►
From YouTube: Kubernetes SIG Security Docs 20220707
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everyone
today
is
july
7th,
welcome
to
seek
security,
documentation,
project
meeting,
we
abide
by
kubernetes
code
of
conduct,
so
please
be
nice
to
each
other
and
this
meeting
will
be
recorded
and
available
on
youtube.
So
please
be
mindful
of
whatever
you
will.
You
might
say.
I
know
the
agenda
is
empty.
So
if
we
have
any
topic
we
can
discuss
about
that
or
we
can
end
the
meeting
early.
So
I
don't
have
anything
in
my
mind.
A
I
was
thinking
about
application,
adding
checklist
for
application
developers,
but
I
think
you
can
wait.
Let's
get
the
cluster
checklist
merged
and
then
we
can
start
that
project.
I
don't
want
to
like
have
too
many
similar
projects.
B
And
I
think
we
have
some
some
some
topics
on
this
list
about
developer,
for
developers
like
how
to
build
secure
images.
C
I
think
the
only
other
one
I'm
sure
I
saw
I
did
try
and
find
it.
I'm
sure
jimbarguardi
had
an
idea
about
doing
a
docs
page
around
where
it
might
be
possible
to
bypass
the
api
server,
so
risks,
oh
you're,
a
heart
attack
could
do
something
that
might
be
one.
I
mean
I'd,
be
happy
to
take
a
look
because
now
the
last
stuff
I've
done
is
finished
and
I'm
kind
of
settled
in
my
new
job
I'd
be
happy
to
try
and
start
looking
at
that.
A
A
bad
idea
that
is
awesome,
and
so
it's
a
docks
page
to
bypass
api
server,
yeah.
C
With
places
where
it
might
be
how
ways
it
might
be
possible
for
people
to
bypass
the
api
server,
because
obviously
so
much
relies
these
days
on
the
api
server
between
admission
control
and
audit
logging
that
if
you
can
do
stuff
that
bypasses
it
then
bad
times
for
cluster
security
and
there's
like
the
plate.
It's
probably
not
a
huge
one,
I'm
thinking
the
reason
I'm
saying
is
I
I
can
only
think
of
like
three
or
four,
so
it
won't
be
like
a
massive
endeavor.
A
Yeah
I
can
create
an
issue
on
the
kubernetes
security
ripple
and
then
I
will
tag
you
and
then
no
pressure.
So
whenever
you
you're
ready
and
then,
if
you
want
to
collaborate
or
like
brainstorm,
we
can
even
add
more
people
to
it.
So
it's
not
like.
C
Really
there
is
an
issue
and
I
created
it
in
march
there
you
go
I'll
now
start
looking
at
it,
because
yeah,
that's
probably
why
it
came
back
into
my
head,
is
because
I
did
it
four
months,
even
at
the
top
of
the
list.
I
can't
even
complain
somehow
say
it
was
buried.
It's
like
yep,
that's
the
top
of
the
list.
I
will
now
start
looking
at
the
issue
I
created
four
months
ago.
A
C
Yeah
yeah
I'll
start
a
hackmd4
and
I'll
paste
the
link,
the
hack
md
into
that
issue,
and
then
we
can.
We
can
mention
it
next.
Next:
security
as
well
get
some
more
people
to
have
a
look.
B
I
was
wondering
about
that
life
cycle
thing
like,
for
example,
on
the
checklist
issue.
There
is
it's
actually
stellar
or
rotund,
should
I
removed
it
or
because
you.
B
A
B
A
No,
I
have
to
look
into
it.
I
don't
think
so,
like
I
don't
know
how
the
kubernetes
org
is
set
up.
The
automation
so
might
have
to
look
into
that,
but
there
is
a
I
mean
your
prs
are
linked
like
the
your
pr
and
issues
are
linked.
You
can
see
like
if
you
I
could
see
and
in
the
issue
near
the
bottom,
that
there
is
the
pr
that's
been
referenced
from
the
website,
but
I
don't
know
but
anyways
I
will
go
through
all
that
is
probably
next
meeting.
A
A
B
So
if
you
want
to
help
by
the
way,
but
I
need
to
start
seeing-
I
started
to
dig
into
that
a
little
bit.
But.
A
A
Perfect,
so
in
the
next
meeting
I
will
agree,
I
will
add
a
note
for
more
reviews,
and
I
can
also,
if
you,
if
you
want
to
put
it
on
the
channel,
go
free
free
to
put
it
on,
seek
security
channel
and
ask
for
more
reviews.
I
think
we
asked
it
in
the
last
meeting
next
time
we
will
just
say,
like
a
deadline,
telling
that
until
this
we
will
keep
it
open.
A
If
we
don't
get
any
more
reviews,
we
will
like
proceed
with
merging,
address
everything
and
then
we'll
just
proceed
with
magic,
so
just
give
that
give
a
deadline.
So
we
can
do
that
and
that's
it
for
me.
I
will
go
and
add
anything
if
I
find
more
issues,
so
we
can
discuss
about
in
the
next
meetings,
and
I
think
we
also
need
to
look
in
the
kubernetes
website
issues
and
there
was
like
some
secret
management.
It's
not
completely
done
shannon.
I
think
someone
was
working
on
it.
A
There
are
like
multiple
pieces
to
it,
so
I
will
create
a
list
of
those
things
and
put
it
somewhere,
so
that
anyone
who
has
free
cycles
can
review
it.
No
pressure.
Someone
wants
to
take
a
look
at
it,
go
and
take
a
look
at
it
if
you're
busy.
That's
totally
fine,
so.