#acumos-meeting: Validation and Security Team Meeting

Meeting started by aimeeu at 13:02:27 UTC (full logs).

Meeting summary

    1. attendees: Bryan Sullivan (AT&T), Chuxin Chen (AT&T), Jack Murray (AT&T), Karrie (AT&T), Devendra Sen (TechM), Dev (aimeeu, 13:08:19)
    2. Jack: the validation process will be more complex than a web-based experience (aimeeu, 13:08:58)
    3. Karrie: for end to end validation experience, need to access status, notification - design has to accommodate that part of the process (aimeeu, 13:11:41)
    4. Bryan summarizes: need a behind the scenes workflow engine for validation that does not impact the Portal (aimeeu, 13:13:07)
    5. https://etherpad.acumos.org/p/validation-meeting-180503 (bryan_att, 13:16:21)

  2. Requirements (aimeeu, 13:18:25)
    1. Bryan summarizes requirements on the etherpad (aimeeu, 13:23:05)
    2. Jack: complex problem; define and follow a "best practice" (aimeeu, 13:26:12)
    3. Jack: security of the platform is models as well as underlying platform; very broad scope (aimeeu, 13:26:50)
    4. Bryan: goal for project should be a program of industry best practices (aimeeu, 13:27:51)
    5. similar to #link https://wiki.opnfv.org/display/security/2016/08/24/OPNFV+gets+CII+Best+Practices+Badge+for+Security+and+Quality (aimeeu, 13:29:09)

  3. Architecture (aimeeu, 13:29:50)
    1. Chuxin sent Bryan some slides to be added to the wiki; capture Validation intent from a user perspective (aimeeu, 13:30:19)
    2. Bryan: separate what's presented in the UI from the back end (aimeeu, 13:30:56)
    3. the work of the Security subcommittee is broader than the subject of today's call (aimeeu, 13:33:32)
    4. this meeting is about the validation component, which resides in the Common Services project (aimeeu, 13:34:13)
    5. Jack: need to separate items for broader Security Subcommittee from the work of the validation component (aimeeu, 13:35:03)
    6. broader goals for Security Subcommittee: #link https://wiki.acumos.org/display/AC/Security+Scanning (aimeeu, 13:36:27)
    7. Security Subcommittee will drive the requirements for the validation component (aimeeu, 13:38:31)
    8. Jack: these security and validation requirements should be discussed by the Security Subcommittee, so this meeting is really a working group within the Security Subcommittee (aimeeu, 13:42:34)
    9. Jack: once the requirements have been finalized, then the work can be passed to the Common Services project for implementation (aimeeu, 13:43:08)
    10. Bryan summarizes what the current validation component does and what it will need to do going forward (aimeeu, 13:44:42)
    11. discussion on workflow, perhaps incorporating a workflow engine such as Camunda (aimeeu, 13:52:39)
    12. Bryan discusses using a YAML file to define workflow (aimeeu, 13:54:58)


Meeting ended at 14:01:54 UTC (full logs).

Action items

  1. (none)


People present (lines said)

  1. aimeeu (33)
  2. collabot` (4)
  3. vishnu (4)
  4. bryan_att (1)


Generated by MeetBot 0.1.4.