17:00:52 <hyakuhei> #startmeeting Security
17:00:52 <openstack> Meeting started Thu Apr 30 17:00:52 2015 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:53 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:56 <openstack> The meeting name has been set to 'security'
17:01:04 <tkelsey> o/
17:01:09 <sicarie> o/
17:01:12 <redrobot_mobile> o/
17:01:18 <hyakuhei> I like being just "Security" - so much less typing at the start of the meeting :)
17:01:20 <nkinder> Hi all
17:01:28 <hyakuhei> nkinder: nice to see you :)
17:01:34 <singlethink> o/
17:01:45 <nkinder> Sorry for missing last week.  I was at the RSA conference
17:01:49 <elmiko> heyo/
17:01:54 <elmiko> ooh neat!
17:01:55 <nkinder> it's sort of conference season lately for me
17:01:56 <hyakuhei> pfft, you crazy kids and your security conferences...
17:02:02 <hyakuhei> nkinder: speaking or attending?
17:02:17 <nkinder> booth at RSA, speaking at Linuxfest Northwest
17:02:42 <hyakuhei> Fancy!
17:03:40 <hyakuhei> ok cool, so as you're here nkinder should we start off with an overview of OSSN ?
17:03:46 <nkinder> Sure
17:04:09 <hyakuhei> #topic OSSN
17:04:19 <nkinder> I just published one that elmiko wrote (his first!)
17:04:24 <elmiko> \o/
17:04:30 <hyakuhei> Fantastic, congratulations elmiko!
17:04:37 <nkinder> Yep, much thanks!
17:04:40 <elmiko> thanks =)
17:04:53 <nkinder> I think we can +A 0046 (the Pecan one)
17:05:09 <hyakuhei> Oh cool, I think that's mine
17:05:14 <nkinder> There's not really a single affected project that we would expect a +1 from
17:05:22 <dave-mccowan> o/
17:05:35 <nkinder> I wanted to see if others were OK with me giving it a +A and bypassing the normal +1 requirement
17:05:56 <hyakuhei> Fine with me, given that there's no single stakeholder who can approve.
17:06:06 <tkelsey> +1
17:06:24 <nkinder> ok, cool.  I'll +A and publish it today then
17:06:39 <hyakuhei> nkinder sicarie do we want another docs core to replace bdpayne?
17:06:59 <sicarie> +1
17:07:35 <hyakuhei> nkinder: What do you think?
17:07:37 <sicarie> I think one more doc core would definitely help with timely reviews
17:07:42 <nkinder> yeah, I think it would help
17:07:49 <hyakuhei> Personally I think we're doing ok but there's certainly space to add one without making things messy
17:08:00 <nkinder> Why don't we discuss in a few weeks at the Summit?
17:08:10 <hyakuhei> Seems reasonable
17:08:49 <gmurphy> o/
17:08:55 <gmurphy> sorry i'm late..
17:09:02 <nkinder> We have a few stagnant notes
17:09:13 <nkinder> I think one of them just needs a review from the affected project
17:09:17 <nkinder> Let me get a link...
17:09:56 <nkinder> https://review.openstack.org/136203
17:10:29 <nkinder> We need a Neutron reviewer
17:10:38 <hyakuhei> Agreed, anyone got a friendly one?
17:11:33 <nkinder> looks like this is LBaaS, and there are only 4 cores
17:11:43 <nkinder> I just added that group to the review
17:12:02 <nkinder> Kyle Mestery might be the best to reach out to
17:12:05 <nkinder> I can do that
17:12:13 <hyakuhei> Cool, good plan nkinder
17:12:23 <mestery> nkinder: Also, dougwig and blogan
17:12:46 <nkinder> mestery: Hi!
17:12:52 <mestery> nkinder: Howdy!
17:12:53 <dougwig> hello
17:12:58 <nkinder> mestery: Sure, the more the merrier :)
17:13:05 <mestery> dougwig: Security issue with LBaaS, see review above
17:13:08 <nkinder> We need a review on an OSSN around LBaaS before we can publish
17:13:14 <dougwig> looking
17:13:44 <mestery> nkinder: dougwig is the right buy for sure, and I'll review now as well. Thanks for pinging me!
17:13:57 <nkinder> Aside from that on OSSNs, there are a few bugs I need to close out for issues we published.  I'll do that today so the list is accurate.
17:14:14 <nkinder> mestery, dougwig: Thanks guys!
17:14:35 <nkinder> I have no update on the OSSN parsing script.  I need more hours in the day to hack on it. ;)
17:14:43 <elmiko> hehe
17:15:01 <hyakuhei> Is it at a point where you'd want to share it and maybe get some others to take a whack or still too early?
17:15:13 <nkinder> perhaps on the flight to the Summit.  I can certainly demo what I have to others there.
17:15:16 <dougwig> nkinder: i have to run out for a bit.  ok to review that in about 2 hours?
17:15:25 <nkinder> dougwig: absolutely
17:15:40 <nkinder> hyakuhei: I'll see about pushing what I have to github so others can take a look
17:15:47 <elmiko> +1
17:16:02 <hyakuhei> cool, no pressure, just if you think it would be useful nkinder
17:16:03 * nkinder adds to my todo list
17:16:38 <nkinder> That's it on OSSNs.
17:16:48 <dg_> hey guys, sorry I'm late
17:16:58 <nkinder> dg_: hey
17:17:11 <hyakuhei> hey dg_
17:17:26 <hyakuhei> Thanks for the work on the OSSN nkinder
17:18:05 <hyakuhei> tkelsey: Any updates on Bandit this week? tmcpeak isn't here.
17:18:24 <tkelsey> hummm, nothing that im aware of
17:18:32 <elmiko> i have a small bandit request
17:18:36 <hyakuhei> Cool
17:18:38 <tkelsey> elmiko: oh?
17:18:41 <elmiko> #link https://review.openstack.org/#/c/177855/
17:18:44 <hyakuhei> #topic bandit
17:18:52 <elmiko> i'm working on creating the tox stuff for our bandit gating tests
17:19:03 <tkelsey> ah awesome :) how can i help?
17:19:06 <elmiko> i would love an extra eye or two on that review to maybe advise about plugins we might want to use
17:19:18 <tkelsey> ok i'll look it over
17:19:22 <elmiko> nothing major, thanks!
17:19:31 <tkelsey> :)
17:19:33 <hyakuhei> bknudson: Anything to report on Bandit in the land of Keystone?
17:20:54 <hyakuhei> I guess he's not around :)
17:21:12 <hyakuhei> #topic security.openstack.org
17:21:33 <gmurphy> #link https://github.com/gcmurphy/python-sec-guidance
17:21:39 <gmurphy> --^
17:21:45 <hyakuhei> gmurphy: I recall you were possibly going to talk to the rest of the VMT about whether this should continue to be in the OSSA repo?
17:21:58 <gmurphy> is attempt to convert existing documentation to rst
17:22:18 <gmurphy> now we need to figure out where to put it etc / how to merge it
17:23:03 <gmurphy> also the content needs a bit of work
17:23:20 <gmurphy> but that's just the security guidance stuff.
17:23:25 <hyakuhei> That looks pretty nice gmurphy, the RST are pretty tidy.
17:24:05 <elmiko> yea, very nice
17:24:22 <hyakuhei> Thank you gmurphy
17:25:10 <gmurphy> i had a chat with fungi last week during after the meeting. i think he has some ideas about how we could host it. i'll try to follow up with him about it.
17:25:24 <hyakuhei> That's useful, thanks
17:25:26 <fungi> please do (but not on kilo release day)
17:26:19 <gmurphy> haha
17:26:28 <hyakuhei> Yeah - happy Kilo day everyone!
17:26:51 <tkelsey> elmiko: LGTM on your Bandit gate patch
17:27:04 <elmiko> tkelsey: awesome, thanks
17:27:51 <tkelsey> elmiko: my pleasure, feel free to ping me with any specific issues that arise or general questions
17:28:13 <elmiko> tkelsey: cool, will do. i have some ideas for plugins that might be useful for us.
17:28:23 <hyakuhei> I don't have much else to discuss today, I think everyone is busy getting ready for the summit
17:28:34 <hyakuhei> #topic Any Other Business
17:28:36 <tkelsey> elmiko: :)
17:28:56 <sicarie> hyakuhei: do we have a schedule for what's going on in the summit areas for Security?
17:29:33 <hyakuhei> Yup
17:29:39 <hyakuhei> It's all in your email, one sec
17:30:18 <hyakuhei> #link http://libertydesignsummit.sched.org/type/design+summit/Security#.VToWqRPF_8k
17:30:51 <sicarie> no sec guide ? :)
17:31:48 <hyakuhei> Well, that's what the email I sent out was for, we've got three sessions, VMT needs one of them. Depending on who turns up to the work session that could be on the security guide or on rebranding
17:32:00 <hyakuhei> TBH historically we've never worked on the sec guide at the summit
17:32:02 <hyakuhei> It's too involved
17:32:39 <sicarie> hyakuhei: understood, we were thinking there'd be some planning around both the physical book state and format conversion
17:33:01 <sicarie> but we can always just grab some free space for that
17:33:52 <hyakuhei> I don't have strong feelings against it, we could use the work room for that?
17:34:02 <sicarie> Sure
17:35:28 <hyakuhei> Cool.
17:35:34 <hyakuhei> Anything else to discuss today?
17:36:17 <nkinder> Nothing else here.
17:37:13 <hyakuhei> Ok cool, I think we can probably wrap then :)
17:37:31 <hyakuhei> #endmeeting