[OpenStack-Infra] Setting the bar higher for stackforge

Sandy Walsh sandy.walsh at RACKSPACE.COM
Mon Sep 15 16:47:13 UTC 2014 

>From: Jeremy Stanley [fungi at yuggoth.org]
>Sent: Monday, September 15, 2014 1:06 PM
>
>On 2014-09-15 14:36:59 +0000 (+0000), Sandy Walsh wrote:
>> For our group, the greatest value of StackForge is CLA management.
>[...]
>
>Out of curiosity, why is that a value to your StackForge project(s)?
>About the only benefit I could see is for projects targeting future
>inclusion in an official OpenStack Program, so that they don't have
>to retroactively get the permission of the contributors or their
>respective employers when that time comes.

It's the Corporate CLA that's needed. The companies that want to contribute
have already vetted and signed the CCLA.

They need protection in case someone contributes something nasty. 
Accidentally or intentionally. 

We aren't looking for inclusion in the foreseeable future. 

>> Honestly, I was kind of disappointed to lose our github
>> organization and having to mangle our repo names just for
>> organizational purposes.
>
>If your end goal is inclusion in OpenStack itself, then that was an
>inevitable organizational change anyway. OpenStack uses free
>software to manage its projects, so GitHub is out of the question.

Certainly, but code doesn't need to be sanctioned by the foundation to work
with OpenStack. Just as logstash, kibana, et al are used currently. If we can
make a great widget and our license is suitably permissive, is there a reason
we should need inclusion?

>> Would it be possible to just expose/extend/enforce the CLA side of
>> StackForge to repos outside of stackforge git?
>
>I fail to see what this would accomplish. The OpenStack Individual
>Contributor License Agreement only makes sense within the context of
>actual present/future OpenStack projects (and many of us even
>question whether it makes sense there).

It would let us continue developing our software as we are currently. Business
as usual. And it would protect the contributing companies just as the CCLA
does today. Getting these companies to vet and sign another CCLA would be very
hard to do. And us getting a new CCLA/ICLA in place would be impossible. 

We are OpenStack users and an OpenStack focused project. We're just
trying to do it with minimum bureaucracy.

More information about the OpenStack-Infra mailing list