17:00:14 <lhinds> #startmeeting security
17:00:15 <openstack> Meeting started Thu Nov  2 17:00:14 2017 UTC and is due to finish in 60 minutes.  The chair is lhinds. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:16 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:19 <openstack> The meeting name has been set to 'security'
17:00:27 <lhinds> #topic roll-call
17:00:41 <lhinds> anyone around?
17:00:49 <gj2017> gj2017
17:00:54 <lhinds> hi gj2017
17:00:58 <gj2017> hey
17:01:23 <lhinds> let's see if we get some others join
17:01:33 <lhinds> are you working on any other openstack projects gj2017 ?
17:01:57 <gagehugo> o/
17:02:06 <gj2017> working with openstack on an R&D project
17:02:14 <lhinds> hi gagehugo
17:02:18 <gj2017> just compelted mirantis OCM100
17:02:27 <lhinds> gj2017: cool, just ask out interest, not important to being here.
17:02:36 <lhinds> OCM100?
17:03:07 <lhinds> #topic agenda: https://etherpad.openstack.org/p/security-agenda
17:03:09 <gj2017> OpenStack Certification by Mirantis
17:03:14 <lhinds> ah ok
17:03:21 <gj2017> Simular COA
17:03:47 <gj2017> I am a security engineer leaning cloud
17:03:57 <lhinds> should be quick this meeting, so will try to swifty go through the agenda:
17:04:11 <lhinds> #topic security docs
17:04:18 <lhinds> one up for review:
17:04:20 <lhinds> https://review.openstack.org/#/c/517200/
17:04:42 <lhinds> that's it really, i still have some stuff locally I need to clean up
17:05:06 <lhinds> #topic bandit
17:05:07 <lhinds> https://review.openstack.org/#/q/project:openstack/bandit
17:05:35 <lhinds> gagehugo: agree with you on times.db in testenv
17:06:02 <lhinds> I was running on arch, and something might have been different in my env,so I used a vm with fedora and it worked ok
17:06:31 <lhinds> the other is mareks patch: https://review.openstack.org/#/c/510602/
17:06:37 <gagehugo> lhinds there was a comment in the bug report about changing to stestr
17:06:45 <gagehugo> that might make that fix unneeded
17:07:05 <gagehugo> I'm fixing mareks help text issue atm
17:07:17 <gagehugo> that help text / readme comparison test makes me sad
17:07:17 <lhinds> gagehugo: agree, is that a simple change?
17:07:36 <gagehugo> yeah most other projects have migrated over I think
17:07:44 <lhinds> maybe we should abandon and change it the right way, sounds best to me.
17:08:06 <gagehugo> yeah I'm fine with that if it fixes it
17:08:35 <lhinds> ok, will update the page
17:09:14 <lhinds> other items...
17:09:55 <lhinds> I am still on the threat analysis gagehugo , making progress as well. just making sure I do it thorough
17:10:05 <gagehugo> cool!
17:10:09 <lhinds> The other item is STIG discussion..
17:10:27 <lhinds> so there was a dicussion on the list:
17:10:31 <lhinds> #link https://openstack.nimeyo.com/122013/openstack-dev-security-security-sig
17:10:46 <lhinds> recommend reading that and see if its agreeable.
17:11:39 <lhinds> my suggestion was we complete queens as we are, and put up a SIG page over this cycle and see if it gains momentum
17:11:56 <lhinds> want to avoid changing for the sake of changing, if nothing changes :)
17:12:27 <gagehugo> ok
17:12:42 <lhinds> so that's the main items..
17:12:50 <lhinds> is there anything from you guys?
17:13:10 <gj2017> nope, just need to read
17:13:10 <lhinds> gagehugo: I owe you an email still
17:13:18 <lhinds> (about core)
17:13:34 <gagehugo> ok
17:13:49 <lhinds> cool, i think we can close then for this week
17:14:04 <gj2017> have a great week
17:14:13 <lhinds> thanks gj2017 , see you gagehugo
17:14:25 <lhinds> #endmeeting