github.com/Heebron/moby@v0.0.0-20221111184709-6eab4f55faf7/CONTRIBUTING.md (about) 1 # Contribute to the Moby Project 2 3 Want to hack on the Moby Project? Awesome! We have a contributor's guide that explains 4 [setting up a development environment and the contribution 5 process](docs/contributing/). 6 7 [![Contributors guide](docs/static_files/contributors.png)](https://docs.docker.com/opensource/project/who-written-for/) 8 9 This page contains information about reporting issues as well as some tips and 10 guidelines useful to experienced open source contributors. Finally, make sure 11 you read our [community guidelines](#moby-community-guidelines) before you 12 start participating. 13 14 ## Topics 15 16 * [Reporting Security Issues](#reporting-security-issues) 17 * [Design and Cleanup Proposals](#design-and-cleanup-proposals) 18 * [Reporting Issues](#reporting-other-issues) 19 * [Quick Contribution Tips and Guidelines](#quick-contribution-tips-and-guidelines) 20 * [Community Guidelines](#moby-community-guidelines) 21 22 ## Reporting security issues 23 24 The Moby maintainers take security seriously. If you discover a security 25 issue, please bring it to their attention right away! 26 27 Please **DO NOT** file a public issue, instead send your report privately to 28 [security@docker.com](mailto:security@docker.com). 29 30 Security reports are greatly appreciated and we will publicly thank you for it, 31 although we keep your name confidential if you request it. We also like to send 32 gifts—if you're into schwag, make sure to let us know. We currently do not 33 offer a paid security bounty program, but are not ruling it out in the future. 34 35 36 ## Reporting other issues 37 38 A great way to contribute to the project is to send a detailed report when you 39 encounter an issue. We always appreciate a well-written, thorough bug report, 40 and will thank you for it! 41 42 Check that [our issue database](https://github.com/moby/moby/issues) 43 doesn't already include that problem or suggestion before submitting an issue. 44 If you find a match, you can use the "subscribe" button to get notified on 45 updates. Do *not* leave random "+1" or "I have this too" comments, as they 46 only clutter the discussion, and don't help resolving it. However, if you 47 have ways to reproduce the issue or have additional information that may help 48 resolving the issue, please leave a comment. 49 50 When reporting issues, always include: 51 52 * The output of `docker version`. 53 * The output of `docker info`. 54 55 Also include the steps required to reproduce the problem if possible and 56 applicable. This information will help us review and fix your issue faster. 57 When sending lengthy log-files, consider posting them as a gist (https://gist.github.com). 58 Don't forget to remove sensitive data from your logfiles before posting (you can 59 replace those parts with "REDACTED"). 60 61 ## Quick contribution tips and guidelines 62 63 This section gives the experienced contributor some tips and guidelines. 64 65 ### Pull requests are always welcome 66 67 Not sure if that typo is worth a pull request? Found a bug and know how to fix 68 it? Do it! We will appreciate it. Any significant improvement should be 69 documented as [a GitHub issue](https://github.com/moby/moby/issues) before 70 anybody starts working on it. 71 72 We are always thrilled to receive pull requests. We do our best to process them 73 quickly. If your pull request is not accepted on the first try, 74 don't get discouraged! Our contributor's guide explains [the review process we 75 use for simple changes](https://docs.docker.com/opensource/workflow/make-a-contribution/). 76 77 ### Design and cleanup proposals 78 79 You can propose new designs for existing Docker features. You can also design 80 entirely new features. We really appreciate contributors who want to refactor or 81 otherwise cleanup our project. For information on making these types of 82 contributions, see [the advanced contribution 83 section](https://docs.docker.com/opensource/workflow/advanced-contributing/) in 84 the contributors guide. 85 86 ### Connect with other Moby Project contributors 87 88 <table class="tg"> 89 <col width="45%"> 90 <col width="65%"> 91 <tr> 92 <td>Forums</td> 93 <td> 94 A public forum for users to discuss questions and explore current design patterns and 95 best practices about all the Moby projects. To participate, log in with your Github 96 account or create an account at <a href="https://forums.mobyproject.org" target="_blank">https://forums.mobyproject.org</a>. 97 </td> 98 </tr> 99 <tr> 100 <td>Slack</td> 101 <td> 102 <p> 103 Register for the Docker Community Slack at 104 <a href="https://dockr.ly/slack" target="_blank">https://dockr.ly/slack</a>. 105 We use the #moby-project channel for general discussion, and there are separate channels for other Moby projects such as #containerd. 106 </p> 107 </td> 108 </tr> 109 <tr> 110 <td>Twitter</td> 111 <td> 112 You can follow <a href="https://twitter.com/moby/" target="_blank">Moby Project Twitter feed</a> 113 to get updates on our products. You can also tweet us questions or just 114 share blogs or stories. 115 </td> 116 </tr> 117 </table> 118 119 120 ### Conventions 121 122 Fork the repository and make changes on your fork in a feature branch: 123 124 - If it's a bug fix branch, name it XXXX-something where XXXX is the number of 125 the issue. 126 - If it's a feature branch, create an enhancement issue to announce 127 your intentions, and name it XXXX-something where XXXX is the number of the 128 issue. 129 130 Submit tests for your changes. See [TESTING.md](./TESTING.md) for details. 131 132 If your changes need integration tests, write them against the API. The `cli` 133 integration tests are slowly either migrated to API tests or moved away as unit 134 tests in `docker/cli` and end-to-end tests for Docker. 135 136 Update the documentation when creating or modifying features. Test your 137 documentation changes for clarity, concision, and correctness, as well as a 138 clean documentation build. See our contributors guide for [our style 139 guide](https://docs.docker.com/opensource/doc-style) and instructions on [building 140 the documentation](https://docs.docker.com/opensource/project/test-and-docs/#build-and-test-the-documentation). 141 142 Write clean code. Universally formatted code promotes ease of writing, reading, 143 and maintenance. Always run `gofmt -s -w file.go` on each changed file before 144 committing your changes. Most editors have plug-ins that do this automatically. 145 146 Pull request descriptions should be as clear as possible and include a reference 147 to all the issues that they address. 148 149 ### Successful Changes 150 151 Before contributing large or high impact changes, make the effort to coordinate 152 with the maintainers of the project before submitting a pull request. This 153 prevents you from doing extra work that may or may not be merged. 154 155 Large PRs that are just submitted without any prior communication are unlikely 156 to be successful. 157 158 While pull requests are the methodology for submitting changes to code, changes 159 are much more likely to be accepted if they are accompanied by additional 160 engineering work. While we don't define this explicitly, most of these goals 161 are accomplished through communication of the design goals and subsequent 162 solutions. Often times, it helps to first state the problem before presenting 163 solutions. 164 165 Typically, the best methods of accomplishing this are to submit an issue, 166 stating the problem. This issue can include a problem statement and a 167 checklist with requirements. If solutions are proposed, alternatives should be 168 listed and eliminated. Even if the criteria for elimination of a solution is 169 frivolous, say so. 170 171 Larger changes typically work best with design documents. These are focused on 172 providing context to the design at the time the feature was conceived and can 173 inform future documentation contributions. 174 175 ### Commit Messages 176 177 Commit messages must start with a capitalized and short summary (max. 50 chars) 178 written in the imperative, followed by an optional, more detailed explanatory 179 text which is separated from the summary by an empty line. 180 181 Commit messages should follow best practices, including explaining the context 182 of the problem and how it was solved, including in caveats or follow up changes 183 required. They should tell the story of the change and provide readers 184 understanding of what led to it. 185 186 If you're lost about what this even means, please see [How to Write a Git 187 Commit Message](http://chris.beams.io/posts/git-commit/) for a start. 188 189 In practice, the best approach to maintaining a nice commit message is to 190 leverage a `git add -p` and `git commit --amend` to formulate a solid 191 changeset. This allows one to piece together a change, as information becomes 192 available. 193 194 If you squash a series of commits, don't just submit that. Re-write the commit 195 message, as if the series of commits was a single stroke of brilliance. 196 197 That said, there is no requirement to have a single commit for a PR, as long as 198 each commit tells the story. For example, if there is a feature that requires a 199 package, it might make sense to have the package in a separate commit then have 200 a subsequent commit that uses it. 201 202 Remember, you're telling part of the story with the commit message. Don't make 203 your chapter weird. 204 205 ### Review 206 207 Code review comments may be added to your pull request. Discuss, then make the 208 suggested modifications and push additional commits to your feature branch. Post 209 a comment after pushing. New commits show up in the pull request automatically, 210 but the reviewers are notified only when you comment. 211 212 Pull requests must be cleanly rebased on top of master without multiple branches 213 mixed into the PR. 214 215 **Git tip**: If your PR no longer merges cleanly, use `rebase master` in your 216 feature branch to update your pull request rather than `merge master`. 217 218 Before you make a pull request, squash your commits into logical units of work 219 using `git rebase -i` and `git push -f`. A logical unit of work is a consistent 220 set of patches that should be reviewed together: for example, upgrading the 221 version of a vendored dependency and taking advantage of its now available new 222 feature constitute two separate units of work. Implementing a new function and 223 calling it in another file constitute a single logical unit of work. The very 224 high majority of submissions should have a single commit, so if in doubt: squash 225 down to one. 226 227 After every commit, [make sure the test suite passes](./TESTING.md). Include 228 documentation changes in the same pull request so that a revert would remove 229 all traces of the feature or fix. 230 231 Include an issue reference like `Closes #XXXX` or `Fixes #XXXX` in commits that 232 close an issue. Including references automatically closes the issue on a merge. 233 234 Please do not add yourself to the `AUTHORS` file, as it is regenerated regularly 235 from the Git history. 236 237 Please see the [Coding Style](#coding-style) for further guidelines. 238 239 ### Merge approval 240 241 Moby maintainers use LGTM (Looks Good To Me) in comments on the code review to 242 indicate acceptance, or use the Github review approval feature. 243 244 For an explanation of the review and approval process see the 245 [REVIEWING](project/REVIEWING.md) page. 246 247 ### Sign your work 248 249 The sign-off is a simple line at the end of the explanation for the patch. Your 250 signature certifies that you wrote the patch or otherwise have the right to pass 251 it on as an open-source patch. The rules are pretty simple: if you can certify 252 the below (from [developercertificate.org](http://developercertificate.org/)): 253 254 ``` 255 Developer Certificate of Origin 256 Version 1.1 257 258 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 259 1 Letterman Drive 260 Suite D4700 261 San Francisco, CA, 94129 262 263 Everyone is permitted to copy and distribute verbatim copies of this 264 license document, but changing it is not allowed. 265 266 Developer's Certificate of Origin 1.1 267 268 By making a contribution to this project, I certify that: 269 270 (a) The contribution was created in whole or in part by me and I 271 have the right to submit it under the open source license 272 indicated in the file; or 273 274 (b) The contribution is based upon previous work that, to the best 275 of my knowledge, is covered under an appropriate open source 276 license and I have the right under that license to submit that 277 work with modifications, whether created in whole or in part 278 by me, under the same open source license (unless I am 279 permitted to submit under a different license), as indicated 280 in the file; or 281 282 (c) The contribution was provided directly to me by some other 283 person who certified (a), (b) or (c) and I have not modified 284 it. 285 286 (d) I understand and agree that this project and the contribution 287 are public and that a record of the contribution (including all 288 personal information I submit with it, including my sign-off) is 289 maintained indefinitely and may be redistributed consistent with 290 this project or the open source license(s) involved. 291 ``` 292 293 Then you just add a line to every git commit message: 294 295 Signed-off-by: Joe Smith <joe.smith@email.com> 296 297 Use your real name (sorry, no pseudonyms or anonymous contributions.) 298 299 If you set your `user.name` and `user.email` git configs, you can sign your 300 commit automatically with `git commit -s`. 301 302 ### How can I become a maintainer? 303 304 The procedures for adding new maintainers are explained in the 305 [/project/GOVERNANCE.md](/project/GOVERNANCE.md) 306 file in this repository. 307 308 Don't forget: being a maintainer is a time investment. Make sure you 309 will have time to make yourself available. You don't have to be a 310 maintainer to make a difference on the project! 311 312 ### Manage issues and pull requests using the Derek bot 313 314 If you want to help label, assign, close or reopen issues or pull requests 315 without commit rights, ask a maintainer to add your Github handle to the 316 `.DEREK.yml` file. [Derek](https://github.com/alexellis/derek) is a bot that extends 317 Github's user permissions to help non-committers to manage issues and pull requests simply by commenting. 318 319 For example: 320 321 * Labels 322 323 ``` 324 Derek add label: kind/question 325 Derek remove label: status/claimed 326 ``` 327 328 * Assign work 329 330 ``` 331 Derek assign: username 332 Derek unassign: me 333 ``` 334 335 * Manage issues and PRs 336 337 ``` 338 Derek close 339 Derek reopen 340 ``` 341 342 ## Moby community guidelines 343 344 We want to keep the Moby community awesome, growing and collaborative. We need 345 your help to keep it that way. To help with this we've come up with some general 346 guidelines for the community as a whole: 347 348 * Be nice: Be courteous, respectful and polite to fellow community members: 349 no regional, racial, gender, or other abuse will be tolerated. We like 350 nice people way better than mean ones! 351 352 * Encourage diversity and participation: Make everyone in our community feel 353 welcome, regardless of their background and the extent of their 354 contributions, and do everything possible to encourage participation in 355 our community. 356 357 * Keep it legal: Basically, don't get us in trouble. Share only content that 358 you own, do not share private or sensitive information, and don't break 359 the law. 360 361 * Stay on topic: Make sure that you are posting to the correct channel and 362 avoid off-topic discussions. Remember when you update an issue or respond 363 to an email you are potentially sending to a large number of people. Please 364 consider this before you update. Also remember that nobody likes spam. 365 366 * Don't send email to the maintainers: There's no need to send email to the 367 maintainers to ask them to investigate an issue or to take a look at a 368 pull request. Instead of sending an email, GitHub mentions should be 369 used to ping maintainers to review a pull request, a proposal or an 370 issue. 371 372 The open source governance for this repository is handled via the [Moby Technical Steering Committee (TSC)](https://github.com/moby/tsc) 373 charter. For any concerns with the community process regarding technical contributions, 374 please contact the TSC. More information on project governance is available in 375 our [project/GOVERNANCE.md](/project/GOVERNANCE.md) document. 376 377 ### Guideline violations — 3 strikes method 378 379 The point of this section is not to find opportunities to punish people, but we 380 do need a fair way to deal with people who are making our community suck. 381 382 1. First occurrence: We'll give you a friendly, but public reminder that the 383 behavior is inappropriate according to our guidelines. 384 385 2. Second occurrence: We will send you a private message with a warning that 386 any additional violations will result in removal from the community. 387 388 3. Third occurrence: Depending on the violation, we may need to delete or ban 389 your account. 390 391 **Notes:** 392 393 * Obvious spammers are banned on first occurrence. If we don't do this, we'll 394 have spam all over the place. 395 396 * Violations are forgiven after 6 months of good behavior, and we won't hold a 397 grudge. 398 399 * People who commit minor infractions will get some education, rather than 400 hammering them in the 3 strikes process. 401 402 * The rules apply equally to everyone in the community, no matter how much 403 you've contributed. 404 405 * Extreme violations of a threatening, abusive, destructive or illegal nature 406 will be addressed immediately and are not subject to 3 strikes or forgiveness. 407 408 * Contact abuse@docker.com to report abuse or appeal violations. In the case of 409 appeals, we know that mistakes happen, and we'll work with you to come up with a 410 fair solution if there has been a misunderstanding. 411 412 ## Coding Style 413 414 Unless explicitly stated, we follow all coding guidelines from the Go 415 community. While some of these standards may seem arbitrary, they somehow seem 416 to result in a solid, consistent codebase. 417 418 It is possible that the code base does not currently comply with these 419 guidelines. We are not looking for a massive PR that fixes this, since that 420 goes against the spirit of the guidelines. All new contributions should make a 421 best effort to clean up and make the code base better than they left it. 422 Obviously, apply your best judgement. Remember, the goal here is to make the 423 code base easier for humans to navigate and understand. Always keep that in 424 mind when nudging others to comply. 425 426 The rules: 427 428 1. All code should be formatted with `gofmt -s`. 429 2. All code should pass the default levels of 430 [`golint`](https://github.com/golang/lint). 431 3. All code should follow the guidelines covered in [Effective 432 Go](http://golang.org/doc/effective_go.html) and [Go Code Review 433 Comments](https://github.com/golang/go/wiki/CodeReviewComments). 434 4. Comment the code. Tell us the why, the history and the context. 435 5. Document _all_ declarations and methods, even private ones. Declare 436 expectations, caveats and anything else that may be important. If a type 437 gets exported, having the comments already there will ensure it's ready. 438 6. Variable name length should be proportional to its context and no longer. 439 `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`. 440 In practice, short methods will have short variable names and globals will 441 have longer names. 442 7. No underscores in package names. If you need a compound name, step back, 443 and re-examine why you need a compound name. If you still think you need a 444 compound name, lose the underscore. 445 8. No utils or helpers packages. If a function is not general enough to 446 warrant its own package, it has not been written generally enough to be a 447 part of a util package. Just leave it unexported and well-documented. 448 9. All tests should run with `go test` and outside tooling should not be 449 required. No, we don't need another unit testing framework. Assertion 450 packages are acceptable if they provide _real_ incremental value. 451 10. Even though we call these "rules" above, they are actually just 452 guidelines. Since you've read all the rules, you now know that. 453 454 If you are having trouble getting into the mood of idiomatic Go, we recommend 455 reading through [Effective Go](https://golang.org/doc/effective_go.html). The 456 [Go Blog](https://blog.golang.org) is also a great resource. Drinking the 457 kool-aid is a lot easier than going thirsty.