2024-01-16 Meeting notes

Owned by Rahul
Last updated: Feb 13, 2024
1 min read

Date

Jan 16, 2024

Attendees

  • @Rahul

  • @Prashant 

  • @GAURAV KUMAR MISHRA 

  • @Anurag Rajawat 

  • @Wim Henderickx 

  • @Byung-Woo Jun 

  • @subhash 

  • @Raj 

  • Shiv

Meeting Recording

Goals

  • Prioritize security issues based on LFX Security dashboard findings

  • Assert the need for User Story Template fulfillment for any new initiative to be undertaken

Discussion items

Time

Item

Who

Notes

Time

Item

Who

Notes

OpenSSF checks (#443)

clomonitor findings (#444)

Ved

  • Prepare a common template that can be shared across all the projects. And keeping a common github action workflows that can be imported in the individual repos.



 LFX Security Dashboard for Nephio

 @Rahul 





Service Mesh updates (user story template?)

Shiv

  • Requirements still to be worked upon. Shiv is preparing towards this.



Secrets Mgmt updates (user story template?)

@Prashant 



Per repo best practices templates (How to handle updates?)

@Rahul 





SALSA L4 requirements (topic brought up yesterday in SIG-Release meeting

@Rahul 





Policy framework discussion

@subhash 

  • Management cluster currently has an auto approval that simply allows everything that passes through it. If we can gate it through the policies that enforces best practices guidelines, that could be an easier win.

  • Runtime policies in the target workload clusters can also be orchestrated through this mechanism (by using Mutating controller) .. but this could be a second phase.



<open floor>





Action items

@Prashant to add the Secrets Management user story template
Call for review for the Secrets management User Story document. (All)
@subhash to prepare fine grained requirements for the approval policy framework.