►
From YouTube: App Runtime Deployments Working Group [March 23, 2023]
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
so
hello
Stefan,
then
let's
begin,
let's
have
a
look
at
last
meeting
minutes,
so
the
bot
users
so
I
think
Dave.
You
have
accept
all
the
arc
invitations.
Yes,
that
should
be
fine,
okay,
but
we
still
need
to
hand
over
the
credentials
so
that
I
can
store
them
and
okay.
We
can
do
this
offline
later
or
you
just
post
it
in
the
in
a
private
Channel
and
then
I
would.
B
B
C
A
We
have
we
have.
We
have
at
least
G
Cloud
Google
addresses
for
the
deployment
Group,
which
are
already.
You
saw
something
else.
I
think
one
is
for
the
AWS
account
and
I.
Don't
know
what
the
other
one
is
for,
but
we
have
email
addresses
and
we
have
access
to
them
and
one
is
for
for
the
docker
private
repository
account.
A
So
it's
it's
yeah
I,
don't
know
where
I've
stored
them
somewhere
in
our
world.
So
we
could
use
that
yeah
if
possible.
Okay,
okay,
so
yes,.
A
So
right
now
it's
accessible
yeah
as
to
what's
the
secrets
in
our
sap
world,
so
yeah
group
members
which
belong
to
sap
can
see
the
emails
yeah.
It's
still
the
problem
that
we
don't
have
a
good
common
walls
for
everyone.
Yeah
do.
D
We
have
like
a
team,
a
working
group,
email
Alias-
that
just
goes
to
everybody,
because
that's
what
the
old
pivotal
ones
were:
they're
not
actually
separate.
Email
addresses
the
email
accounts.
They're
just
mailing
lists
that
forward
to
everyone
that
was
on
the
team
and
so
I
have
you
know:
I
get
those
emails
because
I
used
to
be
on
that
team
yeah.
So
if
we
had
something
that
would
just
send
an
email
to
everyone,
that's
in
the
working
group,
all
of
the
approvers,
then
we'd
all
get
the
email
and
then
whoever
was
triggering
it.
D
A
C
Can
you
write
open
a
ticket
on
the
TOC
project
on
the
community
project
to
to
request
that
and
then
I
would
hopefully
this
time
not
forget
to
put
it
on
the
agenda
for
the
next
DLC
meeting
to
to
come
up
with
something
I
mean
it
makes
definitely
sense.
It's
also.
A
C
A
solution
to
store
now
some
new
credentials
in
an
sap
Vault
instead
of
in
VMware,
but
it's
the
same
problem
I
mean
we
would
need.
Let's
say
we
could
also
use
Cate
ups,
that
we
installed
as
part
of
concourse,
something
where
everybody
has
success
or
don't
know
what
exists
otherwise.
A
D
A
A
C
B
Okay,
yeah
in
the
ideal
case,
is
that
everyone
gets
the
emails
so
that
we
can
all
log
in
I'm
I'm
not
like
I,
wouldn't
be
too
upset.
If
just
you
had
access,
but
it's
it's
just
not
the
most
ideal
case,
but
it
might
be
a
short-term
fix
for
the
solution.
I
just
don't
know
what
these
I
honestly
don't
know
what
these
Bots
have
permissions
to,
because
they've
been
around
for
so
long.
It
might
be
better
to
create
some
new
Bots
and
start
fresh.
B
A
C
D
C
Here
Ruben
is
currently
working
on
on
a
script,
if
I
remember
correctly,
to
remove
all
those
direct
users
on
that
that
have
some
rights
so
that
everything
is
only
governed
by
the
groups.
And
then
we
are
clean
for.
D
C
Mean
we
can
also
decide
to
say
we
keep
the
Bots
SAR.
We
create
a
new
bot
with
a
new
email
address
Etc.
Once
this
is
clarified,
then
we
onboard
this
new
bot
and
then
we
try
to
get
rid
of
the
old
Bots.
That's
another.
Hopefully.
B
More
safe
approach,
I
I,
tend
to
like
that
a
little
better,
because
then
we
can
start
from
the
ground
up
with
some
new
new
Bots
and
we
could
start
to
use
just
just
the
one
bot
everywhere,
instead
of
having
like
three
Bots
all
over
different
repositories,
yeah.
A
B
C
B
I
cfk,
but
we
can
probably
remove
from
even
right
access
that
we
don't
even
use
that
as
a
bot.
It's
just
an
old
tool
that
used
to
link
GitHub
to
tracker
to
help
create
automatically
create
tracker
stories.
It
doesn't
do
anything
in
our
automation.
C
D
D
A
Okay,
good,
okay,
then
we'll
plan
to
clean
this
clean
up
the
bot
a
mess
as
good
as
possible.
A
A
So
this
is
the
current
state.
There
are
no
credentials
in
here
right,
yeah,.
C
A
These
three
technical
repositories
had
to
be
excluded
because
they're
used
for
maintaining
locks
and
versions
and
bubble
States.
He
of
course,
Branch
protection
doesn't
make
sense,
and
now
we
still
had
the
problem
that
pushing
to
git
repositories
with
deploy
Keys
did
not
work,
and
this
is
quite
heavily
used.
A
A
Yeah,
so
what
working
is
the
following?
So
we
have
branch
protection
rules,
so
we
have
for
the
main
branch
and
for
the
default
branch
which
is
developed
here
not
for
release
candidate.
So
for
main,
for
example,
we
have
now
require
pull
request,
require
approval
and
and
end
and
yeah.
So
what
if,
if
do
not
allow
bypassing
the
above
settings,
is
checked?
This
is
checked
by
the
branch
protection
rules.
Then
you
cannot
push
with
a
deploy
key,
but
if
you
uncheck
this
manually
for
now,
then
pushing
with
a
deploy
key
is
possible.
A
A
Question
was:
why
did
we
start
to
use
deploy
keys
at
all?
Does
anyone
remember
of
you
just
because
it's
more
convenient
or.
D
Yeah
I
think
so
I
think
this
even
predates
my
time
on
the
team,
but
yeah
I
I
assume
that
it
was
considered
best
practice
at
the
time
compared
to
yeah.
D
D
C
The
disadvantages
that
you
cannot
add
deploy
keys
to
these
exception
lists
like
we
can
do
for
bots.
So
these
are
the
their
pros
and
cons.
Yeah
I
mean
we
can
add
to
to
just
continue.
We
can
have
a
special
configuration
for
CF
deployment,
that's
no
problem
and
some
of
the
moves
with
admin
access.
That's
that
can
be
done.
That
is
probably
the
fastest
solution
to
get
the
pipeline
working
again
with
sponge
protection.
As
a
consequence,
all
admin
users.
That
means
basically
the
TOC
and
Johan-
have
no
Branch
protection.
They
can
commit
directly.
A
C
I
can
also
open
a
ticket
here
and
discuss
that
in
the
TOC.
How
what
we
would
like
to
recommend
to
the
projects
either
using
Bots
and
then
benefit
from
a
let's
say,
better
Branch
protection
or
recommending
these
deploy
keys
for
certain
use
cases,
and
then
you
have.
Maybe
if
that
is
more
secure,
I
I,
don't
know
the
advantages
disadvantages
here
and
you
can
what,
but
then
you
cannot
have
Branch
protect
requirements.
That's
the
options
that
are
on
the
table,
presumably.
D
C
D
B
That
works
I'm.
Fine
with
that
I
know
a
lot
of
other
repositories
that
already
have
Branch
protection
rules
that
are
not
automatically
applied
within
Cloud
Foundry
use
that
approach
I've
never
seen
deploy
keys
in
Cloud
Foundry,
except
for
cfd
one
like
nice
little
benefit
is
that
sometimes
I
get
alerts.
Saying
like
the
the
person
who
created
the
key
like
Chang
Cheng
Drew
is
I,
think
there
sometimes
I
get
an
alert.
That's
like
Chang
Drew,
like
kind
of
release
of
cfd
and
I'm
like
why.
D
C
Is
yeah.
D
D
C
That
can
be
done,
I
mean
one
pair
from
from
the
automation
point
of
view.
It
only
makes
sense
if
you
have
multiple
areas,
because
you
can
have
a
what
team
per
working
group
area.
Otherwise
you
have
five
users,
but
all
the
five
users
have
the
same
rights
in
one
because
they're
management,
one
team,
but.
D
D
C
D
B
C
A
Good
I
guess
it
makes
sense.
So
one
new
bot
news
up
with
proper
access
right
and.
D
A
Proper
configuration
and
email
to
everyone,
okay,
good,
it's
a
little
bit
of
effort,
but
then
we
should
have
really
cleaned
up
things:
okay,
good,
okay:
let's
move
onward.
C
Okay,
yeah
I,
remember
actually
is
a
PR.
I
have
opened
the
pr
for
the
documentation
and
that
got
merged
out
of
a
sudden.
Okay.
C
C
So
from
my
point
of
view,
this
thing
is
now
sorry
yeah
I,
just
cast
it
on
copy
open
Office
hour
and
I
discussed
it
last
time
here
in
the
working
on
time
deployments
working
group
meeting
and
yeah,
we
said
we
don't
see
any
reasons
not
to
document
this
CF.
A
Good
so
then
our
fs4
topic,
yes,
okay,
step
one,
so
we
will
hopefully
shortly
begin
with
that
one
that
is.
D
A
A
And
yes,
we
will
provide
fs3
Ops
file
for
those
who,
like
to
change
back,
okay,
yeah,
so
no
problems
here,
except
for
the
latest
FS
score
release.
I
will
come
to
that
in
a
moment.
A
We
will
adapt
the
validation
so
that,
yes,
everything
is
tested,
so
everything
that
runs
here
all
the
cats
tests
will
run
with
fs4
and
for
a
short
time
here
in
the
bionic
stem
cell
we
can
run
the
cats
with
fs3
Okay.
So
no
problem
here
Carson,
you
migrated
Concourse
task
to
go.
120.
B
Yep,
a
center.cfdev
mailing
list
blast
no
one
said
anything:
I
waited
a
week
and
then
merged
the
bump
to
go
120.
so
it
broke
it
broke
one
or
two
things
like
up.
Timer
was
starting
to
complain
it.
There
was
something
weird
and
up
timer
that
was
like
120
specific
I.
Forget
it
didn't
like
it
so
I
fixed
that
everything
else
been
relatively
solid,
I
haven't
noticed
any
other.
Any
other
issues.
A
Okay,
good
fine
should
kill
bionic
stem
cell
yeah,
okay.
We
know
that
good.
So
and
let's
check
my
cheat
sheet,
we
have
the
Potter
codes.
A
So
this
is
the
latest
or
now
the
official
fs4
release
and
it
comes
with
a
few
breaking
changes,
so
they
remove
Ruby
and
hyphen
from
the
stack.
A
A
A
So
these
are,
these:
are
the
Cloud
Foundry
acceptance
tests
running
on
fs4
and
now,
since
this
1.1
release
5
build
pack,
detection
tests
are
failing
and
all
of
them,
because
Ruby
or
Erp
is
not
found
anymore
on
the
stems
or
on
the
stack.
A
Php
build
pack
should
actually
work,
so
it
says
here:
460
is
supposed
to
work.
I
wanted
to
test
it
manually,
but
the
deployment
has
not
finished
so
here
we'll
have
to
check
again
and
then
we
still
have
our
binary
acceptance
tests,
which
indeed
uses.
Let
me
just
get
the
right
asset
binary.
A
So
the
binary
test
app
uses
Ruby.
C
And
published
CF
Linux
fs4,
so
I
would
ask
first:
do
we
have
somewhere
a
ticket
or
requirement
that
shows
us
why
this
was
removed
because
actually
I
mean
if
we
roll
this
out
and
a
customer
application
relies
for
whatever
reason
I
mean
it's
strange
reasons,
but
still
on
the
Ruby
or
python
runtime
being
available.
C
C
Yeah,
so
I
would
put
that
at
least
on
the
it
was
the
TOC
and
I
would
not
consume
this
version
before
this
is
not
clarified
and
yeah.
C
Somehow
Public
Communication
about
this
fact
I
mean.
Maybe
there
are
reasons
that
I
don't
know.
That's
that's
all
good
from
security
point
of
view.
It's
probably
a
good
idea
to
remove
those
two
runtimes
and
keep
it
as
Slim
as
possible.
I,
don't
want
to
question
that.
But
I
think
the
point
in
time
where
it
is
done
is
too
late.
Yeah,
it's
it's!
Okay!
You
can
we
see
here
now
the
versions
0.74
and
now
it's
1.0.
One
could
argue.
This
is,
let's
see
1.0
version
yeah.
Why
not?
C
A
B
A
For
an
answer
this
is
already
automatically
consumed
by
the
Sea
of
deployment
automation.
C
Let's
see
what
comes
as
an
at
least,
then
we
have
a
ticket,
we
can
reference
it
and,
if
it's
necessary
to
roll
it
out,
for
whatever
reason
yeah
yeah
augmentation
from
the
runtime
group
could
be.
It
was
a
0.74
version.
Before
and
now
it's
a
1.0,
that's
right,
and
then
it's
actually
yeah
such
incompatible
changes
are
still
okay,
and
this
is
a
one
dot.
O
o
and
1.10
version
I
mean
yeah.
That
was
basically
a
back
writer
and
due
to
solve
this
process.
A
A
Of
our
tests,
You
could
argue
that
it's
tests
like
these,
which
assume
that
we
have
Ruby
in
place,
we're.
C
A
A
C
But
again,
I
would
simply
then
open
box
on
those
build
packs
because
they
are
all
in
the
same
working
group
and
actually
all
in
the
same
working
group
area
and
yeah
needs
to
be
fixed.
Before
we
can
release
the
these
yeah.
A
Yeah,
this
is
really
a
bit
surprising.
I
have
no
idea
why
they
do
this
right
now
and
then
not
earlier,
and
I
have
absolutely
no
idea
how
many
people
rely
on
the
Ruby
or
Erp
executable,
for
whatever
purpose
so
could
break
a
lot
of
things
not
only
during
the
build,
but.
B
A
Yeah
dude,
apart
from
that
the
last
releases
where
I
think
not
so
spectacular,
so
this
one
is
I,
still
need
a
review
of
an
approval
for
for
this
repair
default
practice
made.
Okay,
then
so.
D
A
A
Yes,
there
is
a
CLA
issue,
so
just
to
clarify
what
I
did
here,
the
update
stem
cell
Miner
build
failed
because
it
couldn't
push
to
Main
and
what's
what's
also
missing,
is
the
release
on
GitHub
I
did
this
manually?
That
was
no
problem.
Fixing
the
deployment
version
in
the
same
web
project
I,
also
fixed
manually
and
now
what's
missing,
is
the
merge
back
from
Main
to
develop
so
that
we
have
the
updated
manifest
version
and
the
updated
stem
cell
version
on
the
develop
Branch.
A
Without
that
we
couldn't
do
the
next
release,
and
this
is
what
I
did
here
so
I
just
merged
from
main
to
attempt
to
a
a
new
branch,
and
this
should
now
be
merged
into
develop
so
that
we
have
the
three
automatically
created
commits
on
develop.
But
of
course,
those
have
been
created
by
the
bot
with
a
deployed
and
yeah.
A
A
The
CLA,
whatever,
if
not
I,
just
override
it
yeah.
Okay,
then,
let's
just
override
it.
It's
probably
the
ugliest
PR
ever
done,
but
okay.
A
B
A
Yeah,
absolutely
good,
so
I
think
we
should
now
be
in
a
consistent
State
again.
The
release
is
here.
B
One
okay,
one
one
weird
thing,
though,
looking
at
the
did
did
you
make
it
looks
like
the
release.
The
GitHub
release
is
tied
to
a
commit,
that's
not
actually
on
Main,
so
the
release
is
tied
to
a
commit
that
is
untethered.
B
C
I
mean
it's
only
an
issue:
if
you
have
loans
repository
and
you
have
fetched
the
stack
already,
then
you
won't
get
it
again
and
you
have
the
wrong
commit.
Then
you
know
I
think
this
will
see
the
background.
A
You're,
a
good
Creator
yeah
create
a
dummy
release
with
the
next
changes
and
tell
people
not
to
use
this.
Is
that
better?
B
C
We
can
yeah
say
sorry:
we
had
to
do
something
due
to
Broken
whatever
yeah,
because
then
it's
at
least
the
repository
is
in
a
consistent
State
and
if
somebody
fetches
this
release
and
uses.
B
C
C
Mean
it's
not
even
announced
okay
yeah
you
can
you
find
it,
of
course,
in
the
I,
don't
look
at
release,
notes,
I,
usually
look
at
the
releases
if.
D
A
C
A
Yeah,
okay,
good
so
yeah,
then
that
should
be
fixed.
However,
with
the
current
Branch
protection
rules,
if
they
enable
this,
do
not
allow
bypass
again
and
a
new
stem
cell
comes
in,
we
have
the
same
problem
again.
A
C
Once
we
have
this,
what
user
or
oh
no
alternative
would
be
that
we
change
now
to
one
of
the
existing
bot
users.
A
Use
the
existing
support
users,
but
then
I
would
need
an
access
token.
B
It
isn't
it
in,
isn't
it
in
one
of
the
things,
then
we
have
the
bot
user
stuff
in
credit,
Hub
already.
B
A
A
A
A
B
A
A
A
Urgent,
yes,
okay,
so
adding
it
to
the
bot
list
is,
should
then
be
easy.
This
is
already
automated
and
working
hey,
good
yeah,
but
but
we
can
simply
do.
Is
we
just
pause?
This.