Skip to content

docs: clarify ownership and cadence in base image update policy#1130

Merged
utksh1 merged 1 commit into
utksh1:mainfrom
Subramaniyajothi6:docs/base-image-policy-ownership-cadence
Jun 20, 2026
Merged

docs: clarify ownership and cadence in base image update policy#1130
utksh1 merged 1 commit into
utksh1:mainfrom
Subramaniyajothi6:docs/base-image-policy-ownership-cadence

Conversation

@Subramaniyajothi6

@Subramaniyajothi6 Subramaniyajothi6 commented Jun 20, 2026

Copy link
Copy Markdown
Contributor

Description

Clarifies who owns base-image updates and how often the checks run in docs/base_image_update_policy.md, verified against the actual CI.

  • Retitles §2 "Scheduled review cadence" → "Ownership & review cadence" and adds an Ownership table — maintainers own currency + approvals; CI owns automated detection; any contributor may open an update PR — plus a note that there is currently no CODEOWNERS.
  • Fixes a stale reference: the scan is the Trivy Vulnerability Scan workflow (.github/workflows/trivy-scan.yml), not a docker-image-scan workflow.
  • Makes the cadence precise: the weekly cron is Mondays 06:00 UTC (0 6 * * 1), and documents the previously-omitted triggers — push/PR that touch the Dockerfiles or dependency manifests, plus manual workflow_dispatch.
  • Cross-links the Trivy and Docker-hardening workflows and the Contacts / How-to-update sections.

Docs-only — no code or behavior change. References spot-checked against trivy-scan.yml, docker-hardening.yml, and both Dockerfiles; scripts/validate_doc_anchors.py passes.

Related Issues

Closes #869

@utksh1 — please review this PR. If you have any suggestions, please comment below.

@utksh1 utksh1 added level:beginner 20 pts difficulty label for small beginner-friendly PRs type:docs Documentation work category bonus label area:docs Documentation or contributor guide work labels Jun 20, 2026
utksh1
utksh1 approved these changes Jun 20, 2026
View reviewed changes

@utksh1 utksh1 left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Focused change with green checks; approving.

@utksh1 utksh1 merged commit b38c05b into utksh1:main Jun 20, 2026
17 checks passed
@utksh1 utksh1 added the gssoc:approved Admin validation: approved for GSSoC scoring label Jun 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@utksh1 utksh1 utksh1 approved these changes

Assignees

No one assigned

Labels

area:docs Documentation or contributor guide work gssoc:approved Admin validation: approved for GSSoC scoring level:beginner 20 pts difficulty label for small beginner-friendly PRs type:docs Documentation work category bonus label

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[DOCS] Clarify ownership and cadence in base image update policy

2 participants

@Subramaniyajothi6 @utksh1