17:00:14 <lhinds> #startmeeting security 17:00:15 <openstack> Meeting started Thu Nov 2 17:00:14 2017 UTC and is due to finish in 60 minutes. The chair is lhinds. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:16 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:00:19 <openstack> The meeting name has been set to 'security' 17:00:27 <lhinds> #topic roll-call 17:00:41 <lhinds> anyone around? 17:00:49 <gj2017> gj2017 17:00:54 <lhinds> hi gj2017 17:00:58 <gj2017> hey 17:01:23 <lhinds> let's see if we get some others join 17:01:33 <lhinds> are you working on any other openstack projects gj2017 ? 17:01:57 <gagehugo> o/ 17:02:06 <gj2017> working with openstack on an R&D project 17:02:14 <lhinds> hi gagehugo 17:02:18 <gj2017> just compelted mirantis OCM100 17:02:27 <lhinds> gj2017: cool, just ask out interest, not important to being here. 17:02:36 <lhinds> OCM100? 17:03:07 <lhinds> #topic agenda: https://etherpad.openstack.org/p/security-agenda 17:03:09 <gj2017> OpenStack Certification by Mirantis 17:03:14 <lhinds> ah ok 17:03:21 <gj2017> Simular COA 17:03:47 <gj2017> I am a security engineer leaning cloud 17:03:57 <lhinds> should be quick this meeting, so will try to swifty go through the agenda: 17:04:11 <lhinds> #topic security docs 17:04:18 <lhinds> one up for review: 17:04:20 <lhinds> https://review.openstack.org/#/c/517200/ 17:04:42 <lhinds> that's it really, i still have some stuff locally I need to clean up 17:05:06 <lhinds> #topic bandit 17:05:07 <lhinds> https://review.openstack.org/#/q/project:openstack/bandit 17:05:35 <lhinds> gagehugo: agree with you on times.db in testenv 17:06:02 <lhinds> I was running on arch, and something might have been different in my env,so I used a vm with fedora and it worked ok 17:06:31 <lhinds> the other is mareks patch: https://review.openstack.org/#/c/510602/ 17:06:37 <gagehugo> lhinds there was a comment in the bug report about changing to stestr 17:06:45 <gagehugo> that might make that fix unneeded 17:07:05 <gagehugo> I'm fixing mareks help text issue atm 17:07:17 <gagehugo> that help text / readme comparison test makes me sad 17:07:17 <lhinds> gagehugo: agree, is that a simple change? 17:07:36 <gagehugo> yeah most other projects have migrated over I think 17:07:44 <lhinds> maybe we should abandon and change it the right way, sounds best to me. 17:08:06 <gagehugo> yeah I'm fine with that if it fixes it 17:08:35 <lhinds> ok, will update the page 17:09:14 <lhinds> other items... 17:09:55 <lhinds> I am still on the threat analysis gagehugo , making progress as well. just making sure I do it thorough 17:10:05 <gagehugo> cool! 17:10:09 <lhinds> The other item is STIG discussion.. 17:10:27 <lhinds> so there was a dicussion on the list: 17:10:31 <lhinds> #link https://openstack.nimeyo.com/122013/openstack-dev-security-security-sig 17:10:46 <lhinds> recommend reading that and see if its agreeable. 17:11:39 <lhinds> my suggestion was we complete queens as we are, and put up a SIG page over this cycle and see if it gains momentum 17:11:56 <lhinds> want to avoid changing for the sake of changing, if nothing changes :) 17:12:27 <gagehugo> ok 17:12:42 <lhinds> so that's the main items.. 17:12:50 <lhinds> is there anything from you guys? 17:13:10 <gj2017> nope, just need to read 17:13:10 <lhinds> gagehugo: I owe you an email still 17:13:18 <lhinds> (about core) 17:13:34 <gagehugo> ok 17:13:49 <lhinds> cool, i think we can close then for this week 17:14:04 <gj2017> have a great week 17:14:13 <lhinds> thanks gj2017 , see you gagehugo 17:14:25 <lhinds> #endmeeting