incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hen <bay...@apache.org>
Subject Re: Tying Dockerhub into development and release management
Date Fri, 08 Feb 2019 00:55:11 GMT
On Thu, Feb 7, 2019 at 4:43 PM Hen <bayard@apache.org> wrote:

>
>
> On Thu, Feb 7, 2019 at 1:49 PM Justin Mclean <justin@classsoftware.com>
> wrote:
>
>> Hi,
>>
>> > 2. The PPMC should not publish software outside of Apache controlled
>> locations.
>>
>> I’m trying to find where the above has come from as I can find anything
>> in the release or distribution policies. [1] says “It is appropriate to
>> distribute official releases through downstream channels, but inappropriate
>> to distribute unreleased materials through them.”, [4] say this is OK "In
>> all such cases, the binary/bytecode package must have the same version
>> number as the source release and may only add binary/bytecode files that
>> are the result of compiling that version of the source code release.”
>>
>> So everything there  to me is saying it’s OK to distribute versions of
>> release software on platforms like docker and I not sure where the "Apache
>> controlled locations only” restriction has come from.
>>
>
> I'm trying to understand from the thread on legal-discuss on the subject.
> Which frankly I think I'm failing to do.
>
> I see these DockerHub accounts:
>
> https://hub.docker.com/_/httpd   (HTTP Server from Docker?)
> https://hub.docker.com/r/bitnami/apache/  (HTTP Server from Bitnami)
> https://hub.docker.com/u/apache (various images from the ASF)
>
> I assume that "https://hub.docker.com/u/apache" is an Apache controlled
> location, so publishing Apache images from there is fine provided they obey
> our policies (release policy, website policy etc).
>
> On the other hand, Docker and Bitnami do not have to obey our release
> policy for their publishing locations, just our license/trademark-policy.
>
> Assuming the ASF control /apache, which I think believe do, Docker works.
> Though "_/httpd" is confusing as to who that's coming from.
>
> I get more confused in other areas (PyPI, npm) where we don't have a clear
> namespace for acts of the foundation. Is
> https://pypi.org/project/apache-beam/ an act of the PMC or an act of some
> random folk who may or may not overlap with the PMC. It seems it's the
> latter (ie: Pypi packages are not an act of the PMC and therefore don't
> have to obey our release policy, just our license and trademark policy - I
> think that's nuts btw).
>
>
Tried to re-read the thread on legal-discuss and I'm more confused now than
before (though I did note that /u/apache is Apache controlled by Infra).

Ignore me on this thread. I'll take my ignorance off to a special corner
and let it beat me up a bit more.

Hen

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message