories: |
| 43 | +* distributions derived from the project code that, even if modified, remain |
| 44 | + compatible with some or all of its APIs; |
| 45 | +* solutions that meet defined technical requirements for interfacing with the |
| 46 | + project, such as plugins; |
| 47 | +* compliance with a checklist of technical criteria such as performance or |
| 48 | + security requirements; |
| 49 | +* or, other categories of technical solutions that relate to compatibility and |
| 50 | + interoperability with the project |
| 51 | + |
| 52 | +The conformance program will include a **conformance badge** design. The badge |
| 53 | +typically incorporates the project name and logo design, together with a phrase |
| 54 | +such as "Conformant" or "Certified". |
| 55 | + |
| 56 | +A downstream community or vendor can participate in a conformance program by |
| 57 | +demonstrating that their solution meets the project's defined requirements to be |
| 58 | +"conformant". In exchange for demonstrating this, the community or vendor |
| 59 | +solution can use the conformance badge and phrase to describe their solution as |
| 60 | +conformant. In some cases, they may also be able to include the project's name |
| 61 | +as part of their own solution's name. |
| 62 | + |
| 63 | +## Structure |
| 64 | + |
| 65 | +A conformance program typically consists of several related components: |
| 66 | +* conformance technical definition |
| 67 | +* tool for evaluating conformance (e.g., self-testing suite) |
| 68 | +* conformance badge collateral: |
| 69 | + * conformance phrase (e.g., "Certified Kubernetes") |
| 70 | + * badge design (e.g., [Certified Kubernetes badge]) |
| 71 | + * visual branding guidelines (e.g., [Certified Kubernetes Brand Guidelines]) |
| 72 | +* conformance program legal documents: |
| 73 | + * Terms and Conditions (e.g., [Certified Kubernetes T&Cs]) |
| 74 | + * Participation Form (e.g., [Certified Kubernetes Participation Form]) |
| 75 | +* public repo where conformant (e.g., [Certified Kubernetes repo]) |
| 76 | +* public website where conformant offerings are displayed (e.g., [Certified Kubernetes offerings]) |
| 77 | + |
| 78 | +## Roles |
| 79 | + |
| 80 | +* **CNCF Governing Board**: |
| 81 | + * authorizes the launching and operation of any project conformance program, |
| 82 | + as part of its oversight of CNCF assets (i.e., the project trademarks) |
| 83 | + * see [CNCF Charter], sections 5(b)(iv), 5(d)(viii) |
| 84 | +* **Project technical community**: |
| 85 | + * defines scope and specifics of conformance definition |
| 86 | + * develops self-testing / conformance evaluation tools alongside the project's |
| 87 | + open source codebases |
| 88 | +* **CNCF and Linux Foundation staff**: |
| 89 | + * LF legal team defines the terms and conditions / participation form in |
| 90 | + coordination with project team and Governing Board |
| 91 | + * LF Creative Services team can assist with preparing the conformance badge |
| 92 | + design and brand guidelines |
| 93 | + * CNCF staff coordinate the receipt of participant submissions and updating of |
| 94 | + conformant offerings websites, etc. |
| 95 | + |
| 96 | +## Guidelines and Recommendations |
| 97 | + |
| 98 | +As noted above, the CNCF Governing Board has authority to determine whether to |
| 99 | +launch and maintain a conformance program. |
| 100 | + |
| 101 | +Accordingly, the following comments are recommendations for some considerations |
| 102 | +that the Governing Board might take into account when evaluating a project's |
| 103 | +proposed conformance program. Keep in mind though that the Governing Board is |
| 104 | +not bound by just these considerations. |
| 105 | + |
| 106 | +* **Compatibility** and **interoperability**: |
| 107 | + * The conformance definition should focus on technical criteria that improve |
| 108 | + compatibility and interoperability across the ecosystem as a whole. |
| 109 | + * Non-technical considerations, such as business goals or licensing structures |
| 110 | + for downstream solutions, should not be taken into account in the |
| 111 | + conformance definition. |
| 112 | + * Like all other project activities, the conformance program and its |
| 113 | + development is subject to the [Linux Foundation Antitrust Policy]. |
| 114 | +* **Openness** and **transparency**: |
| 115 | + * A conformance definition and self-testing tools should be developed openly. |
| 116 | + * A project should consider establishing a working group or similar subgroup |
| 117 | + to focus on developing the conformance definition and tools. |
| 118 | + * The repo where it is developed should be open and recurring meetings where |
| 119 | + it is discussed should be publicized. |
| 120 | + * Participants in discussions should have the opportunity to share, discuss |
| 121 | + and advocate for the merit of their views. However, not all views will |
| 122 | + necessarily be followed or implemented. |
| 123 | + * Decisions of the working group should be discussed openly in meetings, |
| 124 | + mailing list discussions, and/or publicly-visible issue threads. |
| 125 | +* **Neutrality** with **multiple participants**: |
| 126 | + * A conformance program should reflect involvement from multiple vendors, |
| 127 | + users and stakeholders, and not just a single person or company. |
| 128 | + * The project should be able to demonstrate that the conformance definition |
| 129 | + and self-testing tools were developed with input from multiple participants. |
| 130 | + * The conformance program should ideally have multiple participating solutions |
| 131 | + ready to announce conformance upon launch. CNCF staff can work with early |
| 132 | + participants to enable validation of conformance prior to launch to assist |
| 133 | + with this. |
| 134 | +* **Objectivity**: |
| 135 | + * To the extent possible, conformance definition elements should be based on |
| 136 | + objectively-measurable criteria, rather than subjective considerations |
| 137 | + requiring personal evaluation and determination. |
| 138 | + * Decisions on what is included in, or excluded from, the conformance |
| 139 | + definition and test suite should be based on technical merit, in light of |
| 140 | + the goals of aligning with the project codebase and fitting with reasonable |
| 141 | + expectations of end users of the project. |
| 142 | +* **Appropriate for project's maturity stage**: |
| 143 | + * Conformance programs are more likely to be appropriate for CNCF projects |
| 144 | + that are at the Graduated or Incubating stage. |
| 145 | + * Sandbox projects may be too early in their maturity stage to have the broad |
| 146 | + adoption, and alignment of multiple participants, that make a conformance |
| 147 | + program relevant and appropriate. |
| 148 | +* **Evolving over time**: |
| 149 | + * Conformance definitions are frequently aligned with a particular version or |
| 150 | + release of the project software. |
| 151 | + * A project that adopts a conformance program should be prepared to maintain |
| 152 | + it on an ongoing basis, so that it continues to remain relevant and |
| 153 | + up-to-date as the project itself evolves. |
| 154 | + |
| 155 | +## Starting a conformance program |
| 156 | + |
| 157 | +If your project is interested in initiating a conformance program, we'd recommend starting by reviewing the materials linked from this document, and considering whether your project is at a stage where it would be a good fit. |
| 158 | + |
| 159 | +If your project wants to proceed, you can open up a GitHub issue in this repo or contact CNCF staff at [email protected] |
| 160 | + |
| 161 | +We can set up a conversation with LF staff to discuss the conformance program goals, begin drafting T&Cs and more. CNCF staff can also start the process of socializing the program with the CNCF GB, in preparation for a later GB vote on approving the program. |
| 162 | + |
| 163 | +Note that developing the conformance definition and self-testing tools can be the most time-consuming part of rolling out a conformance program. These will need to be ready with community consensus before the program can be considered by the GB for launch. You will likely want to discuss this with multiple participants from your community to see if there is alignment on moving forward. |
| 164 | + |
| 165 | +## Additional resources |
| 166 | + |
| 167 | +An [LF blog post] from July 2020 provides more details about conformance |
| 168 | +programs generally, as well as some other Linux Foundation projects that have |
| 169 | +implemented a conformance program. |
| 170 | + |
| 171 | +[LF blog post]: https://www.linuxfoundation.org/en/blog/driving-compatibility-with-code-and-specifications-through-conformance-trademark-programs/ |
| 172 | +[Certified Kubernetes badge]: https://github.com/cncf/artwork/blob/master/projects/kubernetes/certified-kubernetes/versionless/color/certified-kubernetes-color.png |
| 173 | +[Certified Kubernetes Brand Guidelines]: https://github.com/cncf/artwork/blob/master/projects/kubernetes/certified-kubernetes/certified-kubernetes-brand-guide.pdf |
| 174 | +[Certified Kubernetes T&Cs]: https://github.com/cncf/k8s-conformance/blob/master/terms-conditions/Certified_Kubernetes_Terms.md |
| 175 | +[Certified Kubernetes Participation Form]: https://github.com/cncf/k8s-conformance/blob/master/participation-form/Certified_Kubernetes_Form.pdf |
| 176 | +[Certified Kubernetes repo]: https://github.com/cncf/k8s-conformance/ |
| 177 | +[Certified Kubernetes offerings]: https://www.cncf.io/certification/software-conformance/ |
| 178 | +[CNCF Charter]: https://github.com/cncf/foundation/blob/master/charter.md |
| 179 | +[Linux Foundation Antitrust Policy]: https://www.linuxfoundation.org/antitrust-policy/ |
0 commit comments