diff options
author | Carlos O'Donell <carlos@redhat.com> | 2024-02-28 14:51:01 -0500 |
---|---|---|
committer | Carlos O'Donell <carlos@redhat.com> | 2024-02-28 14:51:01 -0500 |
commit | 8d0dd83cadac25a7df6db8699c5c3c6fe875b6d1 (patch) | |
tree | 54d393da5be9653ee6f16449610cf5efad2b0215 /source/faq | |
parent | 2992ef6071d9f3d922d86a7140b8a671ee71603b (diff) | |
download | cti.coretoolchain.dev-8d0dd83cadac25a7df6db8699c5c3c6fe875b6d1.tar.gz |
faq: Add more difficult questions to the FAQ.
Added questions about why and when and the relationship with
the Sourceware project.
Diffstat (limited to 'source/faq')
-rw-r--r-- | source/faq/index.rst | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/source/faq/index.rst b/source/faq/index.rst index 1107cea..1ad148e 100644 --- a/source/faq/index.rst +++ b/source/faq/index.rst @@ -6,6 +6,56 @@ FAQ You have questions we have answers! +* Q: Can we keep deploying services as we have? + + * A: No. The GNU Toolchain is a critical foundation of trust for the GNU/Linux + ecosystem and the demands on its infrastructure, services, and security + requirements have grown over time. The trend of increasing complexity to + support its development and associated financial demands will not abate. + Different projects have different risk tolerances and the GNU Toolchain + must meet more stringent expectations to maintain the trust of the + ecosystem. It is with this context in mind that CTI has been formed. + +* Q: What concrete steps will CTI help with? + + * A: Some of the major goals include: + + * Isolating all services in VMs or containers to increase service + security and reduce service resource interference. + + * Allow volunteers to focus efforts outside of core infrastructure + maintenance. + + * Prepare for additional software supply chain requirements from + +* Q: Why are you currently using Linux Foundation IT as the service provider? + + * A: The CTI TAC recommendation is to use Linux Foundation IT services + for core infrastructure. The LF IT team already supports many of + the same services for the Linux kernel and at scale. The migration + would involve moving services from Sourceware.org to LF IT servers. + We continue to be thankful and appreciative of the time spent by + Sourceware.org volunteers in support of the current services. + +* Q: What is the urgency vs what is the timeline? + + * A: The GNU Toolchain community should be making consistent forward + progress to improve our infrastructure and cybersecurity position. + Showing progress is important for the ecosystem to trust us as a + secure and critical part of the software supply chain. We should + not wait until there are Cybersecurity regulations that are beyond + our ability to comply with as the FOSS ecosystem of tooling and + infrastructure. Projects of similar scope and importance have been + deploying significant resources for the use of the development community. + +* Q: Sourceware volunteers have fielded requests and organized volunteer + efforts that have worked well. Does LF allow volunteers to administer + the servers together with them? Have they in the past? + + * A: The CTI TAC is the point of contact for volunteers. CTI can fund + multiple activities, by multiple entities, and the way in which the + volunteers engage may differ between them. + * Q: How does this project relate to the GNU Project or the Free Software Foundation (FSF)? |