►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
to
our
container
security
group
meeting
looks
like
I've
got
the
first
item,
so
I'll
go
ahead
and
kick
it
off.
I
created
a
small
epic,
around
tech,
debt
and
performance
improvement,
performance
improvements
for
the
alert
dashboard
that
we
just
released.
A
I
think
between
zamir
and
john,
they
had
a
few
suggestions
and
the
maintainers
had
some
suggestions,
just
kind
of
small
things
that
ended
up
getting
pushed
out
from
the
initial
mvc.
So
we
want
to
make
sure
to
address
those
and
not
leave
those
hanging
too
long.
A
So
I
just
wanted
to
walk
this
through
planning
breakdown
and
make
sure
there
are
are
not
any
open
questions
or
unanswered
items
with
this
one.
So
this
one
has
three
basically
issues
in
it.
I
rolled
those
up
just
to
summarize
them
up
here
on
the
epic.
A
Updating
the
version
of
hubble
scoping,
the
validation
of
fingerprint
uniqueness
to
domain
there's,
like
some
odd
edge
case,
that's
really
unlikely,
but
we
could
run
into
a
fingerprint
collision
in
some
really
rare
circumstances
and
then
just
some
general
code
refactoring
to
make
it
work
a
little
bit
better
and
more
performant,
avoiding
some
expensive
calls
and
then
at
the
end
of
course,
we
will
want
to
run
another
manual
end-to-end
test
once
we
get
done
with
all
of
that,
just
to
make
sure
everything
still
works
and
that
our
our
fixes
didn't
break
something
else.
B
I
think
we
are
comfortable
moving
this
one
to
refinement.
The
first
two
items
is
basically,
as
you
said,
just
performance
stuff.
Dmr
was
the
first
time
I
opened
was
like
2000
lines.
So
then
I
didn't
want
to
add
this
little
stuff
over
there
yeah
and
then
the
the
fingerprint
one.
C
I
have
a
quick
question:
we
created
this
follow-on
epic,
which
was
originally
around
design
changes.
It
was
supposed
to
be
pretty
front-end.
Only.
We've
got
a
couple
of
issues
that
have
crept
in
there
because
they
don't
know
where
else
to
live.
Should
that
aren't
design
issues
should
they
move
here?
They
put
them
in
the
agenda.
C
C
C
Just
the
two:
it's
the
l7
support,
which
is
a
back
end
issue
that
I
think
samir
is
already
working
on
and
the
end-to-end
testing,
which
you
know.
I
know,
we've
had
other
conversations
about
and
would
help
us
for
this
type
of
work
as
we're
making
more
performance
improvements
to
have
automated
and
then
tests
in
place.
A
Yeah,
that's
a
good
question.
I
don't
know
that
these
would
really
be
tech
dead
items
either
while
end-to-end
testing
might
be.
Maybe
we
just
move
these
into
their
own
epics
since
you're
right,
they
technically
don't
really
belong
in
this
bucket
either.
So.
A
Yeah,
that's
a
good
point,
yeah.
Why
don't
we
just
move
these
out?
I
I
can
update
that
I'll
move
these
out
of
here.
I
don't
know
that
they
belong
in
this
one
either,
but
maybe
we
just
moved.
C
A
Yeah,
I
agree,
I
think
the
the
l7
support
is
really
it's
a
follow
on
more
of
like
a
feature
enhancement
and
it's
not
a
design
update.
It's
just
other
follow-on
work,
so
maybe
I'll
just
move
that
out
to
stand
on
its
own.
B
Just
support
storage
interactive
over
there
l7
is
implemented,
I'm
just
waiting
for
it
to
get
deployed,
so
I
can
test
it.
So
probably
the
tag
is
on
verification
or
something
over
there.
A
A
C
A
All
right,
so
that's
all
I
have
for
that.
One
annabelle
has
some
designs
to
walk
through
if
it's
okay
before
we
kick
that
off.
Actually
I
stopped
sharing
my
screen
too
fast,
just
for
a
little
bit
of
additional
context
on
this
one.
A
As
you
remember
last
week,
we
did
our
walk
through
of
this
big
dast
project
level
scan
executions
policies.
Epic
annabelle
is
working
on
designs
for
phase
three,
so
this
isn't
really
ready
for
planning
breakdown
yet,
but
we
have
some
designs:
it's
been
in
the
design
workflow
state
for
a
while,
and
we
just
want
to
talk
those
through
with
the
team
and
probably
we'll
put
this
through
planning
breakdown
next
week,
but
this
would
be
phase
three
when
we're
still
storing
everything
in
that
repository,
the
permissions
are
still
managed
in
that
separate
repository.
A
So
again,
I
just
wanted
to
set
some
context
where
we're
talking
about
this
third
iteration
and
we're
not
trying
to
move
it
to
the
refinement
state
yet,
but
just
wanted
to
walk
through
some
of
our
thoughts
there
and
get
feedback
from
the
team.
D
Yeah,
so
thanks
for
updating,
I
had
mvc
phase
two,
so
this
is
part
three
I'm
going
to
show
I'll
share
my
screen
and
just
please
let
me
know
if
there
are
any
edge
cases.
I
am
missing
or
any
other
things
that
come
up.
D
I
linked
to
the
issue
in
the
agenda
too,
so
you
should
be
able
to
see
all
the
designs
here
and
you
can
comment
on
them
if
you
want
to
so
for
phase
3
we're
going
to
have
the
project
selector
isn't
going
to
be.
This
is
the
page
that
you
would
previously
be
seeing
just
the
project
selector
and
then
you
would
go
to
your
other
repo
and
set
up
your
stuff.
Now
we're
going
to
have
the
the
page
display
all
of
the
policies
that
are
associated
with
that
project.
D
If
you're
oh
wait,
if
you're
new
to
the
page,
you
should
see
this
empty
state.
The
illustration
is
still
that's
just
a
placeholder,
but
you
can
select
your
project
and
then
create
your
first
policy
from
this
page,
and
this
is
for,
if
the,
if
the
project
has
no
policies
associated
with
it,
I
think
that's,
that's
that's
the
correct
flow
and
then,
if
you
come
back
to
the
page
later,
you
should
see
either.
If
you
don't
have
any
policies.
D
D
D
There
have
been
a
couple
small
ui
tweaks
enabled
if
it's
enabled
you'll
have
this
check
mark
if
it's
pending
approval,
which
is
something
that
I
think
will
happen
in
another
iteration,
we'll
have
a
different
icon
and
then
we'll
have
that
drawer
that
we
already
have.
You
can
edit
the
policy
you
can't
edit
the
scan
or
the
profiles
from
here
yet
and
then
here's
the
yaml
only
version
you
can
update
your
policy
or
create
a
new
one
from
here
and
if
there
is
a
namespace
or
sorry,
not
a
namespace
collision.
D
If
we
already
have
that
name
somewhere
in
that
project,
then
you'll
have
an
error.
State,
I
think,
that's
all
the
states
for
that.
A
This
would
be
merging
the
new
security
and
compliance
policies
page
with
what
we
have
today
under
the
policies
tab
in
threat
monitoring.
So
this
would
bring
it
all
into
one
spot,
whereas
with
our
first
mvc,
it
still
is
going
to
be
sort
of
split
we're
going
to
have
two
policies:
sections
in
the
ui.
This
will
bring
it
all
together
into
one
location.
E
A
So
one
of
the
requirements
of
this
epic
is
if
they
go
to
create
a
new
policy.
If
they
don't
already
have
a
policy
project
associated,
then
we're
going
to
automatically
create
that
for
them
and
automatically
link
it.
So
they
don't
have
to
worry
about
doing
that.
So
that'll
just
be
a
behind
the
scenes.
Thing.
There's
no
ui
involved
in
that.
But
if
they,
you
know
suppose
they
come
to
this
page,
they
only
have
network
policies,
no
scan
execution
policies
at
all.
They
hit
new
policy.
They
make
a
new
scan
execution
one.
E
Right
so
say
so,
just
just
so
I
make
sure
I
understand
this
if
I
create
a
new
project
and
I
want
to
create-
and
I
want
to
create
a
network
policy
when
I
go
to
the
policies
page,
what
view
am
I
going
to
see?
Am
I
going
to
see
this
first
time
user.
A
A
A
Policy
page
yep,
it
it'll
take
you
to
that
there
on
the
right
and
up
there
you
can
pick
your
policy
type,
either
scan
execution
or
network
policy.
If
it's
a
network
policy,
it's
just
written
directly
to
the
kubernetes
cluster.
If
it's
a
scan
execution
policy,
then
we
would
automatically
create
that
security
policy
project
for
you
behind
the
scenes
and
link
it
up
and
put
it
in
the
yaml
file
got.
E
D
D
I
wrote
leave
it
blank,
but
no
one
really
reads
help
text,
so
I
may
have
to
rethink
that,
like
I
didn't
think
I
was
just
thinking
scan
execution
policies
because
I'm
usually
on
dash
anyway,
so
I
wasn't
thinking
of
the
other
policies,
and
this
is
a
little
confusing
I'll
think
about
that
one.
I
have
a
question.
D
I
was
just
gonna
say
too:
I
I'm
not
actually
clear
on
when
you
see
this
page,
it's
not
that
you
don't
have
any
policies
created
with
that
project,
because,
if
you've
already
kind
of
seen
this
page
you'll
see
you'll
see
this
empty
state.
This
should
not
be
here.
So
you'll
only
see
this.
If,
if
you're
a
no,
when
would
you
see
this.
B
A
Yeah
we
could
just
keep
the
empty
state
that
you
have
down
and
to
the
right
that
might
be
a
better
empty
state.
A
D
That
might
be
nice,
because
that
makes
that
that
selecting
a
project
thing
is
a
little
a
little,
not
awkward,
but
it
can
be
a
little
strange.
So
it's
an
option.
You
can
do
that,
but
also
we're
going
to
auto,
create
it
anyway.
If
you
don't
so,
I
like,
I
think,
that's
actually
better.
Okay,
we'll
do
this
as
an
empty
state.
E
Samir,
I
think,
the
last
time
I
was
talking
to
you
about
the
policies
tab
is
sort
of.
When
you
create
a
new
project.
You
get
two
policies
for
free
right,
you
get
like
drop
ingress
or
something.
A
Yeah,
okay,
so
drew
so
I
mean
unless
they
went
in
and
deleted
those
I
mean
we
still
want
to
code
for
an
empty
state
because
they
could,
I
suppose,
go
in
and
remove
them,
but
totally
I
agree
with
that.
It
would
be
unlikely
that
they
would
hit
that
empty
state
unless
they
actually
did
some
stuff
to
like
outside
of
a
normal
workflow
it'd
be
an
edge
case.
B
Okay,
but
that's
to
a
good
point,
alexander,
because
we
would
remove
that
feature
right.
We
would
lose
that
feature
out
of
the
box
network
policies.
B
Yeah,
if
we
move
to
this,
if
we
move
everything
to
this
screen
that
we
have
right
now,
then
how
we
are
going
to
add
those
policies
here.
B
But
not
the
out
of
the
box
network
policies
because
they
are
not
deployed
in
the
cluster.
A
B
Nowhere
they're
just
templates
that
we
have
on
javascript
and
and
we
deploy
them
by
demand
so.
E
You're
making
me
question
everything
about
that.
I
know
about
that
tab,
so
I'll
have
to
look
and
do
that.
I
did
not
realize.
A
E
D
Thanks
yeah,
so
if
you
have
any
other
comments
or
questions,
please
put
them
on
the
issue.
I
link
to.
C
So
I
have
to
apologize.
This
is
coming
very
late.
This
is
a
conversation
we
should
have
had
a
week
or
two
ago,
ideally,
two
weeks
ago,
given
when
we
start
working
on
the
milestone,
it
was
brought
up
during
our
retrospective
that,
because
we
often
plan
things
very
far
in
advance
and
go
through
the
refinement
and
then
sort
of
context
switch
to
other
things
that
were
higher
priority,
that
it
would
be
good
to
come
back
to
these
items
as
sort
of
a
kickoff
at
the
beginning
of
the
milestone.
C
So
last
week
we
did
this
for
threat
insights.
We
just
very
quickly
went
through
the
list
of
front-end
and
back-end
issues
in
the
milestone,
and
the
plan
was
to
do
this
today
for
container
security.
So
does
anyone
think
that
doesn't
make
sense
or
have
questions
on?
Why
we're
gonna?
Do
this
real,
quick.
C
Nope,
okay,
I
don't
feel
like.
I
am
necessarily
the
best
person
to
be
speaking
to
all
of
these
things,
but
I
do
have
the
tabs
up
and
I
can
share
and
if
zamir
and
alexander
can
help,
I
thought
for
the
front
end
issues,
since
there
are
so
few
epics
that
it
might
make
sense
to
look
at
them
doing
the
group
by
epic
feature,
which
I
love
when
there's
not
20
epics
listed
in
a
milestone.
C
So
you
know,
we've
still
got
some
mvc
for
the
well
we've
got
at
the
top
of
the
list
is
the
pipeline.
Sorry,
the
death
scheduled
scan,
work
and
alexander.
These
are
both
blocked.
Is
that
correct.
E
I
was
on
vacation
for
two
days
so
that
might
have
changed,
but
as
far
as
I
know,
yes,
the
back
end
work
is
still
being
completed.
For
these.
I
am
able
to
do
a
lot
of
the
work
without
it,
so
I'm
still
moving
forward
with
them
and
cleaning
everything
up,
but
yes,
they're
still
blocked
by
the
back
end.
Work.
C
Okay,
given
how
many
items
that
you
have
listed
in
the
ready
for
development,
my
main
question
was:
do
you
have
other
things
to
do
while
you're
waiting
for
the
back-end
work
to
be
done,
but
it
sounds
like
since
you're
able
to
move
forward.
That's
not
really
an
appropriate
question
and
then
there's
a
few
items
that
were
listed
with
no
epic.
So
the
bug
around
supporting
l7
policies
in
the
front
end
and
then
a
couple
of
follow-ups.
E
Yeah
you
can
assign
that
l7
issue
to
sam,
as
he
has
put
up
some
code
for
it
and
seems
to
be
completing
it.
But
I
will
review
the
other
ones.
C
Okay,
great
thanks
and
then
there
is
one
issue
in
refinement.
So
it's
also
follow-up.
I
don't
know
if
we
need
to
talk
about
it
here
or
not.
E
And
we
can,
I
can
do
it
asynchronously,
okay,.
C
And
just
to
add,
this
is
an
activity
that
tiago
and
I
usually
do
with
the
pms
at
the
beginning
of
the
milestone.
So
the
fact
that
we
were
doing
this
kind
of
in
private
was
a
sign
that
should
have
been
done
publicly
in
the
first
place.
So
with
the
back
end
issues,
I
did
not
do
the
group
by
epic,
because
there
are
so
many
more
issues.
Zamir.
Would
you
be
so
kind
as
to
help
walk
through
the
items
that
are
at
least
in
ready
for
development?
C
C
B
Yeah,
so
in
general,
most
of
these
features
that
are
there
they're
related
to
the
git
lab
container
scanning
that
we're
going
to
develop
based
on
3v.
So
a
couple
of
issues
there
in
development,
a
couple
of
issues
that
are
ready
for
development,
a
couple
of
issues
that
are
in
refinement
just
because
they
depends
on
what's
ready
for
development
or
in
dev,
but
we
we
have
nothing
blocked
there.
C
C
Okay,
I
can
help
look
for
those
we
can
reach
out
to
jim.
Hopefully,
he'll
watch
this
video
and
we
can
get
those
corrected
and
added
to
this
this
view,
and
that's
the
extent
of
what
this
was
supposed
to
be,
hopefully
nothing
that
you
see
when
we
do.
This
is
going
to
be
a
surprise
and,
like
I
said
before,
we
plan
to
do
this
much
earlier
in
the
milestone
in
the
future
and
get
feedback
on
whether
this
is
helpful
or
not.
So
thank
you.
D
I'm
sorry,
I
had
one
more
question.
I
added
it.
I
added
it
to
the
agenda
is
what
I
wrote
about
the
navigation
accurate,
we're
just
removing
threat
monitoring,
putting
policies
in
and
that's
it.