Git Product home page Git Product logo

Comments (37)

ultrasaurus avatar ultrasaurus commented on May 22, 2024 2

I'm thinking we should consider a static site generator like Hugo -- then we can keep meta-data in machine readable front-matter (though we could publish markdown as interim step, since I read that github now displays yaml front-matter)

from tag-security.

vicenteherrera avatar vicenteherrera commented on May 22, 2024 2

I'll help you, will build a first alpha prototype that we can use to discuss the information, content and appearance. ;-)

from tag-security.

ultrasaurus avatar ultrasaurus commented on May 22, 2024 1

@petermbenjamin added to TODO list -- need to follow-up with Amye to get an intro to the CNCF person who can answer whether there are any preferences on their side for URLs or visual styling.

I did nab cloud-native-security.info a while ago (before we started the CNCF WG / SIG process) and happy to donate that if people like it and we want / need our own domain. Though I do like security.cncf.io which seems more concise and readable.

from tag-security.

ultrasaurus avatar ultrasaurus commented on May 22, 2024 1

@mhausenblas will kick off an email thread to find the right person to coordinate with and cc you. It would be great if you could track that thread and update here as we learn answers

from tag-security.

caniszczyk avatar caniszczyk commented on May 22, 2024 1

hey @lucperkins from the CNCF can sketch out a simple hugo+netlify site

we can do something like sig-security.cncf.io

from tag-security.

lucperkins avatar lucperkins commented on May 22, 2024 1

@mhausenblas I've updated the site in progress with the desired front page content as well as a search bar: https://sig-security.netlify.com/.

I've left the previous documents in place largely to demonstrate the search functionality. They'll be removed later.

from tag-security.

ragashreeshekar avatar ragashreeshekar commented on May 22, 2024 1

@ultrasaurus I can help on the curation. Here is a first draft of the content that I think we can cover @vicenteherrera that's some good work already, thanks. Please let me know your thoughts as well, and how we could articulate this in the site you are building. `

Who we are

What we've done

How do we do this

STAG charter outlines the scope of our group activities, as part of our governance process which details how we work.

Top 5 things we are working on

How to get involved

  • Contributors

    • Slack channel

      • Hangout in the CNCF Slack
      • Our channel is #tag-security

    • Mailing list

      • Join our mailing list at CNCF Lists TAG-Security
      • Join the Mailing List to receive the calendar meeting invite.

    • Meeting calendar

      • CNCF Event Calendar
      • We meet every Wednesday at 10 am PT| 1 pm ET| 6 pm GMT

    • Zoom

      • Join our call live on Zoom
      • cncftagsecurity passcode: 77777

    • YouTube channel

      • Missed a meeting?
      • No drama - catch up from a recording!

    • Contact us

  • Security assessments

Related issues

Potentially related issues

@vicenteherrera, please share if there is any update.

Some of the planned content is now available within the TAG repository:

  1. Who we are, what do we do, and how do we do them? - https://github.com/cncf/tag-security/#readme
  2. Published whitepapers, reference architecture and resources are available at https://github.com/cncf/tag-security/blob/main/PUBLICATIONS.md
  3. Resources for projects - https://github.com/cncf/tag-security/tree/main/project-resources

from tag-security.

ultrasaurus avatar ultrasaurus commented on May 22, 2024

here are some ideas of data representations for the presentations: https://github.com/ultrasaurus/safe/tree/presentation-page-format/presentations

from tag-security.

izgeri avatar izgeri commented on May 22, 2024

I like the idea of having a directory structure that is indicative of the type of meeting transcripts that are included in that dir. Maybe each dir could have its own README with an index of the file inside? Or we could use a static site generator.

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

@ultrasaurus count me in. I've done a couple of sites with GitHub/Hugo combo already, the main question is where to host it. I usually use Amplify but I acknowledged the fact that Netlify is more popular (and arguably I'm biased re the former ;)

from tag-security.

pbnj avatar pbnj commented on May 22, 2024

Have we determined if this micro-site going to live as a subdomain on cncf.io or on its own domain?

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

@ultrasaurus would you mind stating if you take care of it or want me to do it?

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

Thanks, @ultrasaurus … yo @lucperkins can we sync regarding the micro-site, this week, please? My current understanding is that you'd be looking after infra (Hugo, hosting, etc.) and I more after the content? I suppose a quick (20min) meeting to resolve it would be ideal?

from tag-security.

lucperkins avatar lucperkins commented on May 22, 2024

Status update: I'm working on something that's publicly available at https://sig-security.netlify.com. I'm building that from my personal fork of this repo: https://github.com/lucperkins/sig-security/tree/lperkins/website. It's definitely a WIP but I think a decent skeleton for iteration.

If it would be beneficial, I can submit a PR and we can discuss/collaborate there.

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

@lucperkins: today @ultrasaurus and I sat together and developed a battle plan. Here's what we decided:

  • We continue to use your fork, please use #195 as the landing page content
  • Please add a client-side site search functionality
  • I will work on the presentation details content in my own fork, based on Sarah's templates

We can discuss details or open questions on the sig-security-web channel.

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

Awesome, thank you @lucperkins!

from tag-security.

mhausenblas avatar mhausenblas commented on May 22, 2024

Sorry for the long silence. Week after next (re:Invent) I'm back on track and wanted to see where we are with this issue and where/how I can contribute @ultrasaurus

from tag-security.

chasemp avatar chasemp commented on May 22, 2024

interested :)

from tag-security.

TheFoxAtWork avatar TheFoxAtWork commented on May 22, 2024

@vinayvenkat tagging you here for awareness/interest

we'll need to define an editorial team to curate content, field content. this applies to the microblog #451 issue as well - at least to get started.

@pragashj mentioned a potential subdomain upcoming? security.cncf.io ? need POC to confirm and help figure this out.

from tag-security.

apmarshall avatar apmarshall commented on May 22, 2024

Happy to help with this.

from tag-security.

chasemp avatar chasemp commented on May 22, 2024

Yep, seems like a great idea for discoverability and lots of stated points.

from tag-security.

lumjjb avatar lumjjb commented on May 22, 2024

I would like to see if we can create some alignment with the work around #551 , I think there could be possibly be a part of the same site as the CNSmap, https://cnsmap.vercel.app/

So maybe we could have Cloud Native Security Map be one section and have "Presentations" or other subsections in which everyone can contribute to. The current templating we have for the CNSmap is based on markdown, so technically we could work it in a way to reflect content of the repo well.

from tag-security.

lumjjb avatar lumjjb commented on May 22, 2024

Updating the issue comment for freshness of issue state

from tag-security.

stale avatar stale commented on May 22, 2024

This issue has been automatically marked as inactive because it has not had recent activity.

from tag-security.

lumjjb avatar lumjjb commented on May 22, 2024

The plan is to have the CNSMap site evolve to become the microsite. The next usecase to expand on would be the Cloud native security lexicon #735 .

from tag-security.

stale avatar stale commented on May 22, 2024

This issue has been automatically marked as inactive because it has not had recent activity.

from tag-security.

PushkarJ avatar PushkarJ commented on May 22, 2024

K8s SIGs have something similar as a service for sub-projects: https://github.com/kubernetes/community/blob/master/github-management/subproject-site-requests.md

from tag-security.

IAXES avatar IAXES commented on May 22, 2024

Following up on a discussion w/ @lumjjb on this ticket: I've helped a few friends + colleagues use ReadTheDocs/sphinx/rST for sites. Works quite nicely for developer-driven documents, easy to setup a build + publish pipeline in Concourse and/or GitHub Actions. Also supports citations, cross-referencing, "code as documentation", etc.

Examples:

I'd be able to throw together a demo pretty quickly, if there's interest.

from tag-security.

ultrasaurus avatar ultrasaurus commented on May 22, 2024

There were plenty of people willing to do the technical work, include CNCF staff who are available to help. What this project has always lacked is someone who is willing to curate content and, as needed, write/edit overview text for sections of the site.

from tag-security.

ragashreeshekar avatar ragashreeshekar commented on May 22, 2024

@ultrasaurus I can help on the curation.
Here is a first draft of the content that I think we can cover
@vicenteherrera that's some good work already, thanks. Please let me know your thoughts as well, and how we could articulate this in the site you are building.
`

Who we are

What we've done

How do we do this

STAG charter outlines the scope of our group activities, as part of our governance process which details how we work.

Top 5 things we are working on

  • SecurityCon at KubeCon+CloudNativeCon NA 2022 - #939
  • Cloud Native Security Controls Catalog v2 - #845
  • Serverless Security Whitepaper - #546
  • Cloud Native Security Map v2 - #737
  • Cloud Native Security Whitepaper - Audio project - #606

How to get involved

  • Contributors

    • Slack channel

      • Hangout in the CNCF Slack
      • Our channel is #tag-security

    • Mailing list

      • Join our mailing list at CNCF Lists TAG-Security
      • Join the Mailing List to receive the calendar meeting invite.

    • Meeting calendar

      • CNCF Event Calendar
      • We meet every Wednesday at 10 am PT| 1 pm ET| 6 pm GMT

    • Zoom

      • Join our call live on Zoom
      • cncftagsecurity passcode: 77777

    • YouTube channel

      • Missed a meeting?
      • No drama - catch up from a recording!

    • Contact us

  • Security assessments

Related issues

Potentially related issues

from tag-security.

vicenteherrera avatar vicenteherrera commented on May 22, 2024

Thanks for the proposed structure, I'll try to incorporate that to my test!

I've been preparing a test website, you can see it at: https://vicenteherrera.com/stag-web/
Code lives at the repo here: https://github.com/vicenteherrera/stag-web

Some interesting characteristics about it for this group:

  • Based on Jekyll (an open source ruby tool) and an open source theme
  • It generates a static website (plain HTML), that can be hosted on GitHub pages (as it shows in the test repo here), so less vulnerabilities to deal with, very quick rendering, and using GitHub as a free host (you can even associate your own domain to GitHub pages as I did).
  • Editing content is easy even if you don't know about web development using just markdown files like this one (that generates this url) Even blog posts are just markdown files.
  • When somebody wants to propose a change, he/she can open a PR that can be commented and accepted. You can render and browse a local version on your computer to check modifications.
  • The theme is quite clean and nice, it includes possibility of two menu navigation levels (horizontal and vertical) that gives flexibility to incorporate a lot of static pages not associated specifically to blog posts, as well as many other options.

I plan to work putting @ragashreeshekar shared content into this test, and when it's more mature, we can discuss the best way to really publish it and manage it.

from tag-security.

ultrasaurus avatar ultrasaurus commented on May 22, 2024

this is great to see! Thought I would chime in with some historical notes, in case it's helpful..

When we were looking at this long ago, we were thinking of having it be a view of the main repo (with slight changes to structure if needed), so that new content would also appear in the repo itself. It has been a long time since I used Jekyll, but I think most static site generators have flexibility to pull templates from a sub-directory and markdown content from multiple directories. Just a thought. Happy to talk sometime 1-1 or small group if helpful (just reach out on Slack)

from tag-security.

ragashreeshekar avatar ragashreeshekar commented on May 22, 2024

@ultrasaurus Thanks, @vicenteherrera, and I will surely get connected to you.
Hope the initial approach is ok, and we will reach out with some progress. Pls let us know your thoughts

from tag-security.

vicenteherrera avatar vicenteherrera commented on May 22, 2024

@ultrasaurus You are right. There are several options for a GitHub page: root folder, specific folder, different branch, and of course, different repository.
I believe same repository and using a specific directory (like "website") may be the better approach. That way you have the website content version linked to the rest of the content of the repository very easily, and the same review process to accept a PR should be in place.
In my case, right now I just want to build a proof of concept, where I can experiment without tainting the original repo with branches, and a lot of false start commits. Right now I've tested already three different themes (from which I forked their own repositories), and I think I will transition from having all the files of the theme in the repo, to just reference it for a cleaner directory, so people that doesn't know Jekyll a lot don't have to filter those out to get to the relevant ones.
But I think this theme is useful for us, and with @ragashreeshekar proposed structure it won't take long until we have a POC that we can use to discuss the final content and move to the main repository.

from tag-security.

stale avatar stale commented on May 22, 2024

This issue has been automatically marked as inactive because it has not had recent activity.

from tag-security.

stale avatar stale commented on May 22, 2024

This issue has been automatically marked as inactive because it has not had recent activity.

from tag-security.

anvega avatar anvega commented on May 22, 2024

Closing now that we have https://tag-security.cncf.io/. To further the discussion on refinement and maintenance of the site, feel free to file issues against the site repository directly.

from tag-security.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.