Welcome to KubeArmor, and thank you for showcasing your interest in contributing to the KubeArmor community. We are excited to have you join us in improving Linux runtime security through Kubernetes. The KubeArmor community abides by the CNCF code of conduct. Here is an excerpt:
As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
Since, KubeArmor is part of the Kubernetes Community, we request you to also go through the following:
- Kubernetes Contributor Guide: Main contributor documentation.
- Contributor Cheat Sheet: Common resources for existing developers.
If you are new to the project or open source contributions in general, we encourage you to start by familiarizing yourself with KubeArmor via our KubeArmor Overview Wiki.
We maintain a list of curated issues that are great entry points:
- Good First Issues: Ideal for Beginners or new comers.
- Help Wanted Issues: Issues that need additional input, expertise, or effort from the community. Suitable for contributors who are ready to take on slightly more involved tasks.
- Backlog Issues: Issues that are planned or pending implementation. These are great for contributors looking for meaningful and scoped technical work.
For help setting up your development environment, refer to our Development Guide. To understand how to fork the repository and raise a PR, see our Contribution Guide.
To begin contributing with code, it's essential to set up KubeArmor locally. Please refer to our Development Guide for a step-by-step process to configure your environment and install necessary dependencies.
Contributions to KubeArmor are not limited to code. We welcome all kinds of improvements that help grow the ecosystem. Below are the different ways to contribute:
- Implement features or enhancements.
- Fix bugs and vulnerabilities.
- Write and improve unit tests, integration tests, and end-to-end tests.
- Ensure that each new feature or bug fix is covered with appropriate test cases.
- Refactor or optimize existing code without altering functionality.
- Documentation: Enhance existing documentation, fix typos, improve structure and readability, or add new content such as usage guides and tutorials.
- Community Engagement: Help moderate GitHub Discussions, participate in Slack conversations, answer user queries, and assist with onboarding new contributors.
- Content Creation: Write technical blogs, create visual content, or prepare conference presentations, videos, or policy templates that promote KubeArmor and educate the community.
Test coverage is crucial for the stability and maintainability of the project. When submitting new code, contributors are encouraged to:
- Add relevant unit tests in the corresponding test files.
- Include integration tests to validate how your feature interacts within the full system.
- Follow test naming conventions and use mocking/stubbing as needed.
- Run all tests locally before submitting a pull request.
- Contribute reusable and community-relevant Policy Templates.
- Example: A system policy to restrict access to the NGINX process that is applicable across many environments.
- Tutorials explaining the use of KubeArmor features (e.g., Policy Enforcement, Event Auditor, Visibility).
- Use-case focused articles explaining how KubeArmor secures workloads.
- Deep-dives into technical integrations and real-world deployment examples.
- Participate in discussions on GitHub Issues.
- Join Slack conversations (see below).
- Attend and engage in biweekly KubeArmor community meetings.
- Share feedback, suggest features, or discuss architectural decisions.
- Speak about KubeArmor in community meetups and security forums.
- Share slides, documentation, or user experiences with the team.
KubeArmor is dedicated to supporting contributors at all levels. Here’s how you can grow within the community:
You can contribute to KubeArmor through several open source mentorship programs:
- Google Summer of Code (GSoC): Contribute to well-defined projects under the mentorship of KubeArmor maintainers. GSoC typically runs in summer and is supported by CNCF.
- LFX Mentorship: Participate in guided mentorships under CNCF and Linux Foundation, working on security, observability, and performance improvements in KubeArmor.
Details of active or upcoming mentorship projects will be listed on the LFX Mentorship portal.
Experienced contributors who consistently contribute with quality code and help others can become mentors by:
- Supporting new contributors via Slack, GitHub, and community calls.
- Sharing best practices and reviewing pull requests.
Contributors who show initiative, strong technical ability, consistent engagement, and leadership will be considered for maintainer roles. Maintainers are responsible for:
- Reviewing and approving PRs.
- Triage and manage issue backlog.
- Guiding contributors and driving technical initiatives.
- Shaping the direction and roadmap of the project.
If you have any questions or need help while contributing:
- Slack Community: Join the KubeArmor Slack to engage in real-time discussions.
- Community Meetings: Attend our regular meetings listed in our GitHub README.
- GitHub Discussions: Use GitHub Discussions for long-form questions and ideas.
- Documentation: Refer to KubeArmor Docs for in-depth information.
- FAQs: Common queries and tips can be found in our README FAQ Section.
We look forward to your valuable contributions. Thank you for being part of the KubeArmor community!