[Libre-soc-dev] Submitting NLnet RfPs - How to?

Luke Kenneth Casson Leighton lkcl at lkcl.net
Tue Dec 5 21:36:03 GMT 2023 

On Tuesday, December 5, 2023, Andrey Miroshnikov via Libre-soc-dev <
libre-soc-dev at lists.libre-soc.org> wrote:
> Hi Luke,
>
> Based on our conversation on bug #701, Luke suggested to start a mailing
list thread which we can use as part of documenting RfP submission in
general. This will then be added to:
> https://libre-soc.org/HDL_workflow/libresoc_bug_process/

ah. yes. ok

so first thing: the secret URLs are to be respected and treated
as plaintext passwords. you DO NOT put them on the internet
or send them to people on publicly logged Libre-SOC resources.

  https://bugs.libre-soc.org/show_bug.cgi?id=1126#c48

second: you click the "submit" button then fill in your
bank details and name from the dropdown. then you put
in the amounts, under each milestone.

third: you go to the bugtracker and fill in the TOML field
with "name={amount: NNNN, submitted=YYYY-MM-DD}" in that
EXACT format, because it is machine-readable.

***EXERCISE EXTREME CAUTION HERE BECAUSE YOU ARE EDITING
  FINANCIAL BOOKKEEPING RECORDS***

if you are uncertain STOP DO NOT PROCEED ASK FOR ADVICE
IMMEDIATELY. it is best that you WAIT until someone on
IRC can walk you through the process, or set up a conference
call with screen-sharing to REVIEW YOUR CHANGES ***BEFORE***
YOU HIT THE BUGZILLA SUBMIT BUTTON.

fourth: you run the budget-sync program LOCALLY on your
personal machine, and if it produces errors and you know
how to correct them then do so, but if not STOP, do NOT
attempt further changes, instead IMMEDIATELY ask for help
on both IRC and the mailing list. this is a REQUIRED
(mandatory) action. do NOT if you make a mistake "just leave it"
as your actions will have consequences for everyone who then
also tries to run budget-sync.

fifth: find your own task_db/yourname.mdwn file,
return to the NLnet RFP and cut/paste the relevant
autogenerated sections into the "results" form.

you *do not* repeat DO NOT have to write a long-winded
report: you can write one *if it is useful to the project* but
should in no way feel "obligated to write one just for NLnet".
if you do write one it should be placed PUBLICLY onto
Libre-SOC resources, and the *URL* given in the associated
bugreport under comment #0 (which you can of course edit
to include it).

basically NLnet are flexible and trusting but MUST have
ACTUAL EVIDENCE of completion of the milestone, whatever that
may be, such that an EU Auditor is satisfied that no fraud
has taken place (yes, this *has* actually been attempted in
the past, by scammers).

sixth: hit the submit button, review the page and then
submit the RFP.

seventh: the MoU Signatory will have been notified by email,
and should review the submission.  DO NOT just "click yes",
you must ACTUALLY do Due Diligence as you are RESPONSIBLE
FOR ENSURING COMPLIANCE with the Memorandum of Understanding
and for knowing the FULL consequences of getting things right
or wrong here.

that's basically it, other than we have been asked by NLnet
to set up some CI which shows actual unit test results
passing (or, ha, failing). this will need some work as there
is NO WAY we can submit multi-megabyte unit test results
with THOUSANDS of unit tests... oh look, somwehere buried
in that there is ONE that is actully relevant.

no.

we need to keep NLnet's workload RIGHT down by giving
them as BRIEF and compact a "review" task as is humanly
possible whilst also giving them enough heads-up to
PRE-EMPT any EU Auditor questions.

PLEASE NOTE: for the >50k Grants an Audit is a *HUNDRED PERCENT*
guaranteed, as part of the *EU* Funding conditions. it is NOT
hypothetical or a "lottery" (like the one that came up a few
months ago where NLnet had its first *full* Audit of its
entire project suite, by an EU Auditor).

even for the <=50k Grants we there have to assume that an
Audit could take place at any time, and therefore also act
pre-emptively to provide NLnet with satisfactory answers
to questions that the EU Auditor will be asking to determine
if Fraud is or is not taking place.

i trust that that hammers home that this is in fact really
quite serious and a hell of a responsibility, because we are
representing NLnet's trust in us to keep these Financial
Records meticulously accurate, in order to not have ourselves
be accused of Fraud or money-laundering by the EU and thus
bring both ourselves *and NLnet* into serious disrepute.

as a reminder this was why i had to call an Emergency Freeze
and full audit of the OPF ISA WG Grant Financial Records a few
months ago. i *really* do not want ever to have to do that ever
again, so i expect everyone to LISTEN and take the above on
board and treat it with the seriousness it requires.

once again if there is anything you are hesitant about or
feel you must "assume" stop immediately and ask for help.

l.


-- 
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68

More information about the Libre-soc-dev mailing list