From 73fd1991cc3f3500ab46545524196e9a81fe4d73 Mon Sep 17 00:00:00 2001 From: Mark O Brien Date: Mar 04 2022 14:30:37 +0000 Subject: add terms for sig.centos.org dns entries Signed-off-by: Mark O Brien --- diff --git a/docs/ci.md b/docs/ci.md index 794f13c..56c9f03 100644 --- a/docs/ci.md +++ b/docs/ci.md @@ -3,7 +3,7 @@ The CentOS Project has some resources available for each SIG to run some CI jobs/tests for their projects. We'll document soon how to get onboarded (on request) on the CentOS CI infra platform. -We offer the following resources : +We offer the following resources : * Openshift hosted jenkins (one per project/SIG), using usual authentication from FAS/ACO * bare-metal and/or Virtual Machines ephemeral nodes on which you can run some tests (including destructive ones), that will be automatically be reinstalled (for bare-metal) or discarded (for VMs) diff --git a/docs/index.md b/docs/index.md index 90f4ae2..d849bb2 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,12 +1,13 @@ # CentOS SIG Guide -CentOS Special Interest Groups are smaller groups within the CentOS community that focus feature work on or awareness around a topic related to CentOS Linux and CentOS Stream. +CentOS Special Interest Groups are smaller groups within the CentOS community that focus feature work on or awareness around a topic related to CentOS Linux and CentOS Stream. -This guide is for anyone interested in starting, managing, or contributing to a [CentOS Special Interest Group](https://wiki.centos.org/SpecialInterestGroup). +This guide is for anyone interested in starting, managing, or contributing to a [CentOS Special Interest Group](https://wiki.centos.org/SpecialInterestGroup). -You'll find on this (always involving) website best practices for each step in the process, including : +You'll find on this (always involving) website best practices for each step in the process, including : * How to [join](auth.md) a SIG * How to start [building](cbs.md) RPM packages or other artifacts * How to [test](ci.md) your packages - * How to [push to mirror](delivery.md) network + * How to [push to mirror](delivery.md) network + * Rules for [dns entries](sig-dns.md) under sig.centos.org diff --git a/docs/sig-dns.md b/docs/sig-dns.md new file mode 100644 index 0000000..4179040 --- /dev/null +++ b/docs/sig-dns.md @@ -0,0 +1,13 @@ +# sig.centos.org terms + +This outlines the conditions of a SIG managing infra themselves for which the centos team is not directly responsible on a centos.org subdomain. + +* A point of contact will need to be named and we will keep our own records for these contacts +* No illegal activity should occur on the hosted infrastructure +* Only content related to the SIG and/or centos should be served from this domain +* Centos and Red Hat will not be liable for any content served. +* No content should be served to any [T5 country](https://centos.org/legal/) +* The entry will be created with the following format `.sig.centos.org` +* When the entry is created a it will be a cname created with the format `.unmanaged-by.centos.org` for internal purposes this will then point to the A/AAAA record +* Security best practices should be put in place including but not limited to hsts and TLS v1.2 +* We reserve the right to temporarily remove the dns entry if these conditions are not met or in case of a serious security issue.