►
From YouTube: Mar 7, 2023 - Ortelius General Community Meeting
Description
Topics for this discussion included accepted talks for the Ortelius Team at CDCon as well as meetups. Steve Taylor also introduced Ortelius defined to the hosted DeployHub Team for everyone to begin reviewing and testing.
A
B
B
C
D
B
C
A
B
A
A
E
E
C
C
C
A
A
A
F
A
A
F
E
C
C
A
C
On
a
slideshow,
so
it's
not
terribly
long,
and
anybody
can
use
this.
If
you're
you
know
presenting
someplace,
you
can
obviously
use
the
template,
even
though
the
template
I
don't
know
why
it's
not
working
the
way
it
should,
but
you
can
copy
you
know,
pages
to
get
the
the
backgrounds,
so
I've
been
working
on
messaging
to
try
to
really
kind
of
consolidate
what
we
do,
which
is
really
hard
and
so
far
I've
come
up
with
this
unlock
your
supply
chain,
intelligence,
trapped
across
siled
containers.
C
C
C
We
I've
been
using
this
graphic.
It
seems
to
be
helping
people
understand
what
we
do.
We
talk
about
unifying
the
view
of
an
organization
security
profile
versus
one
container
at
a
time
and
how
we
aggregate
this
critical
security
and
devops
insights
across
the
organization
bringing
in
information
like
CBE
information,
s-fom
information
deployment,
details
and
the
registries.
C
Choice,
you
know
I'm
really
pushing
this
idea
of
you.
Have
the
data
make
it
actionable
centralize
all
your
security
and
devops
and
SCA
data
for
anybody
who
doesn't
know
SCA?
Is
software
composition,
analysis
it's
the
kind
of
stuff
that
jfrog
does
all
the
scanning
use
service
to
impact
you've
you've
used
service?
That's
got
a
typo,
I'm
glad
I'm
doing
it.
You
service
impact
to
all
consuming
logical
applications.
Does.
C
Open
source
package
usage
across
the
organization
assign
release
numbers
to
logical
applications
as
Services
change,
version,
microservices
track,
microservice
version
and
usage
across
all
clusters
and
then
I
sh
I
have
some
screenshots
that
I
added
this
is
an
application.
Level,
s-bomb
and
I
did
add
the
you
know.
How
do
we
answer
the
question?
C
Who
is
using
a
log
for
Jay
I
quickly,
explain
the
pipeline,
where
all
these
tools
are
and
where
we
fit
we
fit
at
the
very
of
the
point
before
release
where
we're
registering
and
cataloging
all
this
information
I've
put
this
architecture
image
that
we've
been
working
on.
I,
don't
know.
If
you
need
to
use
this,
but
it's
out
there,
you
can
always
slide
it
down
and
then.
F
C
I
do
too
and
we,
we
could
potentially
add,
split
this
into
or
this
and
two
and
show
that
we
may
be
eventually
if
the
emporious
project
gets
kicked
off
and
we're
going
to
be
working
with
it.
We
would
have
a
second
a
rainbow
push
I
believe
I
added
the
open
source
security
tools,
landscape
oftentimes.
When
we
do
these
kinds
of
presentations,
it's
not
always
good
to
be
completely
self-serving.
So
This,
I
Gotta
fix
that
it's
got
a
weird.
C
F
All
open
source,
not
just
no
questions,
has
gathered
all
information
prior
to
that,
including
the
published
part
I'm.
Understanding
that
correctly,
you
are.
You
are
okay,
because
I'm
gonna,
because
I'm
listening
carefully.
What
you're
saying
now,
because
I'm
gonna,
usually
slides
tomorrow
and
I'm,
going
to
make
sure
I
use,
correct
sort
of
you
know
wordy
and
description
and
yeah.
C
F
C
F
Yeah
and
I
really
I
really
love
this
Slide
the
slide
deck
when
I
looked
at
it
because
I
feel
like
until
it's
Tillis
has
got
a
little
bit
of
a
different
I.
Don't
know
Direction
at
the
moment,
and
we've
gone
a
different
direction
in
a
good
way,
because
I
just
want
to
use
an
example.
I
was
in
an
interview
yesterday
and
I
was
speaking
to
some
guys
in
in
Denmark
they're,
a
devops
company
and
I,
asked
them
and
I
said
how
do
you
extract
the
information
that
is
locked
inside
your
repos?
F
You
know
your
versioning
and
all
that.
How
do
you
present
that
to
business
people?
Because
there
were
two
people
in
the
interview
which
is
awesome?
One
was
a
tick
like
devops
guy,
another
was
a
business
person
and,
and
they
were
like-
that's
a
really
good
question.
We
actually
they
didn't
know
they
did
that
they
didn't
actually
have
an
answer
and
they
were
so
I
feel
like
well.
Tilious
is
perfectly
fitting
in
that
space
to
help
listeners
understand
the
technology
better,
because
it's
presenting
this
information
that
is
locked,
maybe
known
to
the
engineers.
C
Totally
and
that's
what
that's
basically,
what
we
are
you
know
initially,
we
talked
a
lot
about
tracking
the
deployment
and
tracking
the
drift
of
the
version
drift
of
microservices
across
all
these
these
clusters,
but
we
have
since
added
to
the
once
we
have
that
versioning
engine
we
could
then
expand
upon
it
and
I
think
expanding
upon
it
and
including
all
this
other
kinds
of
data
sets
itself
to
be
a
central
point
of
data.
Gathering.
C
C
C
When
we
think
about
an
organization's
profile
for
security,
we
don't
have
any
way
to
do
that
kind
of
AI,
because
there's
no
local
place
for
that
data.
If,
if
artillius
grew
up,
it
would
grow
up
to
be
a
giant
Hub
of
deployed
data
that
we
could
actually
take
advantage
of
and
do
some
more
intelligent
actions.
So,
for
example,
you
could
use
the
deploy
the
ortilious
data
to
go
out
and
say:
I
need
I
want
a
Helm
chart
that
will
deploy.
C
You
know
these
these
applications
and
it
would
generate
one
for
you
and
put
together
a
workflow
for
you.
Kind
of
like
backstage
is
doing
except
it
would
do
it.
It
would
just
generate
it
automatically
or
it
would
place
it
into
a
CD
events
pipeline
workflow,
where
it
said.
Okay,
your
pipeline
includes
data
Gathering,
and
this
is
where
it
goes.
So,
there's
a
there's
some
interesting
things
we
could
do
if
the
data
gets
out
there,
but
that
is
down
the
road.
But
ultimately,
yes,
Sasha.
That's
where
we're
headed
yeah.
F
C
C
They
want
to
see
the
application
cves,
not
one
one
single
Helm
chart
a
container
now
if
they
put
it
in
artifact
Hub,
and
then
you
put
everything
in
it
together
that
artifact
Hub
is
sort
of
in
in
some
way
competes
with
us
just
for
that
small
piece.
But
that's
why
the
relationship
with
emporius
becomes
interesting,
because
then
we
we
have
a
a
repo
that
we're
actually
interfacing
with
yeah.
C
And
then
we
end
here,
so
it's
out
there
I'll
make
that
little
correction
on
the
screen.
It
has
this.
It's
probably
in
my
white
paper
that
I
wrote,
which
is
terrible
but
I'll
have
to
check
it
out,
and
so
it
should
have
everything
and
if
you're
working
with
this-
and
you
want
to
add
your
own
info,
you
certainly
can.
C
C
B
E
E
A
C
C
G
C
Correct
so
you
can,
you
can
take
some
of
these
slides
so
that
you
can
somewhere
to
start
or
the
deck
the
deck
as
it
is,
is
pretty
complete.
It
has
a
pretty
complete
story,
but
if
you're
doing
something
else
around
security-
and
you
want
to
bring
in
artillius
at
the
end-
or
you
want
to
steal
some
of
these
slides
that
I've
added
for
showing
how
complex
the
security
puzzle
is,
you
can
use
them.
So
it's
just
a
tool.
G
A
G
C
G
G
G
Because
this
is
part
of
the
planning
they
haven't
available
on
the
website,
they
discuss
it
with
the
ambassadors
and
then
the
definitely
provide
a
feedback
so
actually
they're.
Looking
for
the
title
and
the
abstraction
or
kind
of
what
sort
of
Workshop
they
should
be
organizing,
that
is
okay.
This
call
happening
next
Wednesday.
C
G
G
B
C
Get
involved
next
Wednesday
to
make
sure
that
we're
we're
being
included
in
it.
That
was
one
when
I
saw
it
come
through.
I
was
like
I
wonder
what
they're
doing
I
better
I
better
know
about
this
I
also
need.
We
also
need
to
be
added
to
should
also
get
a
spot
on
the
CDF.
What
do
they
call
it?
Pipeline,
with
with
tech,
strong.
B
B
B
C
B
A
B
B
A
B
She
is,
she
was
looking
for
something
to
do,
and
one
of
the
things
that
we
need
to
do
is
add
super
linter
to
the
repositories
to
lint
our
code
base
over
the
weekend.
I
figured
out
what
needs
to
be
done
and
added
that
to
the
issue.
So
please
keep
an
eye
on
Discord
see
if
she
needs
any
help
on
that
front
to
work
with
that.
It
was
interesting.
B
B
C
B
C
C
I
have
added
Sasha
got
added,
Arvin
got
added,
Brad
McCoy
got
added
food
crush,
got
added,
I
did
I,
think
I
said
arvind,
so
you
all
were
added
and
I
sent
you
an
email
that
said:
here's
your
pet,
your
air
user,
ID
and
password.
If
you
want
to
get
involved
in
working
on
this
and
testing
at
this
level,
please
just
shoot
me
an
email
or
Steve
or
put
it
in
Discord.
To
say.
Please
add
me
to
the
artillius
the
in
deploy
Hub
team
I.
B
C
F
B
We've
been
collecting
the
data
for
a
while
now,
so
these
are
all
the
builds
that
have
been
happening.
I
may
go
through
and
clean
up
some
of
this.
Just
because
there's
like
the
website,
we
used
to
have
a
container
and
tracked
the
website
in
documentation.
There's
these
these
the
sample
applications
I,
think
I
may
go
through
and
give
us
a
clean
starting
point.
F
B
B
We're
Gathering
all
the
information
about
the
who
built
it,
where
all
that
fun
stuff
there's
some
stuff
that
we
just
need
to
add
to
the
toml
file
to
pick
up
like
the
chart,
repo,
those
are
like
little
things
and
then
our
readme,
this
one
doesn't
have
a
Swagger.
It
actually
does
have
Swagger,
but
it's
kind
of
buried
inside
of
the
microservice
itself.
B
B
So
we
do
our
checkout.
We
set
up
some
environment
variables,
we
log
into
Quay.
We
actually
do
the
build
of
the
image,
so
this
is
actually
building
the
docker
image
of
the
Python
code
and
then
from
there
Arvin
added
a
vulnerability
scan
to
the
image
and
uploading
those
results
over
to
the
security
tab.
I'll
show
that
in
a
second
and
then
we
go
through
and
update,
do
a
home
command
update
our
home
charts.
So
because
this
is
a
microservice,
it's
the
the
child
charts
that
are
getting
updated.
B
We
commit
those
back
to
the
repository,
so
they're
picked
up
by
the
GitHub
Pages.
We
generate
the
s-bomb
using
a
Snick
and
then
we
go
ahead
and
upload
the
components.
So
this
is
actually
artillius
running
inside
of
this
workflow.
So
we
have
the
s-bomb
I.
Just
don't
know
why
I
have
to
look
to
see
why
it's
not
getting
what's
happening
to
us.
There's
an
error
on
the
s-bomb
part,
but
there's
a
s-bomb
that
we
get.
A
E
E
B
B
E
B
B
So
it's
something
with
Zoom
today,
there's
a
lag,
so
we
have
our
our
Global
artelius
domain
and
then
we
have
our
SAS
and
then
in
SAS,
that's
the
lowest
level.
So
what
I'm
saying
is
under
Global?
We
need
to
build
out
the
open
source
projects
and
have
those
those
be
domains
as
well.
So
under
Global
we
should
have
a
Linux
foundation
and
then
we
may
want
to
have
Linux
foundation
and
underneath
Linux,
Foundation,
CDF
versus
and
another
one
for
like
cncf.
B
Yeah
and
then
the
other
ones
would
be
like
Global
Apache
Foundation
would
be
another
another
domain
that
we'd
want
to
think
about.
That
would
be
at
the
highest
level
as
well
would
be
like
Apache.
Maybe
the
eclipse
Foundation
would
be
another
one
and
the
reason
being
is
we
will
bring
in
actual
dependencies
from
those
organizations
as
well,
not
as
much
on
the
Apache
side,
because
Apache
doesn't
really
have
Docker
images
that
we
are
consuming,
but
we
are
consuming
like
the
eclipse.
B
Foundation
is
providing
us
a
base
image
for
the
jdk,
an
eclipse
jdk
runtime
that
we
use
as
a
Docker
image.
Other
ones
are
like
chain
guard,
one
of
their
some
of
their
images
and
Wolfie.
So
there's
some
other
domains
that
we
need
to
think
about
how
we
need
to
organize
them
and
kind
of
lay
them
out.
We.
C
C
So,
if
you're
interested
in
starting
to
become
a
user
to
help
us
as
soon
as
we
get
you
know
some
of
these
bugs
sorted
out
and
I'm
also
going
to
suggest
that
maybe-
and
we
should
put
this
we're
way
over
time,
but
I
I
should
probably
work
on
a
logo
that
says
ortilius
over
here:
oops
artillius
on
the
left
side
and
then
I
would
we
would
put
powered
by
deploy
him
team
on
the
right.
So
people
know
it's
it's
who's
hosting
it.
B
Yeah
so
and
I
think
when
we,
when
we
get
the
new
UI
sorted
out,
it'll,
be
looks
like
I'm
kind
of
leaning
toward
the
riot
JS
as
the
framework.
The
main
reason
is,
it
is
component
based
based
on
web
components
and
it'll.
Allow
you
to
create
a
web
component
in
any
language
and
bring
it
into
your
site.
So
if
you
want
to
write
that
web
component
in
python
or
node
or
rust,
you
can
do
that
and
bring
it
in.
F
B
B
As
we
move
from
a
commit
on
a
microservice.
For
example,
that's
going
to
trigger
a
a
build,
a
new
child,
subchart
update,
and
then
it
comes
back
around
as
a
parent
update
and
then
from
there.
We
need
to
make
sure
that
that
version
is
when
we
deploy.
It
is
recorded
accurately
in
the
database
and
all
the
s-bomb
data
and
stuff
like
that.
D
B
F
B
B
F
F
B
B
B
B
B
B
That
was
a
breaking
change
for
us
yeah
exactly
but
there's
because
we
in
when
we
go
forward
with
the
new
architecture,
I
think
we
have
like
16
or
20
microservices.
That
will
need
to
keep
an
eye
on
on
all
this
automation.
That's
happening
that
we
have
to
kind
of
go
in
and
say
yes,
I,
agree
with
that.
F
B
D
B
B
B
F
F
B
D
B
F
F
B
F
C
E
C
And
everybody
I
am
going
to
be
sending
off
a
a
vote
for
our
favorite
studio,
ortillas
contributor.
So
please
make
sure
you
vote
and
then
there
will
be
a
vote
for
Ambassador
asym
has
been
nominated
and
we
nominated
Steve
for
the
top
CDF
contributor.
So
if
you
get,
if
you
see
those
votes
come
through,
please
take
care
of
it
right
away.