BRIDGE: https://zoom.us/j/661303200?pwd=TFdRd0c2MTJUem8xa252UGJHTE1Mdz09
Passcode: 209247
We will start our meetings by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.
Attended | Proxy (w/ @name) | Gov. Holiday | Did Not Attend |
---|
Attendance is taken purely upon #info in Zoom Chat
Individual Contributor | ||||||
DT | Ericsson | |||||
WindRiver | STL | Bell Canada | ||||
Linux Foundation | ||||||
cl664y@att.com - proxy: Amy Zwarico | AT&T | Huawei | ||||
China Telecom | Timo Perala - proxy: Gergely Csatari | Nokia | ||||
Orange | China Mobile |
Agenda Items | Presented By | Presos/Notes/Links/ | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Release Status | Weekly status update | |||||||||||
RelEng/Infrastructure |
| PTL Updates | Subcommittee UpdatesArch, Lab, Modeling, Seccom, Requirements | LFN Cross-Organization UpdatesMAC, SPC, TAC, EUAG, LFN Board | TCC / ONAP Liaison Updates | Task Force Updates | TSC Activities and Deadlines | Upcoming Events & Housekeeping | <Available Slot> |
...
GitLab runners (update from PTL meeting)
| ||
Upcoming Events & Housekeeping |
|
Zoom Chat Log
06:55:25 From Sai Kum to Everyone:
#info Seshu, huawei
06:56:49 From Fred Oliveira to Everyone:
#info Fred Oliveira, Self
07:00:00 From Amy Zwarico to Everyone:
#info Amy Zwarico AT&T - proxy for Catherine Lefevre
07:00:02 From Dong Wang (China Telecom) to Everyone:
#info Dong Wang, China Telecom
07:00:18 From Ranny Haiby (Linux Foundation) to Everyone:
#info Ranny Haiby, Linux Foundation
07:00:32 From Byung-Woo Jun to Everyone:
#info Proxy, Byung-Woo Jun, Ericsson
07:00:50 From Andreas GEISSLER (DT) to Everyone:
#info Andreas Geissler,DT
07:01:03 From N.K. Shankaranarayanan (STL) to Everyone:
#info N.K. Shankar, STL
07:16:13 From Kenny PAUL (LFN) to Everyone:
CFP https://events.linuxfoundation.org/one-summit-north-america/program/cfp/
07:16:34 From Kenny PAUL (LFN) to Everyone:
member discount code: ONE22LFNMEM
07:16:53 From Kenny PAUL (LFN) to Everyone:
https://events.linuxfoundation.org/one-summit-north-america/
07:17:31 From Kenny PAUL (LFN) to Everyone:
https://events.linuxfoundation.org/one-summit-north-america/features/co-located-events/
...
Zoom auto-transcript service - These are often translated incorrectly and can be misleading. They are NOT Authoritative! Information as to why .
They are included here as a time stamp cross-reference for the recording only! The notes above this line and the actual recordings are authoritative.
07:01:58 Oh, Okay.
07:02:15 I seem to have lost my that's why
07:02:28 Okay, Sorry for the delay there. you will all have seen the meeting recording message pop up.
07:02:35 I have no doubt. please keep yourself muted unless you're speaking.
07:02:41 Send me a private chat message. I will cut and paste it into the meeting minutes.
07:02:49 Along with all of the other chat messages with the exception of the exchange between Seshu and I, which was indeed and if
07:03:07 Any trust policy. we'll start off by mentioning it but should be quite familiar with it at this point.
07:03:15 You can find this link from the Lf. and all of the project websites.
07:03:19 This policy is important. we've got multiple companies including potential industry competitors participating in these meetings.
07:03:24 Please review it. If you have any questions please contact your Company's Legal Council, members of the Lfm.
07:03:30 Also contact Andrew up to Grove term, gives more upgrade Llp.
07:03:33 Which provides legal counsel to the Lf. and this policy is, in effect, whether there is a member of Lf.
07:03:39 Staff attending a meeting or not
07:03:52 Okay, David sent out the weekly status update so I'm not sure that we've got much to discuss their release.
07:04:02 Wise. Give me 1 s. I need to kill the
07:04:10 The transcript subtitle window talk about the wiki outage yesterday, and some reling stuff because the wiki was out.
07:04:25 We really didn't populate the meeting minutes beforehand.
07:04:33 So we've got pretty much that and then not much else.
07:04:38 Is there things things that people would like to see added to the agenda today?
07:04:50 Okay, David, and I know you said the out the email.
07:04:56 Any comments on on release or just read the email no I'm i'm pleased to say that after several busy weeks with release matters in the Tsc.
07:05:09 Things quiet, and folks can read the the weekly status update and that's it for me.
07:05:16 Unless there any questions.
07:05:26 Tokidok. thank you David so kevin I see you're on
07:05:37 So you wanna provide everybody with an update on what happened yesterday.
07:05:41 Sure. Hi, Kenny, how are you guys? So yesterday a we basically got an alert that the Wiki page was showing like something like a hack message on the Ui.
07:05:57 So immediately. Vanessa, who wasn't called that day shoot down the conference site and starting to follow that procedure for for this kind of situations.
07:06:10 So she reached the It engineering team. So they I took backups of the let's call it hacked a conflict site, and they deploy it in a safe environment that way.
07:06:24 They did some analytics to see what was run. if it was a real, a hacking or something else, and they found out that it was just some user who was created creative enough to use the Html Macros functionality, for the
07:06:45 comments to push a comment that that is html code, pointing to a an image that was showing that a you got hacked message.
07:06:57 So for doing. Investigation was done on that conference side to see if that was the only affected thing. And they confirmed That was the only issue, like someone just push a comment that was using an image with a hack message And that
07:07:13 was just basically blocking that the whole site. So what the it engineering team did was to well, first brought up again the conference site, delete the comment, identify the user block.
07:07:27 The user A, not only from conference, but also from the identity a system so that users shouldn't be able to log in anymore.
07:07:39 And yeah to that that's pretty much what happened. it wasn't a real high, more like someone a using the the functionality of the confluence side in in the wrong way.
07:07:52 So that that is self is completely solved. The conflict side is back again, is working.
07:07:59 I suspected so, and also that the plugins that are we're allowing these html macros were disabled for safety purposes.
07:08:07 So does that doesn't happen anymore. and Yeah that that's pretty much what happened?
07:08:13 Thanks, Kevin. The The only thing i'd add to that is that we're not sure what content was being supported by those plugins.
07:08:24 So far in working with the wiki since yesterday. I haven't encountered anything that looks like it's broken and I myself, and not use these particular plugins but they're listed there in the
07:08:38 agenda and So if you come across any content that looks like it's broken, or you have used these plugins in the past for content that you've put up you know let us know about it and
07:08:56 we'll see what we can do but for Now these Plugins have been disabled, so the the hack can't be repeated.
07:09:09 So i'm kenny, and David everybody i I would like to weigh in this actually was a successful injection attack.
07:09:15 I mean it was a minor attack because it just said hey?
07:09:17 You've been hacked so you know no real damage was done, but it wasn't injection attack good for disabling the stuff that essentially allowed injection to take place as part of confluence has
07:09:29 have those plugins been disabled on other lf websites that use that use confluence for their wikis?
07:09:40 Yes, right, You know it. team it. Engineering team is working on that, making sure all the other confluence have that those Plugins disable as well. awesome.
07:09:50 Thank you so much, Kevin. Thanks and thanks to the Lf.
07:09:55 It, staff for for responding so rapidly. Yeah, I I mean I was really impressed.
07:10:00 I'm glad that the what we have here amounts to a board kid in their parents basement.
07:10:09 And and it wasn't something larger than that but by my hats off to the it team.
07:10:18 Everybody just did a a absolutely professional job on the triage of that and getting things back up.
07:10:28 So thank you. Thank you. Thank you.
07:10:35 And I mean, this is one of the challenges that we have when we are working in a community where we're reliant on on more essentially to to quote the line from gone with the wind the the the kindness of
07:10:56 strangers. and there's a balance of of accessibility and ease of collaboration, and folks that want to take advantage of that.
07:11:16 Just the state of the world, unfortunately. But Amy, Thank you for your input, Kevin.
07:11:24 Thank you for your work. and thanks to the rest of the it team for taking care of that
07:11:35 I just have a good question. thanks to everyone for fixing this.
07:11:38 Just how long doubted last. It was from about 8 Am.
07:11:50 Pacific. 2. Let me go to this chat window here.
07:11:58 My slack window
07:12:03 It was about an 8 h, 7, 7, or 8 h
07:12:13 Yeah, I have. the times here is this started? Well, we we reported as an issue on the status page at 2253, Utc.
07:12:23 And it was resolved at 1522 Utc.
07:12:28 So it was like a close to 7 h downtime
07:12:37 Thank you. Okay, Anything else on that specific topic from anyone
07:12:50 Okay on the topic of the git lab stuff I think that we're waiting for right now.
07:12:58 Is the the chained ci repo to be populated.
07:13:04 I think that's what's the current state of that that's exactly it that's my understanding Kenny.
07:13:12 I believe Banks sent an email out just earlier suite to a handful of project contacts just to find out if there's any update on that.
07:13:18 But I believe we're still waiting
07:13:28 Of course, if anyone else sending to ads or all those different times, i'm happy to happy to hear any comments
07:13:41 Okay, Matt: Thank you so much. Anything else related to infrastructure
07:13:54 Okay, We're just cranking right along then nothing else here.
07:14:01 So we will go to the we know that that the life cycle.
07:14:09 Is still something that's pending that's probably something that will wait until the fall to dust back off
07:14:18 I'm guessing the big thing coming up the Cfp.
07:14:28 Deadline for the one summit in November is tomorrow.
07:14:37 So alright if you have started putting together a proposal.
07:14:40 Please complete it if you are if you're considering something.
07:14:49 Please get it entered. We have received some feedback.
07:14:54 That some folks are reluctant to submit cfps due to travel restrictions.
07:15:00 This Year's event is intended to be fully in person.
07:15:07 In order to capture the the the conversations in the collaboration.
07:15:10 But even if that is the case that you are concerned about the travel restrictions, please go ahead and submit this.
07:15:20 The Cfp. you can put on the application. that your submission is pending.
07:15:27 Travel approval. and we can take that into, you know.
07:15:33 Take that in consideration. But please do as we assess the global travels situation, you know, and closer to the event.
07:15:42 We you know we'll look at the potential of a accommodating some remote presentations, if necessary.
07:15:51 That's not a guaranteed thing yet. but if you're considering it, please submit it.
07:15:58 I will drop the Cfp link
07:16:04 Copy link address. i'll drop the cfp link into chat window
07:16:17 And the registration is also open. you can use the i'll put this into the chat window 2
07:16:38 There's the discount code for registration and then the registration link.
07:16:49 I will drop into, so we will just have the complete set of links there.
07:16:58 So that's coming up pretty exciting immediately following that event in the same location will be our next developer and test form.
07:17:09 This one will be a 2 day event. rather than one of our 4 day events.
07:17:15 So folks that are thinking about what they want to talk about.
07:17:23 There you can go ahead. And just using the same standard mechanism we always do for submitting submitting topic proposals.
07:17:33 You can go there. go to the Wiki and and put it in
07:17:48 Kenny question. Yes, sir. cool elephant. what is the crap for the for?
07:17:57 The one summit is the the the Cfr.
07:18:01 The Cf. is tomorrow for the developer and testing forum that date.
07:18:06 Hasn't been set yet. so it'll be it'll be closer to the event.
07:18:10 That's. and as as as we know this could community in particular, tends to be a little bit on the procrastination side.
07:18:22 But the the the Dtf committee team will make that determination.
07:18:27 Once we get closer. Generally it's about 2 weeks prior to the event.
07:18:32 Okay, thank you, randy you've always been active in that
07:18:39 But any clarification. Yeah, we always take like, as you said, about 2 weeks.
07:18:46 Just so we have time to prepare the agenda and make it public.
07:18:54 So everybody can prepare this time it's once again a physical one.