Define a policy for accepting commercial vendor plugins #4163
Labels
priority/backlog
Issue is approved and in the backlog
unscoped
The issue needs more design or understanding in order for the work to progress
Comments
evan2645
added
priority/backlog
|
This issue is stale because it has been open for 365 days with no activity. |
|
This issue is still relevant. |
3 tasks
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SPIRE has historically not accepted upstream plugin contributions for integration with commercial software. There have been several reasons cited - philosophical questions, difficulty in testing, and maintenance over time, are the primary concerns. That said, SPIRE does generally accept upstream plugin contributions for commercial integration when the integration in question is a compute platform, like AWS.
The concerns are real, and the project does struggle with some of those concerns when it comes to the existing plugins. For example, maintainers need AWS accounts in order to test the AWS plugins, testing is manual and time intensive. Changes in cloud vendor APIs sometimes go unnoticed, and we have had breakages. Investment is needed in this area, but getting that investment has also been hard.
This issue is being raised now as a result of #4162. The project needs a policy clearly defining the conditions necessary for accepting upstream plugins with regards to commercial integration. It's unfair to make the call on a case-by-case basis.
The text was updated successfully, but these errors were encountered: