diff --git a/keps/sig-security/3203-auto-refreshing-official-cve-feed/README.md b/keps/sig-security/3203-auto-refreshing-official-cve-feed/README.md index 12b151bf7b40..0082ca42688b 100644 --- a/keps/sig-security/3203-auto-refreshing-official-cve-feed/README.md +++ b/keps/sig-security/3203-auto-refreshing-official-cve-feed/README.md @@ -249,6 +249,8 @@ provide it to users of my platform. Google Cloud Bucket) - Using Hugo and other tooling (such as Netlify), publish the list from this JSON blob on official k8s website during `k/website` build +- Generate an RSS feed (atom format) with hugo templates using the generated + JSON blob ### Risks and Mitigations @@ -305,6 +307,8 @@ The steps to implement this design will involve a prow job that: - A GCS bucket needs to be created. Example PR for this looks like [this](https://github.com/kubernetes/k8s.io/pull/2570/files) +- Additional custom fields need to be added to make JSON feed compliant with + https://validator.jsonfeed.org/ ### Test Plan @@ -326,7 +330,15 @@ This is a process KEP implemented using periodic prow job. This KEP is not imple #### Alpha -- KEP implementation is still in alpha and will be moved to beta based on community feedback within the next couple of release cycles. +- Feature implemented with working JSON feed and tabular list +- Initial e2e testing completed and alerting setup for detecting failures + +#### Beta + +- Gather feedback from developers and end users +- Make JSON feed compliant with `jsonfeed` spec +- Add `RSS` feed for the CVE list +- Add fields that signal freshness of the data