======================================= #acumos-meeting: Architecture Committee ======================================= Meeting started by farheen at 14:01:58 UTC. The full logs are available at http://ircbot.wl.linuxfoundation.org/meetings/acumos-meeting/2018/acumos-meeting.2018-10-18-14.01.log.html . Meeting summary --------------- * Agenda (farheen, 14:02:18) * Security and Validation and CMLP code review request. (farheen, 14:04:25) * Security and Validation by Bryan Sullivan (farheen, 14:04:56) * LINK: https://wiki.acumos.org/display/SEC/Security+Scanning (farheen, 14:06:47) * Community Policies covers things that we address through federation. (farheen, 14:07:53) * Admin will have the ability to establish gates thru the portal front end to flow. Those gates will determine whether a user can share, download, deploy. This is post onboarding. This is the first 5 workflows that will be covered. You must have licensed models. This also includes vetting of incoming models. There is a holding area while assessment for incoming is done. (farheen, 14:09:40) * For each model there will be an ability have licenses and security checks have been processed. (farheen, 14:10:27) * Lastly the portal fe will implement control per Admin. Manual Administered control of models. (farheen, 14:10:50) * The second part depends on FTE support. Integrated scanning tool in the platform. We are still looking at solving issues with technology and a falsehood of security. If we do this we're going to have to do this well and automate into workflows. There is a design on the table for doing that. I need to make it java centered. (farheen, 14:12:17) * Anwar: Since this is related to how licensing will work I want to make sure the other PTLs are carefully reviewing this plan. (farheen, 14:12:49) * ACTION: PTLs review this plan carefully (farheen, 14:13:09) * ACTION: Mukesh and Chris Lott please review plan and comments and feedback. (farheen, 14:14:19) * Mukesh: We have implemented publish to pubic marketplace. Will that be impacted? Bryan: No we will incorporate into existing. (farheen, 14:15:27) * Bryan: I am going to turn this into user stories for actual functions. And how best to fit into the java models. (farheen, 14:16:18) * We have a design at the admin level and others at a model level. In principle does that sound reasonable to you? (farheen, 14:17:35) * Chris Lott: Yes, I am creating an epic for CDS Boreas tasks. (farheen, 14:17:59) * Phillippe and Guy don't see this as an impact for on-boarding. It seems OK of how it will be invoked. (farheen, 14:18:55) * Bryans: flow diagram. (farheen, 14:20:22) * LINK: https://docs.acumos.org/en/latest/submodules/security-verification/docs/design.html#architecture (farheen, 14:20:26) * Bryan reviewed the diagram above. (farheen, 14:20:43) * Bryan: Portal FE will direct users whether their model passed or failed the checks. (farheen, 14:22:03) * Anwar: We have a go ahead to continue with this design (farheen, 14:22:33) * CMLP (farheen, 14:22:46) * CMLP renaming of repos (farheen, 14:23:00) * Manoop: Based on email conversations we want onboarding, designstudio, and portal renaming. We got the OK from Kazi for DS. We need the OK from Phillippe, and Mukesh. (farheen, 14:24:09) * Adi: I had a data pipeline check in that is not on the list here. I only see two of them. (farheen, 14:24:43) * Gaurav sharing INTTEST/Acumos+subrepos (farheen, 14:25:28) * we want to open up to a common library. (farheen, 14:25:46) * Phillippe: We are not agreeable to name a python repo. It is only for CMLP. I would prefer a name like CMLP. (farheen, 14:26:21) * Gaurav: I wanted to keep model runner. (farheen, 14:27:19) * Bryan: We don't want to use the name CMLP in open source. (farheen, 14:27:41) * Gaurav: Can we name it model-runner common. (farheen, 14:28:06) * Adi: I don't know why this is a problem. (farheen, 14:28:24) * The library has nothing to do with CMLP. What is CMLP about it? (farheen, 14:28:44) * Adi: If there is a common area maybe we should use that. (farheen, 14:28:58) * Phillippe: Where would you like to have it? (farheen, 14:29:52) * Phillippe: We have a common model runner repo. My objection was to avoid confusion between two model runner repos one for CMLP and one for Acumos. (farheen, 14:31:07) * Manoop: Re: cmlp-model-runner: will cmlp merge their model runner with the acumos model-runner. (farheen, 14:31:58) * Gaurav: We need to have the technical discussion. (farheen, 14:32:19) * Manoop: Phillippe until we get strong guidance of how it will be merged until then can we have another name besides cmlp. (farheen, 14:33:07) * Phillippe: I don't know. (farheen, 14:33:16) * Manoop: Adi Gaurav can you id a different name? (farheen, 14:33:51) * Guy: Model runner stands up a rest service that has incorporated the protobuf conversion. (farheen, 14:34:14) * Kazi: It is the marshalling and un-marshalling the rest service. (farheen, 14:34:33) * Manoop: Can Adi or Gaurav give a short explanation of what their model runner? (farheen, 14:35:30) * Gaurav: It is not tightly integrated with python and I didn't want to keep it on the top repo to confuse people. (farheen, 14:36:32) * Gaurav: We want to have a common code and not duplicate and remove the redundancies. (farheen, 14:37:03) * Manoop: Can we rename it as python utilities? (farheen, 14:37:22) * Gaurav: Yes (farheen, 14:37:30) * Phillippe: For me why not. (farheen, 14:38:05) * Chris Lott: I don't agree because python runner and python utility are too similar. (farheen, 14:39:01) * Chris Lott: May I suggest we come back with a proposal? (farheen, 14:39:37) * Manoop: My vote is to stick to python-common and we are adding acumos-python-common (farheen, 14:40:37) * Manoop: Is acumos-common-utility OK with you Phillippe? (farheen, 14:41:22) * Phillippe: This repo is used by CMLP. For now it's only used by CMLP going forward it can be used by other components also. (farheen, 14:41:59) * Phillippe: OK why not? (farheen, 14:42:12) * Manoop Kazi do you have an issue with this name? (farheen, 14:42:31) * Adi: We should also ask Pantellis. (farheen, 14:42:48) * Kazi: it is OK with Kazi. (farheen, 14:43:08) * Anwar: Do we have a separate repo for training? (farheen, 14:43:25) * Manoop: There is a training repo in acumos. (farheen, 14:43:43) * Anwar: Training should have it's own repo. (farheen, 14:44:08) * Anwar: Let's not move training into design studio. Because most of this code is going to come from CMLP or other open contributors. (farheen, 14:45:38) * Manoop: The components databroker/datapipeline. The repo doesn't need to be tagged either DS. (farheen, 14:46:34) * Kazi: I agree it's fine. (farheen, 14:47:05) * Manoop: Kazi and Pantellis should decide who should lead training. (farheen, 14:47:32) * LINK: https://wiki.acumos.org/display/ACCOM/Meetings (farheen, 14:48:21) * Manoop: If we tag it with the training repo it will only be for training vs. if we change the name. (farheen, 14:49:41) * Kazi: Data pipeline will have many components. (farheen, 14:50:05) * Anwar: Where would the code reside? (farheen, 14:50:19) * Kazi: We haven't made a decision for that. (farheen, 14:50:29) * Adi: As far as the discussion with Pantellis he was on board with the design. Kazi was OK. (farheen, 14:52:49) * Kazi: We said we'd have 3 pipelines and now we're discussing the repo. (farheen, 14:53:12) * Anwar: I am now hearing separate repo for each of these pipelines. (farheen, 14:53:35) * Adi: Datapipeline is a component. (farheen, 14:54:01) * ACTION: Adi set up a call with Pantellis, Kazi, Manoop, and take offline and bring back to the team. (farheen, 14:55:18) * Manoop: Was this last repo discussed? Mukesh? (farheen, 14:55:36) * ACTION: Mukesh review with Gaurav. (farheen, 14:56:05) * Gaurav it can be re-used by anyone. (farheen, 14:57:39) * ACTION: Abishek send an email to Manoop, Mukesh, to capture and we can bring back by Friday. (farheen, 14:58:43) * Manoop: We are requesting renaming. (farheen, 14:59:01) * Manoop: We are going to ask LF and make a decision based on that. (farheen, 14:59:30) * Ken: We've received 2 builds this week. We have done our complete round of testing. The instance with the MS generator is looking good. (farheen, 15:00:34) * the only high issue is cobranding. (farheen, 15:01:03) * Anwar: Do you have any critical or high open? Ken: just cobranding. (farheen, 15:01:45) * Nat: That is the final build from the athena release. Right now more than 50% have branched their code. (farheen, 15:02:12) * Nat: Sharing an email table. (farheen, 15:02:43) * ACTION: Nat get the portal ui/ux items reviewed. Please work with Ken and Farheen so we have a plan for implementing we'll talk later today. (farheen, 15:03:43) * Nat: Sai is tracking all the people to branch. Deepti please make sure it is reviewed in the afternoon. (farheen, 15:04:59) Meeting ended at 15:05:11 UTC. Action items, by person ----------------------- * farheen * Nat get the portal ui/ux items reviewed. Please work with Ken and Farheen so we have a plan for implementing we'll talk later today. * **UNASSIGNED** * PTLs review this plan carefully * Mukesh and Chris Lott please review plan and comments and feedback. * Adi set up a call with Pantellis, Kazi, Manoop, and take offline and bring back to the team. * Mukesh review with Gaurav. * Abishek send an email to Manoop, Mukesh, to capture and we can bring back by Friday. People present (lines said) --------------------------- * farheen (91) * collabot` (3) Generated by `MeetBot`_ 0.1.4