Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Attendees

Meeting Recording

View file
nameGMT20240116-155746_Recording_3840x2160.mp4
height150

Goals

  • Prioritize security issues based on LFX Security dashboard findings
  • Assert the need for User Story Template fulfillment for any new initiative to be undertaken

...

TimeItemWhoNotes

OpenSSF checks (#443)

clomonitor findings (#444)

Ved
  • Prepare a common template that can be shared across all the projects. And keeping a common github action workflows that can be imported in the individual repos.


 LFX Security Dashboard for Nephio

 Rahul 



Service Mesh updates (user story template?)

Shiv

  • Requirements still to be worked upon. Shiv is preparing towards this.

Secrets Mgmt updates (user story template?)

Per repo best practices templates (How to handle updates?)

SALSA L4 requirements (topic brought up yesterday in SIG-Release meeting

Policy framework discussion<Open

  • Management cluster currently has an auto approval that simply allows everything that passes through it. If we can gate it through the policies that enforces best practices guidelines, that could be an easier win.
  • Runtime policies in the target workload clusters can also be orchestrated through this mechanism (by using Mutating controller) .. but this could be a second phase.

<open floor>



Action items

  •  Prashant to add the Secrets Management user story template
  •  Call for review for the Secrets management User Story document. (All)
  •  subhash to prepare fine grained requirements for the approval policy framework.