======================================== #opnfv-pharos: OPNFV Hackfest Infra Day2 ======================================== Meeting started by fdegir at 07:28:18 UTC. The full logs are available at http://ircbot.wl.linuxfoundation.org/meetings/opnfv-pharos/2017/opnfv-pharos.2017-04-25-07.28.log.html . Meeting summary --------------- * POD and Scenario Descriptor Files, Scenario Lifecycle (fdegir, 07:32:40) * LINK: https://gerrit.opnfv.org/gerrit/#/c/30677/5/scenarios/templates/sdf-template.yaml (fdegir, 07:36:58) * ACTION: uli-k to update step 1 in workflow to ensure the pool is not an installer pool but CI POD pool (fdegir, 08:54:29) * ACTION: uli-k to update Add CI POD slide to reflect the process clearly (fdegir, 09:04:36) * Security Gate Scanning (fdegir, 11:06:50) * As part of C-release, 12 security related issues were identified and fixed (fdegir, 11:24:33) * The idea is to automate security scanning and run it against new patches proposed to OPNFV repos (fdegir, 11:25:16) * cosmetic checks, shell executions, etc will be done (fdegir, 11:26:56) * For python, bandit will be used (fdegir, 11:27:25) * binary file check will be done (fdegir, 11:27:36) * During E-release development work, 2 jobs will be created doing (fdegir, 11:32:45) * scanning for each and every new patch proposed to opnfv projects but this will not vote/block changes from getting submitted (fdegir, 11:33:13) * scanning nightly for all the projects to report the backlog (fdegir, 11:33:26) * The gating/voting will be enabled by F-release development phase (fdegir, 11:33:43) * SDF and Scenario Lifecycle (fdegir, 12:32:28) Meeting ended at 08:18:55 UTC. Action items, by person ----------------------- * uli-k * uli-k to update step 1 in workflow to ensure the pool is not an installer pool but CI POD pool * uli-k to update Add CI POD slide to reflect the process clearly People present (lines said) --------------------------- * fdegir (21) * collabot (4) * yolanda (1) * hwoarang (1) * uli-k (0) * jmorgan1 (0) Generated by `MeetBot`_ 0.1.4