May 8, 2023 Meeting

Owned by Ben Sternthal
Last updated: May 10, 2023
2 min read

t

Attendees:

 

Agenda:

Agenda Item

 Notes

Owner

Actions / Next Steps

Agenda Item

 Notes

Owner

Actions / Next Steps

Outreach Report

@Som Sikdar 

  • Action items and next steps are captured in document

Updates on Release 1.9

  • #15187: Integration failures. Analysis in progress.

  • #15164: td-agent version pinning

  • #15161 might take more time as the flows are generated during bazel (update from Devops team).

@Yogesh Pandey 

  • Integration test passing on locally created build.

Introductory talk for community.cncf.io 4/27 at 6 PM PT.

Townhall for Thu, May 11, at 6:00 pm PT.

CNCF talk is on for Thu, May 11, at 6:00 pm PT.

Let's pick topics and a date for the next one  - Ben

@Ben Sternthal & Raul 

  • Raul- will publish bevy event and share link

  • Jordan to discuss big picture

  • Jordan to take over demo from Shubham

  • Lucas to cover community building and security

Bug Bounty Program

  • Hackerone setup in progress

  • If you want to be subscribed to the bugbounty mailing list, please let ben know

  • Lucas proposed "refactor reviewdog-workflow.yml for security" https://github.com/magma/security/issues/147

  • Som proposed windowing scheme

  • The Security WG discussed disclosure of security weakness in bounties for fixing them.

 

  • Ben setting up account with hackerone (still waiting as of2023-5-04)

  • Arrived on policy for disclosing security issues: ok to disclose if trivial, otherwise we will reserve bug bounties for trusted contributors.

  • Refactoring reviewdog-workflow.yml approved. Lucas to move the issue from the security repo to the public repo. (https://github.com/magma/magma/issues/15192)

  • Bounty amounts need to be defined

  • Shubham to document two bounty proposals: upgrade Kubernetes; create CI job to scan Docker images for vulnerabilities using trivy

  • Som to create a page in the LF wiki on the bounty program.

PR Triage Time

Very few responses to meeting poll in slack, let's pick a time in the TSC meeting.

  • Suggest wed 8am PT recurring.

  • Will need someone to drive discussion.

 

 

@Ben Sternthal 

  • Consensus on the value of the meeting

     

  • Consensus on Wednesdays at 8 AM

     

  • First meeting 9 days from now, on May 18

     

  • Weekly at first (for two weeks) in order to clear the backlog, then switch to biweekly. 

     

OpenSSF Followup

I wanted to followup on this item and if we wanted to proceed or not. Note this is not "out of the ordinary".

@Ben Sternthal 

This has turned out to be a larger project than expected. Lucas to follow up.

Other:

  • eBPF 

General discussion on interest in eBPF project (migration from OVS)

Pravin Shelar

  • @Shubham Tatvamasi , Suresh (Wavelabs), Som are interested


Recording: