►
Description
[Standing Reminder] Should we cut a release soon?
Not at the moment.
After Docker is complete it might make sense, coordinate via slack.
[JH] 2FA Requirement
US team to pick this up and create an open-source issue for it.
Connecting with other CF cross-company teams and learn how they’re doing it.
Docker Epic
Started it and working through the stories.
Filling in Roles in the future
Consider using “kubectl auth can-i” to validate RBAC rules for each role.
Provisioned Services
Potential future proposal if we end up doing this.
A
C
I
think
we
do
I
think
the
problem
is
they're
gonna
start
requiring
to
factor
off,
which
means
we
have
to
pick
some
second
Factor
and
the
so
the
way
that
we
kind
of
get
around
that
is
instead
of
engaging
a
second
factor
for
our
bot
account.
We
reset
the
password
every
time
we
need
to
log
in,
and
we
just
store
like
some
sort
of
recovery
key
instead
of
restoring.
Instead
of
storing
the
password,
we
store
some
recovery
key.
C
D
B
How
would
the
user
create
PRS
and
all
that
I
mean
if
we
store
that
recovery
key
this?
Wouldn't
that
mean
that
the
user
will
still
not
have
to
factory
enabled
on
their
account,
so
maybe
we'll
be
getting
the
warning
and
if
we
do
enable
two-factor,
wouldn't
the
you,
the
the
bot
have
to
use
the
second
factor
to
open,
PRS
and
stuff,
like
that,
that's
what
I
don't
quite
get.
B
C
B
Hope,
no
yeah,
okay,
maybe
I'm
just
misremembering,
because
yeah
this
me
maybe
sort
of
makes
sense,
because
then
you
can
still
have
service
account
like
access
per
repo
and
they
want
to.
They
don't
want
to
support
both
users,
like
it's
a
user
owned
by
some
human,
that
don't
doesn't
really
use
that
user
for
anything.
B
A
B
B
C
That's
fine
as
well
I
think
we
can
do
it.
We
are.
We
have
it
in
our
mixed
in
with
our
proprietary
junk
in
in
a
different
backlog,
so
we
just
didn't
copy
it
into
the
open
source
backlog,
but
we
can
do
it
and
then
we'll
we'll
have
have
more
concrete
recommendations
about
how
to
log
in
and
whatnot
yeah.
B
D
B
I
wonder
if
that
affects
the
the
public
GitHub
only
or
it
would
also
affect
Enterprise
GitHub
accounts
that
we
have
inside
our
companies
respectively,
but
we
don't
really
have
Bots
there,
I
guess
so.
Maybe
it's
not
so
important
and
anyway
it's
not
important
but
yeah
thanks.
Thanks
for
doing
that,
I
mean
we
could
also
have
done
it,
but
lately
we've
been
also
struggling
between
some
internal
stuff
and
the
docker
epic
and
some
other
small
bits
and
pieces,
and
it's
been
feeling
a
bit
like
you
know.
C
B
Yeah
we
just
we
haven't
really
properly
started
yet
like
we
did
one
story
about
being
able
to
create
Docker
apps
with
the
docker
type
life
cycle,
which
is
just
it's
a
small
one.
Something
that
did
come
up
in
this
one
was
validation,
because
the
this
is
very
weird.
This
is
Victory
API,
because
in
the
I
think
in
the
app
you
have
a
life
cycle
and
it
can
be
either
buildback
or
Docker.
B
In
this,
this
condition
of
validation,
we
were
able
to
to
write
a
custom,
a
small
custom
function
for
validation.
It's
it's
a
bit
weird
because
it's
not
using
their
predicates,
but
it's
just
plugging
in
some
gold
code
with
an
if
not
the
end
of
the
world.
We
I
think
we
wasted
the
whole
day
on
it,
but
we
couldn't
couldn't
really
find
a
better
approach.
Maybe
the
library
needs
appear
or
something,
but
not
critical,
right
now,
just
something
that
didn't
come
up
in
the
spike,
because
we
wasn't
really
touching
these
parts.
B
We
just
hardcoded
the
docker
life
cycle
there,
but
yeah
other
than
that
I,
don't
know,
I
think
the
the
the
controller
part
of
it
is.
Oh,
that
doesn't
doesn't
hold
as
many
surprises,
because
that's
where
we
actually
worked
during
the
spike
and
now
we've
been
dealing
with
the
API,
which
was
we
we
consider
it
trivial
but
yeah.
This
is
what
what
came
up
other
than
that
I.
Think
it's
fine!
B
B
A
I
think
part
of
it
is
just
making
sure,
like
the
roles
that
we
have
are.
The
roles
that
are
like
done
by
the
CLI
automatically
usually
or
are
at
least
close
to
correct,
is
the
general
consensus
on
that.
But
yeah
I
don't
know
I,
don't
know
that
we're
gonna
go
so
far
as
to
do
like
auditor
and
some
of
the
crazy
some
of
the
more
nuanced
roles,
but
you
know
I
think
we're
going
to
dig
in
to
figure
out
what
that
could
look
like
and
and
raise
some
thoughts
on
it.
So.
B
I
think
we
once
we
had
a
discussion
with
Daddy
on
authorization,
I
think
it
was
a
part
of
our
recent
E2
simplification.
Oh
that's,
that's
the
other
thing.
We've
been
doing
some
chores,
meaning
that
not
a
lot
of
product
increment
went
in,
but
anyway
we're
thinking
about
authorization
because
remember
we
cut
down
authorization
test
dramatically
in
the
E3
suite
and
we
thought
maybe
it's
a
good
idea
like.
If
you
want
to
test
rows,
it
could
be
a
possibility
to
write
end
to
end
like
tests
with
that.