Skip to main content

Project Governance

Contribute / Project Governance

Project governance and policy

SDLC, supply-chain controls, and dependency license policy for OpenBao Operator.

Open SDLCOpen supply chain security

Project governance guides

  1. 01

    Software development lifecycle

    Planning, implementation, verification, release, and operations in the project lifecycle.

    Open
  2. 02

    Supply chain security

    Review provenance, reproducibility, signing, evidence, and release-control expectations.

    Open
  3. 03

    Supply-chain incident response

    Maintainer runbook for freezing Actions, suspending release automation, rotating trust roots, or inspecting publication state.

    Open
  4. 04

    Dependency license policy

    Understand which licenses are allowed for shipped binaries and how the policy is enforced.

    Open

Related maintainer work

Release managementRelease workflow for turning policy into an actual release event.Continuous integrationCI implementation that enforces many of these policy expectations in practice.
Next release documentation

You are reading the unreleased main docs. Use the version menu for the newest published release, or check the release notes for what is already out.

Was this page helpful?

Use Needs work to open a structured GitHub issue for this page. The Yes button only acknowledges the signal locally.

Needs work