Become a Contributor, Open Issues, Participate
The Ortelius project is a community of technologist dedicated to the goal of simplifying the control of code-level vulnerabilities through the use of a unified evidence catalog. Collectively, we are a group of open-source developers and users who develop, use and promote Ortelius for the benefit of all. The project is incubating at the Continuous Delivery Foundation a part of the Linux Foundation which legally owns the project assets and act as treasury. The Ortelius Governance Board acts as public representatives of the project, when such representation is necessary, for example to interface with external entities such as the Continuous Delivery Foundation or Linux Foundation. The board also acts as the ultimate decision-making authority in case disputes cannot be resolved via the regular project community meeting. The decision-making ability of the board is more symbolic and based on consensus. A welcoming, global, diverse community. . . Ortelius welcomes all who are interested in learning and mentoring on the topic of DevOps in a cloud native architecture. The Ortelius community does not require participants to prove themselves before they are ‘admitted’ to the community. We assume that everybody has skills and experience to offer, and they do so with good intentions until proven otherwise. This principle applies to anybody without arbitrary discrimination. We recognize that every contribution is precious, and we actively encourage under served communities to become involved. To support a diverse and inclusive community our project structure is designed based on a microservice model, allowing individuals to have expertise in ‘bounded context,’ which create independent pieces, thereby reducing the need for collaboration and communication. We try to let everyone have their own swim lane where they can work efficiently, and not feel they are holding back any aspect of the project. We believe everyone has the right to express their ideas in their own contributions. This diverse community approach is also partly achieved by recognizing that people move on. Lots of code in the project is maintained by people other than the original author. We encourage new contributors to take over existing projects that aren’t actively maintained. We believe that “old” contributors deserve respect from “new” contributors, but the inaction on the part of the original contributors shall not block new contributors from making changes. We believe in running the project transparently. This includes everything from decision-making to defects in the code.
Governance Board Purpose
The purpose of the Board is to bring various perspectives to the table such as: As the composition of the Ortelius board changes over time, we want to ensure that this balance of viewpoints is maintained. In addition, the Governance Board should strive to be diverse and encourage women and minorities to run for Governance Board seats. This may require active outreach on the part of the Governance Board during each year’s election cycle. Steve Taylor is a visionary and industry leader in the area of DevSecOps process improvement, software build and release, and vulnerability management. Steve was designing continuous delivery pipelines for Fortune 1000 companies before the term ‘continuous integration’ was ever used. Steve is the CTO and Architect of DeployHub, the first vulnerability management platform that also versions and maps component security details to and their deployed locations. He is also the mastermind behind OpenMake Meister, a build automation solution that has served its customers for over 20 years. In his free time, Steve is a Volunteer Firefighter, plays hockey, builds houses and hangs out with his 4 dogs on his ranch in New Mexico.
Ortelius questions can be asked on the Ortelius Discord Channel or asked on the Ortelius Issues on GitHub List.
You will find the Ortelius team will be happy to answer questions and share tips and tricks for using Ortelius. Release announcements are posted to the GitHub Project. We’re also going to create an email newsletter for us to keep everyone informed. Ortelius bugs should be reported to GitHub after signing up for a free GitHub account. Before reporting a bug, please use the bug/issue search to see if the issue has already been reported. This is listed on the bottom of the docs page for any module. To be respectful of reviewers’ time and allow us to help everyone efficiently, please send us the steps to recreate the issue. This will make fixing the issue go much quicker. Do not use the issue tracker for “how do I do this” type questions. Regardless of your experience level – Ortelius welcomes you. Learn more at Become a Contributor. Look at the Ortelius GitHub issues list, find an issue to work on, and see if you can help fix bugs. Or you can test pull requests for bug fixes and features. You can do this by checking out Ortelius, making a test branch off the main one, merging a GitHub issue, testing, and then commenting on that particular issue on GitHub. Or, would you like to look at the Onboarding process? Fine tune how the product works for newcomers? As you see, there are many ways to work on this open source project to help others manage microservices. That’s the goal. Every community can be strengthened by a diverse variety of viewpoints, insights, opinions, skillsets, and skill levels. However, with diversity comes the potential for disagreement and miscommunication. The purpose of this Code of Conduct is to ensure that disagreements and differences of opinion are conducted respectfully and on their own merits, without personal attacks or other behavior that might create an unsafe or unwelcoming environment. Topics around continuous delivery can be very diverse, everyone’s opinion is important. These policies are not designed to be a comprehensive set of Things You Cannot Do. We ask that you treat your fellow community members with respect and courtesy, and in general, Don’t Be A Jerk. This Code of Conduct is meant to be followed in spirit as much as in letter and is not exhaustive. All Ortelius events and participants therein are governed by this Code of Conduct and anti-harassment policy. We expect organizers to enforce these guidelines throughout all events, and we expect attendees, speakers, sponsors, and volunteers to help ensure a safe environment for our whole community. Specifically, this Code of Conduct covers participation in all Ortelius-related forums and mailing lists, code and documentation contributions, public IRC channels, private correspondence, and public meetings. Community members are… Considerate - Contributions of every kind have far-ranging consequences. Just as your work depends on the work of others, decisions you make surrounding your contributions to the Ortelius community will affect your fellow community members. You are strongly encouraged to take those consequences into account while making decisions. Patient - Asynchronous communication can come with its own frustrations, even in the most responsive of communities. Please remember that our community is largely built on volunteered time, and that questions, contributions, and requests for support may take some time to receive a response. Repeated “bumps” or “reminders” in rapid succession are not good displays of patience. Additionally, it is considered poor manners to ping a specific person with general questions. Pose your question to the community as a whole, and wait patiently for a response. Respectful - Every community inevitably has disagreements, but remember that it is possible to disagree respectfully and courteously. Disagreements are never an excuse for rudeness, hostility, threatening behavior, abuse (verbal or physical), or personal attacks. Kind - Everyone should feel welcome in the Ortelius community, regardless of their background. Please be courteous, respectful and polite to fellow community members. Do not make or post offensive comments related to skill level, gender, gender identity or expression, sexual orientation, disability, physical appearance, body size, race, or religion. Sexualized images or imagery, real or implied violence, intimidation, oppression, stalking, sustained disruption of activities, publishing the personal information of others without explicit permission to do so, unwanted physical contact, and unwelcome sexual attention are all strictly prohibited. Additionally, you are encouraged not to make assumptions about the background or identity of your fellow community members. Inquisitive - The only stupid question is the one that does not get asked. We encourage our users to ask early and ask often. Rather than asking whether you can ask a question (the answer is always yes!), instead, simply ask your question. You are encouraged to provide as many specifics as possible. Code snippets in the form of Gists or other paste site links are almost always needed in order to get the most helpful answers. Refrain from pasting multiple lines of code directly into the IRC channels – instead use gist.github.com or another paste site to provide code snippets. Helpful -
The Ortelius community is committed to being a welcoming environment for all users, regardless of skill level. We were all beginners once upon a time, and our community cannot grow without an environment where new users feel safe and comfortable asking questions. It can become frustrating to answer the same questions repeatedly; however, community members are expected to remain courteous and helpful to all users equally, regardless of skill or knowledge level. Avoid providing responses that prioritize snideness and snark over useful information. At the same time, everyone is expected to read the provided documentation thoroughly. We are happy to answer questions, provide strategic guidance, and suggest effective workflows, but we are not here to do your job for you. Harassment includes (but is not limited to) all of the following behaviors: Participants asked to stop any harassing behavior are expected to comply immediately. Sponsors are also subject to the anti-harassment policy. In particular, sponsors should not use sexualized images, activities, or other material. Meetup organizing staff and other volunteer organizers should not use sexualized attire or otherwise create a sexualized environment at community events. In addition to the behaviors outlined above, continuing to behave a certain way after you have been asked to stop also constitutes harassment, even if that behavior is not specifically outlined in this policy. It is considerate and respectful to stop doing something after you have been asked to stop, and all community members are expected to comply with such requests immediately. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting , or to the local organizers of an event. Meetup organizers are encouraged to prominently display points of contact for reporting unacceptable behavior at local events. If a participant engages in harassing behavior, the meetup organizers may take any action they deem appropriate. These actions may include but are not limited to warning the offender, expelling the offender from the event, and barring the offender from future community events. Organizers will be happy to help participants contact security or local law enforcement, provide escorts to an alternate location, or otherwise assist those experiencing harassment to feel safe for the duration of the meetup. We value the safety and well-being of our community members and want everyone to feel welcome at our events, both online and offline. We expect all participants, organizers, speakers, and attendees to follow these policies at our all of our event venues and event-related social events. The Ortelius Community Code of Conduct is licensed under the Creative Commons Attribution-Share Alike 3.0 license. Our Code of Conduct was adapted from Codes of Conduct of other open source projects, including: The purpose of the Ortelius Governance Board is to bring various perspectives to the table such as: As the composition of the Ortelius board changes over time, we want to ensure that this balance of viewpoints is maintained. In addition, the Governance Board should strive to be diverse and encourage women and minorities to run for Governance Board seats. This may require active outreach on the part of the Governance Board during each year’s election cycle.
Governance Board Goals: The Governance Board is made up of nine individuals. Steve Taylor, the original creator of the Ortelius Core code will be provided a permanent seat on the Governance Board until he decides to step down. The remaining 8 board members will serve a 2-year term, except for 3 members who are initially elected to serve a 1-year term. This will allow the rotation of 3 new members being elected each subsequent year. The Board has the power to add additional seats if required but must maintain an uneven number of Board Members.
No single Company or Organization shall have employees or representatives that make up more than 50% of the Board.
The Governance Board follows Robert’s Rules of Order for running all meetings. The Governance Board will meet at a minimum of 4 times per year, and can determine the dates, time, and location of the meeting. Meetings can be held in person or remote. The Governance Board has the power to define Officer roles and hold elections of those Officers. The Board shall maintain a minimum of two Officer roles one to serve as the Board Chair and the other to serve as the Board Secretary. The responsibility of the Board Chair is to call the meetings to order, manage the meeting agenda and call the meeting to end. The Board Secretary will be responsible for recording the minutes of the meeting and maintaining meeting records. Officer positions are for 1 year terms. The Board shall elect Officers on the first meeting following the election of new Board Members.
Additional Officer roles can be determined by the board. Suggested roles include: Officer roles can be shared between multiple individuals and called ‘co-officers’ if needed. Current Governing Board Members There will be two permanent Non-voting Board Attendees, the Ambassador Chair and the Champions Chair. These two positions will be a one year term. Elections will be held at the same time as the General Board elections.
The purpose of the Champion Chair is to represent the general Architecture and Committer community. They will be responsible for holding regular Architecture meetings and working with the General Board to communicate and resolve issues. The purpose of the Ambassador Chair is to represent the general Outreach Community, hold regular meetings and work with the General board to communicate and resolve issues.
The Board can invite other individuals to the Board meetings, such as Technology Oversight Committee (TOC) members. These guest members will not have the right to vote if a vote is required. They can provide input by providing a non-binding vote. The election process is driven by the Ortelius Governance Board and must be initiated in September of each year, with Board Seat winners announcements in December of that year.
General members of the Ortelius Community will be encouraged to nominate themselves and others to the General Board and the Ambassador and Committee Chairs. Anyone can be nominated to the Board or Committee Chair including individuals who are not part of the general Ortelius Community. Nominations can be done via email or an online form. The method of nomination will be determined by the Governance Board. Nominations must be initiated before the end of September. Committee Chairs can be managed as ‘Co-Chairs’ if required.
The Board will determine when to close nominations and open voting. Voting will be done by the General Ortelius Community defined by the list of all individuals currently receiving emails and meeting invites. An ‘opt-out’ email will be provided allowing members to be removed from the voting process. Elections will be held via an online voting service such as Condorcet Internet Voting Service, determined by the Governance Board. Election announcements must be completed by the first week of December.Who We Are
Our Philosophy
Transparency
Ortelius Project Chair: Steve Taylor
I’ve Got A Question
I’d Like To Keep Up With Release Announcements
I’d Like To Report A Bug
How Do I Find Ortelius on Social Media
I’d Like To Join the Ortelius OS Community
How do I get started
Community Code of Conduct
Anti-harassment policy
Policy violations
Ortelius Governance Board Bylaws
Board Terms and Rules
Governance Board Officers
Non-Voting Board Attendees
Board and Committee Chair Election Process