#openstack-meeting-alt log

17:02:24 <hyakuhei> #startmeeting Security
17:02:25 <openstack> Meeting started Thu Nov 10 17:02:24 2016 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:02:26 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:02:28 <openstack> The meeting name has been set to 'security'
17:02:29 <hyakuhei> o/
17:02:32 <lhinds> o/
17:02:47 <hyakuhei> I'm stuck on a call for the next 10-15 minutes :'(
17:02:50 <hyakuhei> #chair lhinds
17:02:51 <openstack> Current chairs: hyakuhei lhinds
17:03:15 <lhinds> looks like a low turnout, will grab the etherpad
17:03:20 <hyakuhei> cheers!
17:03:23 <hyakuhei> Yeah super quiet.
17:04:18 <lhinds> #topic agenda
17:04:26 <lhinds> #link https://etherpad.openstack.org/p/security-agenda
17:04:30 <hyakuhei> Maybe our times are in the wrong timezone lhinds ?
17:04:40 <lhinds> hyakuhei: I am thinking the same too
17:04:47 <hyakuhei> i.e we are both UK ?
17:04:51 <lhinds> umm <goes to google utc>
17:05:19 <lhinds> so its 17:00 which is correct
17:05:47 <hyakuhei> yupyup
17:06:48 <lhinds> k, do you want me to walk through the agenda, or you have a headset?
17:07:23 <lhinds> #topic Syntribos
17:07:31 <lhinds> any Syntribos folks here?
17:07:37 <unrahul> hey lhinds yup
17:07:46 <lhinds> ah cool..all yours unrahul
17:08:06 <unrahul> so we are in the process of setting up repos for templates and payloads and modifying few tests
17:08:44 <unrahul> As you guys may know, we have released a PyPi version of the tool, with automated download of openstack templates and certain payloads
17:09:09 <lhinds> sounds cool
17:09:18 <unrahul> and revamped the docs, so if anyone would like to take a look at syntribos, just install it using pip install syntribos
17:09:33 <unrahul> we would love to get more feedback on it..
17:10:13 <lhinds> unrahul: that sounds like not a big ask..I will try to get some time to try it from pip
17:10:18 <unrahul> this week and the next we would be having design sessions on modifying the request templates to make it less cluttered and may be help users write simple tests etc..
17:10:18 <lhinds> or pypi rather
17:10:32 <unrahul> awesome lhinds ..
17:10:39 <unrahul> so thats it from us..
17:10:46 <lhinds> thanks unrahul
17:10:54 <lhinds> #topic OSSN
17:11:15 <lhinds> so we currently have three embargoed and one public
17:11:53 <lhinds> hyakuhei: looks like he has one almost ready to release, and his other is close too. tmcpeak has one with a draft in place
17:12:25 <lhinds> we also have a new author in vds
17:12:30 <lhinds> he is working on https://review.openstack.org/#/c/396080/
17:12:41 <lhinds> so please help with reviews
17:13:30 <lhinds> we are currently waiting on swift cores to feedback as its looking more like a patch and we are not sure what the notes ask is yet.
17:14:06 <lhinds> that's it for notes. Not had time to do anymore work on the API yet, but will hopefully be able to pick it up again soon
17:14:15 <lhinds> #topic Blog
17:14:36 <lhinds> hyakuhei: anything new on the blog?
17:14:58 <lhinds> I still need you to look at merge rights when have a spare moment.
17:15:07 <hyakuhei> Hey yeah so I will add more people in.
17:15:21 <lhinds> thx hyakuhei
17:15:41 <hyakuhei> Blog wise I want to put something in the blog about our super fancy award
17:15:50 <hyakuhei> My working title is: "OpenStack is not Secure"
17:15:57 <hyakuhei> "but we are doing all the right things"
17:16:11 <michaelxin> forgot time changed.
17:16:20 <hyakuhei> michaelxin so did everyone else :P
17:16:30 <lhinds> i think a few of us have
17:17:05 <lhinds> anymore on the blog?
17:17:21 <lhinds> #topic Security Review
17:17:38 <lhinds> hyakuhei: I don't have anything on this topic, anything from you..?
17:17:54 <hyakuhei> Narp, on a call about the internal version of that now lol
17:18:20 <lhinds> k :)
17:18:37 <michaelxin> What's security review?
17:18:42 <lhinds> I think we already have the washup covered from last week
17:19:21 <lhinds> #topic sec-guide
17:19:32 <lhinds> https://review.openstack.org/#/c/382600/
17:20:21 <lhinds> I have some stuff I need to get round to updating in the security-guide, we have some old django / horizon key values that are depreciated
17:20:31 <hyakuhei> michaelxin you joking?
17:20:35 <lhinds> for example USE_SSL
17:20:37 <hyakuhei> I will beat you!
17:20:49 <lhinds> you spot them too hyakuhei ?
17:21:00 <michaelxin> haha
17:22:25 <lhinds> k, I guess its going to be short and sweet this week.
17:22:38 <lhinds> any other key topics before AOB?
17:23:25 <lhinds> #topic AOB
17:23:33 <unrahul> hyakuhei:  we had to rebase the patch for the new repos , could you please do a +1 again https://review.openstack.org/#/c/390621/
17:24:11 <michaelxin> for updates about syntribos
17:24:13 <michaelxin> https://etherpad.openstack.org/p/syntribos-future
17:24:24 <michaelxin> That's our current roadmap
17:24:26 <hyakuhei> unrahul I'm on it!
17:24:35 <unrahul> thanks hyakuhei ! :)
17:25:09 <michaelxin> also ccneill will move out syntribos project.
17:25:36 <michaelxin> He will not focus on openstack security in the future.
17:26:27 <michaelxin> I am trying to find someone to replace him.
17:26:44 <lhinds> k, I guess this draw us to the end of the meeting, unless any more topics?]
17:26:46 <hyakuhei> What? Damn. That guy was Ninja.
17:27:01 <hyakuhei> Typical, I just got off the phone.
17:27:11 <vds> sorry I'm late, did you talk about OSSN-0077 already?
17:27:13 <capnoday> ahh damn
17:27:17 <browne> anchor has some reviews pending
17:27:18 <capnoday> ccneil will be missed
17:27:25 <lhinds> vds: already covered, but no worries
17:27:26 <hyakuhei> browne I'll take a looksy
17:27:30 <capnoday> browne no way!
17:27:37 <vds> lhinds: thx! :)
17:27:38 <michaelxin> hyakuhei: capnoday: sorry guys.
17:27:57 <capnoday> np, its awesome to see someone looking at it
17:28:59 <lhinds> ok, have a good weekend all.
17:29:03 <hyakuhei> Cheers!
17:29:04 <lhinds> #endmeeting