Setting up project info in repo

Signed-off-by: Ben <[email protected]>
kubescape · Oct 16, 2023 · 90b8f50 · 90b8f50
1 parent 8092c12
commit 90b8f50
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 17 deletions.
diff --git a/MAINTAINERS.md b/MAINTAINERS.md
@@ -0,0 +1,3 @@
+# Project maintainers
+
+Kubescape Storage is part of the Kubescape project, see maintainers [here](https://github.com/kubescape/kubescape/blob/master/MAINTAINERS.md)
diff --git a/README.md b/README.md
@@ -1,4 +1,7 @@
-# sample-apiserver
+# Kubescape Storage
+
+[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fkubescape%2Fstorage.svg?type=shield&issueType=license)](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubescape%2Fstorage?ref=badge_shield&issueType=license)
+
 
 Demonstration of how to use the k8s.io/apiserver library to build a functional API server.
 
@@ -203,4 +206,6 @@ only this superuser group is authorized.
    http --verify=no --cert client.crt --cert-key client.key \
       https://localhost:8443/apis/wardle.example.com/v1alpha1/namespaces/default/flunders
    ```
+## Changelog
 
+Kubescape Storage changes are tracked on the [release](https://github.com/kubescape/storage/releases) page
diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml
@@ -0,0 +1,45 @@
+header:
+  schema-version: 1.0.0
+  last-updated: '2023-10-12'
+  last-reviewed: '2023-10-12'
+  expiration-date: '2024-10-12T01:00:00.000Z'
+  project-url: https://github.com/kubescape/kubevuln/
+  project-release: '1.0.0'
+project-lifecycle:
+  stage: active
+  bug-fixes-only: false
+  core-maintainers:
+  - github:slashben
+  - github:craigbox
+  - github:matthyx
+  - github:dwertent
+contribution-policy:
+  accepts-pull-requests: true
+  accepts-automated-pull-requests: false
+  code-of-conduct: https://github.com/kubescape/kubescape/blob/master/CODE_OF_CONDUCT.md
+documentation:
+- https://github.com/kubescape/kubescape/tree/master/docs
+distribution-points:
+- https://github.com/kubescape/kubevuln/
+security-artifacts:
+  threat-model:
+    threat-model-created: false
+security-testing:
+- tool-type: sca
+  tool-name: Dependabot
+  tool-version: latest
+  integration:
+    ad-hoc: false
+    ci: true
+    before-release: true
+  comment: |
+    Dependabot is enabled for this repo.
+security-contacts:
+- type: email
+  value: [email protected]
+vulnerability-reporting:
+  accepts-vulnerability-reports: true
+  security-policy: https://github.com/kubescape/kubescape/security/policy
+  email-contact: [email protected]
+  comment: |
+    The first and best way to report a vulnerability is by using private security issues in GitHub.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,7 @@
+# Reporting Security Issues
+
+To report a security issue or vulnerability, submit a [private vulnerability report via GitHub](https://github.com/kubescape/kubevuln/security/advisories/new) to the repository maintainers with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
+
+The maintainers will respond within 7 working days of your report. If the issue is confirmed as a vulnerability, we will open a Security Advisory and acknowledge your contributions as part of it. This project follows a 90 day disclosure timeline.
+
+Other contacts: [email protected]
diff --git a/SECURITY_CONTACTS b/SECURITY_CONTACTS
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Project maintainers

		Kubescape Storage is part of the Kubescape project, see maintainers [here](https://github.com/kubescape/kubescape/blob/master/MAINTAINERS.md)