getsops · sabre1041 · Aug 30, 2025 · felixfontein · Aug 30, 2025
diff --git a/GOVERNANCE.md b/GOVERNANCE.md
@@ -0,0 +1,120 @@
+# SOPS Project Governance
+
+The SOPS project is dedicated to enabling the management of encrypted files in a variety of formals through a range of supported encryption backends.
+
+- [Values](#values)
+- [Maintainers](#maintainers)
+- [Becoming a Maintainer](#becoming-a-maintainer)
+- [CNCF Resources](#cncf-resources)
+- [Code of Conduct Enforcement](#code-of-conduct)
+- [Security Response Team](#security-response-team)
+- [Voting](#voting)
+- [Modifications](#modifying-this-charter)
+
+## Values
+
+The SOPS project and its leadership embrace the following values:
+
+* Openness: Communication and decision-making happens in the open and is discoverable for future
+  reference. As much as possible, all discussions and work take place in public
+  forums and open repositories.
+
+* Fairness: All stakeholders have the opportunity to provide feedback and submit
+  contributions, which will be considered on their merits.
+
+* Community over Product or Company: Sustaining and growing our community takes
+  priority over shipping code or sponsors' organizational goals.  Each
+  contributor participates in the project as an individual.
+
+* Inclusivity: We innovate through different perspectives and skill sets, which
+  can only be accomplished in a welcoming and respectful environment.
+
+* Participation: Responsibilities within the project are earned through
+  participation, and there is a clear path up the contributor ladder into leadership
+  positions.
+
+## Maintainers
+
+SOPS Maintainers have write access to the [getsops GitHub Organization](https://github.com/getsops).
+They can merge their own patches or patches from others. The current maintainers
+can be found in [MAINTAINERS.md](./MAINTAINERS.md).  Maintainers collectively manage the project's
+resources and contributors.
+
+This privilege is granted with some expectation of responsibility: maintainers
+are people who care about the SOPS project and want to help it grow and
+improve. A maintainer is not just someone who can make changes, but someone who
+has demonstrated their ability to collaborate with the team, get the most
+knowledgeable people to review code and docs, contribute high-quality code, and
+follow through to fix issues (in code or tests).
+
+A maintainer is a contributor to the project's success and a citizen helping
+the project succeed.
+
+The collective team of all Maintainers is known as the Maintainer Council, which
+is the governing body for the project.
+
+### Becoming a Maintainer
+
+To become a Maintainer you need to demonstrate the following:
+
+  * commitment to the project:
+    * participate in discussions, contributions, code and documentation reviews
+    * perform reviews for non-trivial pull requests,
+    * contribute non-trivial pull requests and have them merged,
+  * ability to write quality code and/or documentation,
+  * ability to collaborate with the team,
+  * understanding of how the team works (policies, processes for testing and code review, etc),
+  * understanding of the project's code base and coding and documentation style.
+
+A new Maintainer must be proposed by submitting an [Issue to the community repository](https://github.com/getsops/community/issues). A simple majority vote of existing Maintainers
+approves the application.  Maintainers nominations will be evaluated without prejudice to employer or demographics.
+
+Maintainers who are selected will be granted the necessary GitHub rights,
+and invited to the private maintainer mailing list.
+
+### Removing a Maintainer
+
+Maintainers may resign at any time if they feel that they will not be able to
+continue fulfilling their project duties.
+
+Maintainers may also be removed after being inactive, failure to fulfill their 
+Maintainer responsibilities, violating the Code of Conduct, or other reasons.
+Inactivity is defined as a period of very low or no activity in the project 
+for a year or more, with no definite schedule to return to full Maintainer 
+activity.
+
+A Maintainer may be removed at any time by a 2/3 vote of the remaining maintainers.
+
+Depending on the reason for removal, a Maintainer may be converted to Emeritus
+status.  Emeritus Maintainers will still be consulted on some project matters,
+and can be rapidly returned to Maintainer status if their availability changes.
+
+## CNCF Resources
+
+Any Maintainer may suggest a request for CNCF resources. A simple majority of Maintainers approves the request.  The Maintainers
+may also choose to delegate working with the CNCF to non-Maintainer community
+members, who will then be added to the [CNCF's Maintainer List](https://github.com/cncf/foundation/blob/main/project-maintainers.csv)
+for that purpose.
+
+## Code of Conduct
+
+[Code of Conduct](./CODE_OF_CONDUCT.md)
+violations by community members will be discussed and resolved
+amongst maintainers. If a Maintainer is directly involved
+in the report, the Maintainers will instead designate two Maintainers to work with the CNCF Code of Conduct Committee in resolving it.
+
+## Voting
+
+While most business in SOPS project is conducted by "[lazy consensus](https://community.apache.org/committers/lazyConsensus.html)", 
+periodically the Maintainers may need to vote on specific actions or changes.
+A vote can be taken for security or conduct matters. Any Maintainer may
+demand a vote be taken.
+
+Most votes require a simple majority of all Maintainers to succeed, except where
+otherwise noted.  Two-thirds majority votes mean at least two-thirds of all 
+existing maintainers.
-Most votes require a simple majority of all Maintainers to succeed, except where
-otherwise noted.  Two-thirds majority votes mean at least two-thirds of all 
-existing maintainers.
+All votes require that the number of votes in favor of the motion exceeds a threshold.
+In case of most votes, this is a simple majority of all persons that are entitled to
+vote, which usually is the group of all Maintainers:
+in these votes, the number of votes in favor of the motion must exceed half of the
+total number of Maintainers.
+
+In cases explicitly noted, the required number of votes in favor can be higher,
+and/or only a subset of all Maintainers are entitled to vote.
+
+Two-thirds majority votes (usually called "2/3 vote") require that the number of
+votes in favor of the motion is at least 2/3 of the total number of persons entitled
+to vote.
-Most votes require a simple majority of all Maintainers to succeed, except where
-otherwise noted.  Two-thirds majority votes mean at least two-thirds of all 
-existing maintainers.
+All votes require that the number of votes in favor of the motion exceeds a threshold.
+In case of most votes, this is a simple majority of all persons that are entitled to
+vote, which usually is the group of all Maintainers:
+in these votes, the number of votes in favor of the motion must exceed half of the
+total number of Maintainers.
+
+In cases explicitly noted, the required number of votes in favor can be higher,
+and/or only a subset of all Maintainers are entitled to vote.
+
+Two-thirds majority votes (usually called "2/3 vote") require that the number of
+votes in favor of the motion is at least 2/3 of the total number of persons entitled
+to vote.
+
+## Modifying this Charter
+
+Changes to this Governance and its supporting documents may be approved by 
+a 2/3 vote of the Maintainers.
diff --git a/README.md b/README.md
@@ -1,11 +1,7 @@
 # SOPS Community
 
-> **Note**
->
-> After being [accepted into the CNCF as a Sandbox project][sandbox-application],
-> we are bootstrapping our way into a proper GitHub organization. This
-> effectively means this repository is still in its infancy, while we work
-> through the [onboarding process][sandbox-onboarding].
+Resources for engagement with the [getsops](https://github.com/getsops) community.
 
-[sandbox-application]: https://github.com/cncf/sandbox/issues/28
-[sandbox-onboarding]: https://github.com/cncf/toc/issues/1057
+* [Code of Conduct](./CODE_OF_CONDUCT.md)
+* [Governance](./GOVERNANCE.md)
+* [Maintainers](./MAINTAINERS.md)