17:00:52 <hyakuhei> #startmeeting Security 17:00:52 <openstack> Meeting started Thu Apr 30 17:00:52 2015 UTC and is due to finish in 60 minutes. The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:53 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:00:56 <openstack> The meeting name has been set to 'security' 17:01:04 <tkelsey> o/ 17:01:09 <sicarie> o/ 17:01:12 <redrobot_mobile> o/ 17:01:18 <hyakuhei> I like being just "Security" - so much less typing at the start of the meeting :) 17:01:20 <nkinder> Hi all 17:01:28 <hyakuhei> nkinder: nice to see you :) 17:01:34 <singlethink> o/ 17:01:45 <nkinder> Sorry for missing last week. I was at the RSA conference 17:01:49 <elmiko> heyo/ 17:01:54 <elmiko> ooh neat! 17:01:55 <nkinder> it's sort of conference season lately for me 17:01:56 <hyakuhei> pfft, you crazy kids and your security conferences... 17:02:02 <hyakuhei> nkinder: speaking or attending? 17:02:17 <nkinder> booth at RSA, speaking at Linuxfest Northwest 17:02:42 <hyakuhei> Fancy! 17:03:40 <hyakuhei> ok cool, so as you're here nkinder should we start off with an overview of OSSN ? 17:03:46 <nkinder> Sure 17:04:09 <hyakuhei> #topic OSSN 17:04:19 <nkinder> I just published one that elmiko wrote (his first!) 17:04:24 <elmiko> \o/ 17:04:30 <hyakuhei> Fantastic, congratulations elmiko! 17:04:37 <nkinder> Yep, much thanks! 17:04:40 <elmiko> thanks =) 17:04:53 <nkinder> I think we can +A 0046 (the Pecan one) 17:05:09 <hyakuhei> Oh cool, I think that's mine 17:05:14 <nkinder> There's not really a single affected project that we would expect a +1 from 17:05:22 <dave-mccowan> o/ 17:05:35 <nkinder> I wanted to see if others were OK with me giving it a +A and bypassing the normal +1 requirement 17:05:56 <hyakuhei> Fine with me, given that there's no single stakeholder who can approve. 17:06:06 <tkelsey> +1 17:06:24 <nkinder> ok, cool. I'll +A and publish it today then 17:06:39 <hyakuhei> nkinder sicarie do we want another docs core to replace bdpayne? 17:06:59 <sicarie> +1 17:07:35 <hyakuhei> nkinder: What do you think? 17:07:37 <sicarie> I think one more doc core would definitely help with timely reviews 17:07:42 <nkinder> yeah, I think it would help 17:07:49 <hyakuhei> Personally I think we're doing ok but there's certainly space to add one without making things messy 17:08:00 <nkinder> Why don't we discuss in a few weeks at the Summit? 17:08:10 <hyakuhei> Seems reasonable 17:08:49 <gmurphy> o/ 17:08:55 <gmurphy> sorry i'm late.. 17:09:02 <nkinder> We have a few stagnant notes 17:09:13 <nkinder> I think one of them just needs a review from the affected project 17:09:17 <nkinder> Let me get a link... 17:09:56 <nkinder> https://review.openstack.org/136203 17:10:29 <nkinder> We need a Neutron reviewer 17:10:38 <hyakuhei> Agreed, anyone got a friendly one? 17:11:33 <nkinder> looks like this is LBaaS, and there are only 4 cores 17:11:43 <nkinder> I just added that group to the review 17:12:02 <nkinder> Kyle Mestery might be the best to reach out to 17:12:05 <nkinder> I can do that 17:12:13 <hyakuhei> Cool, good plan nkinder 17:12:23 <mestery> nkinder: Also, dougwig and blogan 17:12:46 <nkinder> mestery: Hi! 17:12:52 <mestery> nkinder: Howdy! 17:12:53 <dougwig> hello 17:12:58 <nkinder> mestery: Sure, the more the merrier :) 17:13:05 <mestery> dougwig: Security issue with LBaaS, see review above 17:13:08 <nkinder> We need a review on an OSSN around LBaaS before we can publish 17:13:14 <dougwig> looking 17:13:44 <mestery> nkinder: dougwig is the right buy for sure, and I'll review now as well. Thanks for pinging me! 17:13:57 <nkinder> Aside from that on OSSNs, there are a few bugs I need to close out for issues we published. I'll do that today so the list is accurate. 17:14:14 <nkinder> mestery, dougwig: Thanks guys! 17:14:35 <nkinder> I have no update on the OSSN parsing script. I need more hours in the day to hack on it. ;) 17:14:43 <elmiko> hehe 17:15:01 <hyakuhei> Is it at a point where you'd want to share it and maybe get some others to take a whack or still too early? 17:15:13 <nkinder> perhaps on the flight to the Summit. I can certainly demo what I have to others there. 17:15:16 <dougwig> nkinder: i have to run out for a bit. ok to review that in about 2 hours? 17:15:25 <nkinder> dougwig: absolutely 17:15:40 <nkinder> hyakuhei: I'll see about pushing what I have to github so others can take a look 17:15:47 <elmiko> +1 17:16:02 <hyakuhei> cool, no pressure, just if you think it would be useful nkinder 17:16:03 * nkinder adds to my todo list 17:16:38 <nkinder> That's it on OSSNs. 17:16:48 <dg_> hey guys, sorry I'm late 17:16:58 <nkinder> dg_: hey 17:17:11 <hyakuhei> hey dg_ 17:17:26 <hyakuhei> Thanks for the work on the OSSN nkinder 17:18:05 <hyakuhei> tkelsey: Any updates on Bandit this week? tmcpeak isn't here. 17:18:24 <tkelsey> hummm, nothing that im aware of 17:18:32 <elmiko> i have a small bandit request 17:18:36 <hyakuhei> Cool 17:18:38 <tkelsey> elmiko: oh? 17:18:41 <elmiko> #link https://review.openstack.org/#/c/177855/ 17:18:44 <hyakuhei> #topic bandit 17:18:52 <elmiko> i'm working on creating the tox stuff for our bandit gating tests 17:19:03 <tkelsey> ah awesome :) how can i help? 17:19:06 <elmiko> i would love an extra eye or two on that review to maybe advise about plugins we might want to use 17:19:18 <tkelsey> ok i'll look it over 17:19:22 <elmiko> nothing major, thanks! 17:19:31 <tkelsey> :) 17:19:33 <hyakuhei> bknudson: Anything to report on Bandit in the land of Keystone? 17:20:54 <hyakuhei> I guess he's not around :) 17:21:12 <hyakuhei> #topic security.openstack.org 17:21:33 <gmurphy> #link https://github.com/gcmurphy/python-sec-guidance 17:21:39 <gmurphy> --^ 17:21:45 <hyakuhei> gmurphy: I recall you were possibly going to talk to the rest of the VMT about whether this should continue to be in the OSSA repo? 17:21:58 <gmurphy> is attempt to convert existing documentation to rst 17:22:18 <gmurphy> now we need to figure out where to put it etc / how to merge it 17:23:03 <gmurphy> also the content needs a bit of work 17:23:20 <gmurphy> but that's just the security guidance stuff. 17:23:25 <hyakuhei> That looks pretty nice gmurphy, the RST are pretty tidy. 17:24:05 <elmiko> yea, very nice 17:24:22 <hyakuhei> Thank you gmurphy 17:25:10 <gmurphy> i had a chat with fungi last week during after the meeting. i think he has some ideas about how we could host it. i'll try to follow up with him about it. 17:25:24 <hyakuhei> That's useful, thanks 17:25:26 <fungi> please do (but not on kilo release day) 17:26:19 <gmurphy> haha 17:26:28 <hyakuhei> Yeah - happy Kilo day everyone! 17:26:51 <tkelsey> elmiko: LGTM on your Bandit gate patch 17:27:04 <elmiko> tkelsey: awesome, thanks 17:27:51 <tkelsey> elmiko: my pleasure, feel free to ping me with any specific issues that arise or general questions 17:28:13 <elmiko> tkelsey: cool, will do. i have some ideas for plugins that might be useful for us. 17:28:23 <hyakuhei> I don't have much else to discuss today, I think everyone is busy getting ready for the summit 17:28:34 <hyakuhei> #topic Any Other Business 17:28:36 <tkelsey> elmiko: :) 17:28:56 <sicarie> hyakuhei: do we have a schedule for what's going on in the summit areas for Security? 17:29:33 <hyakuhei> Yup 17:29:39 <hyakuhei> It's all in your email, one sec 17:30:18 <hyakuhei> #link http://libertydesignsummit.sched.org/type/design+summit/Security#.VToWqRPF_8k 17:30:51 <sicarie> no sec guide ? :) 17:31:48 <hyakuhei> Well, that's what the email I sent out was for, we've got three sessions, VMT needs one of them. Depending on who turns up to the work session that could be on the security guide or on rebranding 17:32:00 <hyakuhei> TBH historically we've never worked on the sec guide at the summit 17:32:02 <hyakuhei> It's too involved 17:32:39 <sicarie> hyakuhei: understood, we were thinking there'd be some planning around both the physical book state and format conversion 17:33:01 <sicarie> but we can always just grab some free space for that 17:33:52 <hyakuhei> I don't have strong feelings against it, we could use the work room for that? 17:34:02 <sicarie> Sure 17:35:28 <hyakuhei> Cool. 17:35:34 <hyakuhei> Anything else to discuss today? 17:36:17 <nkinder> Nothing else here. 17:37:13 <hyakuhei> Ok cool, I think we can probably wrap then :) 17:37:31 <hyakuhei> #endmeeting