►
From YouTube: Kubernetes SIG Security Tooling 20230117
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
So
the
main
intent
for
today
was
to
show
how
we
update
a
cap
to
make
it
ready
for
a
release,
and
it's
mostly
about
these
kind
of
things,
kind
of
don't
happen
in
public
and
then
it's
harder
to
see
what
actually
goes
behind
the
scenes.
So
I
was
thinking
while
I'm
going
to
do
that
someday
sometime,
I
might
as
well
do
it
in
the
meeting
itself.
So
people
can
just
look
and
watch
it.
Ask
questions
and
then
learn,
maybe
learn
a
bit
for
any
future
if
they
might
be
doing
so.
A
All
right,
so
since
it
just
two
of
us,
unless
more
people
join
later
I
will
quickly
add
our
names
here.
A
So,
first
things:
first,
this
is
the
gap
markdown,
which
has
details
in
terms
of
design
considerations,
different
proposals,
user
stories,
all
of
the
things
that
we
wrote
when
he
wrote
the
first
draft
of
the
cap
before
we
published
this
as
an
alpha
feature.
Now
in
cape.yaml
there
is
a
bunch
of
metadata
that
is
basically
one
of
the
things
we
need
to
update.
A
A
Include
updates
from
here
so
I
upgraded
this
issue.
If
you
see
this
is
Alpha
and
then
we
have
our
beta
stage
here
so
feel
free
to
stop
me
anytime.
If
you
have
any
questions
and
then
we
have
a
kept
update
PR.
So
when
we
update
the
yaml
file
here
and
the
readme
that
will
be
the
cap
update
PR,
we
don't
make
any
changes
to
kubernetes
kubernetes,
so
no
PRS
required
there.
A
A
A
A
A
A
So
if
I
click
on
this,
it
will
go
directly
to
the
issue.
It's
kind
of
a
redirection
so
long
story
short.
It
will
be
easier
to
have
updated.
So
anyone
looking
at
how
this
was
implemented
or
is
planned
to
be
implemented.
You
can
take
a
look
at
this
readme
and
no
what's
going
on
another
thing
that
we
are
going
to
update.
Is
this
one?
So
if
I
go
to
this
parent
issue
tracker,
we
have
Alfredo
Pita
graduation
scope.
This
is
the
SE.
A
A
What
might
be
a
good
idea
is
once
these
three
are
merged
or
if
we
build
on
top
of
the
branch
of
these
pull
requests
will
be
able
to
add
this
sort
markdown
table
again
once
we
have
the
once
we
have
the
table
updated
with
these.
We
can
also
take
care
of
this.
This
one
is
going
to
require
a
lot
of
work.
So
hopefully,
when
I'm,
seeing
this
and
pointing
to
the
arrow,
you
can
see
what
I'm
pointing
to
Okay
cool.
A
So
if
I
go
here,
this
is
somewhat
going
to
need
it
somewhere
by
day
more
than
the
others,
but
it
can
be
done
in
parallel.
So
what
this
is
doing
is
many
people
initially
relied
on.
Google
group
RSS
feeds
Whenever.
There
was
a
new
cve
and
when
Google
Groups
stopped
doing
the
RSS
feeds,
they
didn't
have
a
way
to
get
them
subscribed.
A
So
many
mls,
it's
almost
like
second
nature:
okay,
index.xml
issue,
CK
official
CV
feed
index
notation,
so
we
need
to
create
an
equivalent
file.
That
is
a
follows:
the
atom
format
and
is
in
XML
one
example
of
that
that
we
use
in
kubernetes.io
is
for
the
blogs
subscription
as
an
RSS
feed.
A
So
this
is
one
of
the
examples
if
we
essentially
built
it
similar
to
how
it's
built
here,
we've
been
pretty
good
shape
in
terms
of
what
we
need
to
do
the
content
inside
it
would
be
a
bit
different
because
if
you
see
here
we
have
some
repeat
fields
and
the.
A
A
So
if
we
see
here
basically
what
we're
doing
is
orloop
get
Json
from
CBE
feed
bucket
so
and
then
it
picks
up
the
things
that
we
need
to
do
as
Json
fails
and
then
every
time
a
new
item
needs
to
be
added.
It
is
added
here
so
similarly
in
a
for
XML,
we
will
have
to
do
the
same
now.
Why
we
are
going
through.
All
of
this
is
all
the
changes
for
amazing.
A
Okay,
all
the
changes
that
are
in
scope
here
inside
this
table
or
to-do
list
need
to
be
upgraded
in
the
readme
to
explain
what
changes
are
being
made
so
that
people
don't
have
to
go
through
one
issue
at
a
time
to
see
what
is
actually
happening
between
Alpha
and
beta.
A
A
Block
list
comes
in
later,
because
we
pretty
much
done
and
we're
just
publishing
the
blog.
So
now
we
have
to
essentially
make
sure
we
are
ready
with
these
things
completed
so
production
Readiness
review
is
somewhat
of
a
newish
thing
compared
to
others.
Good
thing
is
because
our
change
does
not
impact
any
code
in
KK
for
this
skip.
What
the
people
who
do
ready
production
Readiness
review
said
is
yes,
we
can
say
that
this
is
not
applicable
for
your
cap,
so
yeah.
We
could
skip
this
step
last
time.
A
So
probably
we
will
be
able
to
skip
it
this
time
as
well.
Next,
one
is
the
open
issue
in
kubernetes
enhancement.
So
this
we
already
have.
We
have
to
change
the
release.
Milestone
The
Hyphen
Milestone
commit
we
don't
have
access,
so
somebody
else
will
do
it,
but
we
can
update
this
yaml
file
like
we
discussed
earlier
so
I'll
have
to
open
a
PR
update.
A
The
I
will
update
the
readme
and
then
we'll
be
ready
for
enhancement,
freeze
and
then
I
go
to
the
sick
release
team
and
tell
them
hey,
looks
like
I
think
I'm
ready
in
for
enhancement
fees.
Let
me
know
if
I
missed
anything,
then
they
take
a
look.
Ask
me
to
fix
some
things
that
whatever
is
needed
that
needs
fixing.
A
A
Maybe
you
would
be
one
of
them
to
review
then
we'll
have
approvers,
which
is
typically
the
sponsoring
six
chairs,
so
it
would
either
be
Tabby
or
Ian
who
would
approve,
and
if
the
sponsoring
says
sick
is
different,
then
it
would
also
exist
in
a
different
directory.
So
instead
of
security
directory,
it
would
be
in
other
six
directories,
which
is
any
of
those
here.
A
Okay,
all
right
cool
sounds
good,
so,
let's
check
on
time,
8,
49,
okay,
also
no
obligation
to
stay
the
whole
time.
If
you
have
something
to
do
feel
free
to
drop
off
totally
would
understand.
A
This
is
same.
This
will
go
to
127
again.
This
will
still
be
pbd
because
we
are
still
some
ways
away
from
ga.
A
Let's
see,
participating
six
probably
will
stay
the
same
creation
date.
I
want
to
say,
which
is
the
same
because
it's
not
last
updated
number
is
going
to
stay
the
same
so
reviewers.
A
A
Okay
cool,
so
one
file
is
updated.
There
is
a
lot
of.
There
are
a
lot
of
comments,
sometimes
which
are
useful.
So
let's
take
a
look
at
the
top
of
the
top.
A
I
think
there
is
gonna
be
one
thing
we
might
need
to
update
later
on,
which
is
the
table
of
contents
is
auto
generated.
A
So
if
we
add
a
new
section
when
the
CI
jobs
will
run
that
table
of
content,
if
not
updated,
will
break
the
job,
the
other
one
is
sometimes
the
template
for
a
cap
gets
updated
between
the
release
of
let's
say
125
and
right
now,
so
we
may
be
missing
a
section
that
we
need
to
update
it.
I'm
just
gonna,
go
and
start
writing
changes
right
now
and
if
things
fail,
I
will
go
back
and
then
fix
it
later.
A
Items
marked
with
RR
required
prior
to
targeting
promotional
means,
okay,
good.
So
let's
see
what
the
sales
enhancement
issue
and
release
Milestone,
which
links
to
kept
directory
into
kubernetes
announcement,
not
the
initial
campaign
yeah.
So
this
will
be
that
PR
cap
approvals
have
approved.
The
kept
status
is
implementable,
so
that
would
be
for
tabian
into
approve
design.
Details
are
appropriately
documented.
That's
on
me.
This
plan
is
in
place,
giving
consideration
to
sim
architecture
and
testing
into
input.
A
So
we
probably
have
very
smart
testing
plan
here
because
of
the
way
and
the
change
where
it's
being
made,
but
we'll
continue
to
take
a
look
more
e2a
dash
for
beta
API
operations
doesn't
apply
to
us
because
we
are
not
doing
any
any
API
changes
same
thing
for
end-to-end
tests
for
to
meet
the
requirements
for
GA
minimum
cubic
window.
Okay
skip
it.
A
Graduation
criteria
skip
because
we
are
not
at
gmail
right
now.
Production,
Readiness
review
completed.
That,
probably
will
be
again.
We
can
say
skip,
but
we'll
confirm
with
them
later.
Implementation
History
Section
is
up
to
date
for
Milestone.
Okay
user
facing
documentation
has
been
created
that
okay,
we'll
continue
to
do
that.
So
let's
go
here.
A
This
is
all
summary
motivation:
I,
don't
think,
has
changed
a
lot
goals
haven't
changed.
Let's
see
if
some
non-goal
has
become
a
goal
for
this,
this
phase
of
the
cap,
so
this
Remains,
the
Same
reactional
Liberty.
Still
by
done
my
SRC
listing
series
identified
in
mid-time
containers
still
in
our
series
out
of
scope,
integration
with
CV
project
yeah
based.
So
we
thought
about
this
when
we
discussed
in
previous
meetings,
it
felt
like
would
be
a
lot
of
work,
so
we
decided
to
skip
it
for
Alpha
to
Beta,
but
for
GA.
B
A
Yeah,
so
you're
right,
I
think
there
could
be
two
sections.
I
I
also
like
having
two
sections
which
are
non-goals
and
future
School.
Where
we
say
non-goals
is
something
that
seems
related,
but
not
something
we
are
going
to
tackle
and
future
scope
is
something
is
related.
We
want
to
tackle,
but
not
right
now,
I
think
in
this
case,
since
there
is
no
future
scope
section
unless
I'm
wrong
and
it's
there
in
the
few.
In
the
later
part
of
the
document,
I.
B
Don't
think
there
is
yes.
A
This
section,
so
it
kind
of
mushed
together
and
the
other
reason
I
wanted
to
check,
was
sometimes
things
actually
end
up
becoming
a
future
scope
goal,
which
was
a
non-goods
I
just
wanted
to
make
sure
I'm
not
missing.
Something
am
I.
I
just
saw
your
joint.
Can
you
hear
us.
A
A
B
A
A
Oh
because
it's
like
changing
the
lines
for
80
like
not
more
than
80
characters,
okay,
anyway,
so
things
we
would
change
now
in
this
is
probably
proposal
overview
risk
design,
details,
I
would
say
we
would
change
a
bit
and
graduation
criteria.
Okay,
that's
the
same
secretion!
So,
let's
see
all
right,
can
you
hear
me
currently?
Yes,
we
can
hear
you.
C
Hello
sorry
I
wanted
to
join
from
the
beginning,
but
I
was
like
you
know:
I
just
changed
my
my
job
and
I
was
trying
to
solve
something
and
I
started
talking
with
someone
about
like
the
the
new
stuff
and
then
got
to
carried
away.
Yeah.
C
Yeah,
that's
that's
really
great!
For
now.
That's
really
great!
So,
but
yeah
I
wanted
to
talk
with
you,
because
I
did
not
have
the
time
to
continue.
A
C
A
C
A
I
yeah
I
think
generally
I
liked
your
changes.
It
does
simplify
a
few
things.
It
makes
us
conformant
with
the
spec.
We
said
we
are
conformed,
so
that's
another
benefit
and
generally
I
liked
it.
There
were
some
small
things,
I
would
say
we
we
can
make
some
modifications
on,
but
otherwise,
if
we
cover
those
things
that
were
pending,
then
we
are
good.
Also,
we
do
have
some
time.
It's
not
like.
We
have
to
finish
everything
this
week.
A
C
Because
the
feedback
was
I
think
we
just
do
the
one
with
t
on
the
website
side
and
yeah:
okay,
okay,
some
explanation
about
this
stuff.
A
C
A
C
A
All
right
cool
yeah,
so
my
on
your
side
right
on
this
one,
these
are
like
just
typo
updates.
No
big
changes
here.
This
one
I
think
Tim
came
up
with
some
ideas
for
localization,
which
I
think
makes
sense.
C
Yeah
you
provided
a
lot
of
pointers
as
well
I.
Guess
it's
going
to
be
super
trivial
to
just
Implement
that
thing,
because,
mostly
date
and
stuff
like
that,
so
yeah.
A
Yeah,
so
that
seems
good
one
thing
I
wanted
to
discuss.
Just
this
is
more
like
a
user
experience
kind
of
thing,
so
I
don't
know
whether
like
I
should
have
any
say
in
it,
but
I
wanted
to
get
because
of
that,
like
your
feedback
for
from
both
of
you
really
so,
if
you
see
here,
the
HTML
page
looks
similar,
like
you
said
right.
All
of
these
things
are
same
in
the
table
and
we
decided
like
okay,
let's
do
the
updated
date
as
a
caption
update
on
this
with
the
bracket
correct.
A
So
one
thing
I
noticed
was:
if
I
actually
go
to
the
feed
and,
let's
see
I,
think
it's.
A
Then,
if
I
go
to
this,
so
the
table
shows
up
first
and
then
it's
a
really
long
table
and
then
at
the
bottom
we
have
this
caption.
So
I
was
almost
wondering
whether
the
last
updated
on
will
be
missed,
because
it's
so
much
at
the
bottom
of
the
page,
and
would
it
make
sense,
maybe
to
just
have
an
small
sentence
with
italics
saying
last
update
this
table
has
been
updated
on
and
then
specific
date,
which
would
be
at
the
top
just
below
this
curl
command.
A
C
Yeah,
exactly
I
I
had
the
same
thought,
but
to
be
to
be
really
honest,
like
the
the
reason
why
I
decided
to
put
it
in
the
construction,
it
was
because
it
was
easier.
Like
you,
you.
If
you
go
to
my
website
PR
and
you
will
see
that
basically
I'm
just
modifying
the
the
shortcut
with
the
security
CV
that
contains
all
the
table.
C
C
A
Yeah
I
think
that
seems
reasonable.
We
probably
will
get
obviously
input
from
team
as
well
when
you
make
that
change,
but
one
thing
would
be
worth
doing
is
so
in
this
table.
Oh
you
know
what
we
can
add
it
as
a
markdown.
Also,
we
don't
need
to
update
it
here.
So
I'll
show
you
what
I'm
saying
to
index.json.
Let's
see
if
I,
let's
see
if
what
I'm
saying
would
even
make
sense,
but
let's
try
it
so
index
dot.
Md
and
oh.
A
A
Code
and
this
one
black
this
one,
so
this
is
the
markdown
and
we
are
using
this
shortcode
here
I
was
wondering,
would
it
make?
Would
it
even
be
possible
to
add
it
as
a
markdown
in
markdown
syntax
itself,
instead
of
adding
it
in
the
shortcode.
C
And
I
think
he
in
the
end
I
was
thinking
like
you
like.
It
was
more
logical
to
33
in
the
morning.
In
fact,
it's
part
of
the
table
somehow,
because
it's
it's
like
the
information
when
this
table
was
last
updated.
So
maybe
we
could
just
put
it
like
in
the
header
of
the
of
the
just
before
the
table
type
like
a
paragraph
or
just
a
line.
I
don't
know
yeah.
A
Then,
if
Json
has
the
timestamp
field,
then
the
table
should
shortcode
should
also
have
the
timestamp
field,
so
yeah
I,
think
that
seems
like
a
more
reasonable
place
to
keep
it
but
yeah
to
your
points,
though,
still
if
we
add
like
a
single
HTML
line
on
top
of
the
table
in
the
short
course,
it
might
still
work
out.
I
I.
C
A
Yeah
yeah,
so
that
was
just
so
just
with
what
Kaylin
any
strong
feelings
about
this
or
preferences
on
where
the
timestamp
should
show
up.
Maybe
it's
a
really
small
thing
to
really
spend
too
much
time
on
as
well.
A
Be
sure
I
heard
it
right,
no
strong
preference
right,
okay,
cool
all
right
sounds
good,
so
yeah.
That
was
the
only
thing
I
really
wanted
to
discuss
with
you.
My
apart
from
the
updates
in
the
pr
one
thing
I
did
at
after
you
were
looking
on
the
pull
request.
Let's
see
if
I
have
the
tab
open,
maybe
not
so
I
added
this
RSS
issue,
which
I've
been
meaning
to
add
for
a
while
so
similar
to
what
we
have
for
Json.
A
It
seems
like
we
will
have
to
generate
the
XML
file
like
we
generate
the
Json
file,
because
when
I
was
looking
at
the
code
here
for
the
blog
RSS
I
found
like
the
range
command
like
they've,
like
we've
used
for
Json
being
used
here
as
well,
and
then
permalinks
links
GUI
guid,
all
of
those
things
so
I
I
don't
really
love
working
with
XML,
but
we'll
have
to
do.
A
A
What
I
really
wanted
to
test
as
an
end-to-end
thing
was
somebody
told
me:
slack-
has
a
robot,
robot
slackbot,
which
allows
you
to
subscribe
to
an
rssp
I've,
never
used
that,
but
if
either
of
you
used
it
I
wanted
to
see
if
we
could
test
it
with
the
pr
generated,
RSS
feed
in
some
of
our
channels
or
even
on
a
DM
to
myself.
C
Yeah
I
think
it's
so
like
the
situation
will
be
regenerate
adjacent
feed
from
the
python
script,
like
straight
from
the
python
script,
and
then
we
have
this
small.
You
go
template
to
convert
it
to
the
RSS,
but
I
think
it
will
be
like
straightforward.
The
example
you
put
is
pretty.
We
should
just
get
this
example
in
other
adaptive.
We
feel
but
yeah.
If
I
have
time
on
this
thing,
I
will
be
happy
to
actually
do
this
thing,
but
yeah.
A
I'll,
try
to
I'll
try
to
like
keep
this
open
for
sure.
I
mean
open
in
the
sense
like
I,
won't
really
work
on
this
until
the
next
one
or
two
weeks
but
like
if
it's
not
picked
up
by
then
I'll
just
start
writing
down
the
XML
on
my
side
and
no
pressure
you're
already
doing
a
lot
of
fears.
So
if
you
get
time
great,
otherwise
it's
fine.
C
I
would
love
to
do
more.
It's
actually.
If
you
need
to
to
discover
these
things,
because
it's
called
the
like
far
away
from
what
I
have
to
do
now.
Yeah.
A
C
A
Yeah,
if
you're
interested
go
for
it,
what
I'll
also
do
to
help
in
the
meantime
is
we
were
discussing
before
you
joined
killing
and
killing
and
I
was,
which
is
where
our
Gap
exists,
with
the
aviation
design
and
all
of
the
things
we
did
also
needs
to
be
updated
with
all
the
new
things
we
are
adding
like
the
last
updated
timestamp,
the
this,
the
Json
validation,
the
XML
RSS
speed.
A
We
are
going
to
write
so
I'll
make
those
changes
here
and
open
a
PR
if
you're,
okay,
both
of
your
LCC,
both
of
you
on
that.
So
you
can
take
a
look
and
then
so
that
maybe
gives
you
more
ideas
if
you're
working
on
the
XML
on
how
to
actually
go
and
do.
C
Yeah
sure
feel
free
to
to
CC.
C
A
So
most
likely
we
might
need
to
do
that
so
they,
what
happens
is
whenever
a
version
release
is
going
to
be
published.
They
create
a
separate
branch
on
K
website,
let's
see
if
they've
created
right
now.
So
if
I
go
here
and
branches
I
think
so
that's
a
point.
Sorry
you're
saying
something.
C
No,
no!
It's
just
that.
We
will
have
some
synchronization
issue
between
like
the
six
security
repo
and
because,
if
we
merge
the
security,
the
website
will
will
fail.
And
if
we
manage
the
website,
the
security
script
will
generate
something
metadatic
to
the
website.
So
we
have
to
inflect
somehow
about
them
like
right
away
at
the
same
time.
So
I
don't
know
of.
A
Course,
yeah
yeah,
we
do
have
some
lags
between
the
build
time
and
when
the
pr
gets
merged
so
and
how
often
the
six
security
job
runs.
Let's
think
about
it.
I
think
we
have
two
options.
One
is
we
continue
to
make
updates
to
the
docs
page
directly
on
Main,
because
we
are
not
really
breaking
anything
on
KK
and
then
that
way,
k6
security
and
K
website
can
merge
together
for
the
especially
the
two
PRS
that
you
have
and
then
for
RSS
feed
XML.
A
We
continue
to
merge
so
technically
our
release,
Milestone
is
127,
but
will
keep
merging
until
127
is
released
and
then
after
127
is
released,
we'll
basically
say:
okay,
we
are
done
with
the
scope
we
had.
This
is
the
feature
blog
with
the
updates,
and
then
we
basically
wrap
it
up
for
beta
phase
after
that.
A
Okay,
so
that
that
could
be
one
thing,
I
think
we
did
something
similar
for
the
original
Json
and
MD
file
as
well
with
Tim,
but
whenever
you're
done
with
the
pr
review
comments
and
we
are
ready
to
merge-
let's
talk
with
him
unless
he
himself
comes
in
and
says
like.
Let's
do
this
this
way
and
then
we
can
go
from
there
all
right,
okay,
cool
I
think
we
are
almost
at
time
as
well.
So
I'll
stop
sharing,
don't
forget
to
add
your
name,
my
on
the
attendee
list.
A
Oh
yes,
and
thanks
a
lot
hope
this
was
helpful
for
anyone
watching
the
recording,
as
well
as
for
killing
and
my
on
how
like
the
get
thing
works
in
kubernetes
community,
and
we
reminder
we
have
a
news
tentative
time
slot
for
next
time.
I
got
you
both
of
your
votes,
so
thanks
for
voting
on
the
time
slot
and
even
though
the
dates
are
only
for
the
next
couple
of
weeks.
A
If,
once
the
poll
is
closed
on
26th,
we
will
basically
have
a
recurring
schedule
with
that
time
slot
going
for
it.
So
that's
the
main
idea,
and
hopefully
we
can
attract
more
people
as
well,
who
are
not
able
to
join
the
current
time
zone.
So
all
right
with
that.
Thanks
a
lot
and
see
you
next
time,
bye,
ciao.