遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/5413)
<a href="https://www.bestpractices.dev/projects/5413"><img src="https://www.bestpractices.dev/projects/5413/badge"></a>
Rust Kubernetes client and controller runtime
We only have 3 maintainers at the moment, things would clearly slow down if 2 disappeared.
https://kube.rs/maintainers/ all in different companies
This is a developer turn-off. We follow the IP policies set by CNCF. https://github.com/cncf/foundation/blob/main/copyright-notices.md#copyright-notices
We do not do this. We follow the IP policies set by CNCF. https://github.com/cncf/foundation/blob/main/copyright-notices.md#copyright-notices
Repository on GitHub, which uses git. git is distributed.
https://github.com/kube-rs/kube/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22 which github highlights for new contributors
2FA required in the github org
github does not support disallowing SMS based 2FA
Only partially covered at the moment. Key documents are: https://github.com/kube-rs/kube/blob/main/CONTRIBUTING.md https://raw.githubusercontent.com/kube-rs/kube/main/.github/PULL_REQUEST_TEMPLATE.md
code review required from another maintainer
rust does not support fully reproducible builds
cargo test runs full test suite (apart from e2e) which is standard for rust. https://github.com/kube-rs/kube/blob/main/CONTRIBUTING.md#testing
CI action is required with required github statuses before merges: https://github.com/kube-rs/kube/actions/workflows/ci.yml
Not that high yet.
We use TLS for all communication with the apiserver over HTTPS and secure websockets.
The kube client uses TLS via either rustls or openssl.
https://github.com/kube-rs/ is hardened as GitHub meets this.
Has not happened.
The project is written using entirely safe rust. https://github.com/kube-rs/kube/search?q=%23%21%5Bforbid%28unsafe_code%29%5D
inputs to kube proxy to the kubernetes apiserves, which is fuzzed upstream.
test code is behind #[cfg(test)], fuzzing is delegated to upstream.
后退