►
From YouTube: Kubernetes SIG Security Tooling 20220201
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
I
think
it's
two
minutes
past
the
30
minute
hour.
Let's
get
started,
maybe
with
introductions.
I
know
one
or
two
of
you
have
joined
before
one
or
two
of
you
are
new,
so
maybe
I'll
start
with
the
introduction.
So
this
is
the
six
security
tooling
meeting.
We
are
a
sub
project
of
sig
security.
A
Also,
this
meeting
is
recorded
and
follows
the
kubernetes
code
of
conduct
conventions
so
which
basically
means
please
be
excellent
to
each
other.
So
to
today
we
generally
have
two
types
of
sessions
in
tooling
a
working
session
and
a
learning
session,
and
we
typically
alternate
between
those
this
time.
It's
a
working
session
where
we'll
discuss
work.
That
is
ongoing,
work
that
you
want
to
propose
that
we
can
discuss
as
well
and
in
general,
if
you
have
any
questions
about
the
sig,
how
to
get
involved
in
kubernetes
community.
A
Only
thing,
I
would
say
is:
if
you
have
a
topic
in
hand,
add
it
in
the
discussion
section
in
the
meeting
notes
with
your
name,
so
we'll
make
sure
to
not
miss
that
and
yes,
my
introduction,
I'm
I'm
been
leading
the
tooling
project
for
a
while
now
about
maybe
nine
months
or
so,
and
it's
it's
been
great
so
far,
there
is
a
lot
of
help
by
other
sub
projects,
which
is
audit
and
docs,
and
we've
been
able
to
slowly
make
progress
to
our
goal
of
helping
make
kubernetes
more
secure,
as
well
as
trying
to
make
dreams
of
other
cigs
that
are
related
to
security.
A
B
B
I've
been
doing
a
load
of
r
d
stuff
recently
in
the
security
space
on
kind
of
around
kubernetes,
so
like
looking
at
things
with
cosine
and
worked
on
building
a
migration
from
psps
to
other
things,
so
yeah
kind
of
stuff
in
the
relevant
space
and
yeah.
Looking
into
like
the
sig
communities
around
that
to
yeah
kind
of
look
at
the
stuff
around
periphery
around.
C
I
guess
I'll
jump
in
I'm
eric
smalling.
I
am
a
developer
advocate
at
sneak
and
I
have
been
part
of
six
security
tooling
since
gosh
a
year
ago,
when
I,
when
I
was
foundering,
trying
to
lead
it
and
I
hand
it
off
to
pj
who's
done
much
better
than
I
I'm
mainly
here.
Just
to
help
with
you
know
anything
I
can
my
work
schedule
doesn't
allow
me
to
do
a
ton
of
control
contributions,
although
I
hope
to
change
that
this
year.
A
D
It
is,
it
is
an
amazing.
First
of
all,
it
is
basically
a
japanese
company,
it
is
a
multinational
company
and
first
of
all,
it
is
called
napoleon
electronic
company.
After.
A
A
All
right,
I
think,
tommy
you
joined
a
bit
late,
we're
just
doing
introductions.
E
Yeah
awesome,
I'm
tommy
mccormick,
I'm
a
security
engineer.
Datadog
I've
been
kind
of
lurking
around
security,
tooling
and
security
for
probably
close
to
a
year
now,
but
just
trying
to
ramp
up
custom
contributions
this
year,
nice
to
meet
you
all.
A
A
Okay,
I
think
that's
it.
We
are
missing
one
of
our
other
members
neha,
who
has
been
helping
me
on
one
of
the
discussion
topics
for
today,
but
we'll
discuss
it
without
her
and
hopefully
she
can
catch
the
recording
later,
but
before
we
jump
in
there,
I
also
wanted
to
open
up
since
it's
everyone's
meeting,
not
just
mine.
If
you
have
any
thoughts
or
topics
that
you
want
to
discuss,
we
can
spend
some
time
on
that.
First.
A
Cool
okay,
chris!
Maybe
if,
if
it's
okay,
if
you
don't
want,
if
you
can't
share
today,
but
I
would
be
very
interested
to
know
more
about
your
experience
on
the
psp
migrations
at
some
point
of
time,
the
reason
is
sigoth
who's.
The
owner
of
the
psa
to
feature
that
replaces
psp
in
kubernetes
is
actually
looking
for
feedback
from
end
users
who
are
migrating
from
psp
into
something
new
or
completely
migrating
off
of
kubernetes
and
doing
something
with
policy
agents
or
given,
or
anything
like
that.
A
So
any
kind
of
feedback
from
you
that
you
can
share
now
or
later.
I
would
really
love
to
hear
that.
B
Yeah,
it's
it's.
It's
been
a
rocky
road.
I
mean
I'll
share
broadly
later
they're
working
on
a
podcast,
that's
their
blog
post
about
it.
I
was
gonna
share
my
screen,
but
it's
not
letting
me
do
that,
but
I
can
show
you
the
draft.
B
It
probably
won't
reveal
that
much
because
there's
a
lot
of
text
and
it'll
be
skim
reading
through,
but
I
can
demo
some
of
the
tooling
that
you've
built
and
stuff
around
it,
which
might
be
interesting
anyway.
Yeah.
B
Okay,
cool,
let
me
give
it
a
go
see
if
the
zoom
will.
Let
me
do
that.
B
B
B
The
premise
was
of
looking
at
kind
of
psps
covers
bit
of
kind
of
why
they're
going
away-
which
probably
someone
can
probably
tell
me,
is
wrong
and
there's
probably
better
reasons.
I
looked
at
some
of
the
the
kind
of
main
kind
of
obvious
alternatives
that
people
are
migrating
to
the
ration
now,
for
that
is
that
it
was
easy
enough
to
codify
the
change.
B
I'm
aware
that
there's
others
like
k-rail
and
all
sorts
of
other
kind
of
options
available
in
the
space
and
around
pod
security
standards
and
covered
some
of
the
reasons
why
that
might
not
be
the
right
answer,
but
again,
like
someone
else
better
engaged
in
the
community
can
probably
tell
me
that
I'm
wrong,
and
that
is
better
thought
out
than
I
think
it
is
and
then
how
to
migrate.
So
I
built
a
tool
which
is,
if
it's
links
somewhere,
I
can
just
bring
it
up.
B
So
this
is
live
I'll
share,
a
link
in
the
chat
as
well,
if
anyone's
interested
in
playing
along
so
I'll
put
links
in
the
notes
as
well,
if
no
one
else
grabs
them
over.
So
this
just
a
little
javascript
widget,
but
there's
also
you
can
download
a
binary
and
run
it
locally,
and
the
idea
is
that
you
can
just
paste
your
psp
in
and
it
will
do
some
magic
to
make
that
into
the
relevant
policy
in
gatekeeper
using
the
library
that
they
share.
B
That
kind
of
gives
you
some
of
the
the
kinds
of
the
stock
library
that
they
have
and
similarly
in
keyboard
and
canerva.
Well,
I'm
not
probably
pronouncing
that
wrong.
B
So
I
can
like
say,
take
a
volume
type
of
say
no
host
path
and
then
see
that
kind
of
roll
through
to
through
to
the
kind
of
various
kind
of
bits
of
what
that
would
look
like
in
those
various
bits
of
different
policy
and
yeah,
and
there's
a
great
big
report
about
yeah
reporter
bug
at
the
bottom,
because
they'll
probably
be
fraught
with
issues.
B
So
you
can
pick
off
like
any
of
the
obvious
examples
that
are
from
like
bits
of
kind
of
kubernetes,
official
docs
and
then
yeah
see
what
those
look
like
in
the
various
kind
of
different
policy
engines.
So
yeah.
That
was
a
thing
which
was
yeah
an
interesting
journey
of
going
through
the
code,
for
it
is
where
is
it
here?
That's
the
link
to
the
thing
where's,
the
code.
B
So
yeah
using
github
actions
and
ci
and
kind
and
all
the
rest
of
the
jazz
to
be
able
to
build
that,
and
it
was
an
interesting
journey
working
with
some
of
the
developers
at
particularly
kenobo
and
keyboard
and
on
what
that,
like
changes
to
some
of
their
libraries
and
stuff
to
actually
make
some
of
that
work.
So
that
was
really
nice
and
there's
like
bi-directional:
pull
requests
from
then
making
pull
requests
to
this
repo
and
and
and
myself
making
prs
with
them.
B
So
that's
kind
of
been
a
nice
kind
of
community
story.
I
guess
of
some
of
success
and
yeah
looking
to,
hopefully
maybe
make
this
something
resembling
a
canonical
source
of
like
how
you
can
do
those
changes.
B
So
I've
got
examples
of
all
the
psp
kind
of
fields,
and
then
you
can
see
what
those
look
like
in
various
different,
like
the
the
minimum
that
you
need
to
do
to
implement
that
policy
in
the
various
different
policy
engines
and
yeah,
you
can
run
it
through
the
web
browser
or
through
the
there's,
a
binary
that
you
can
download.
But
it's
built
in
typescript,
yeah.
B
So
yeah
there'll
be
a
thing
that
I
built,
there'll,
probably
be
tons
of
bugs
pull
requests
and
issues
are
very
welcome.
A
B
Yeah
yeah,
so
this
repo
is
all
open
and
yeah
I
mean
it's
all
like
javascript
runs
in
the
browser
right.
B
A
A
Good,
I
was
curious
about.
If
you
had,
you
did,
or
somebody
you
know-
did
any
migration
from
psp
to
the
pod
security
admission,
which
is
the
built-in
admission
control
which
will
implement
the
port
security
standards
in
kubernetes.
B
So
the
pods
I've
not
seen
that
done
in
angular
part
of
this
was
the
experiment
of
obviously
seeing
kind
of
the
looming
looming
death
of
psps
and
that
as
if
the
the
horizon
of
one
two
five
kind
of
kind
of
as
a
time
comes.
C
B
Obviously,
that
that
quickly,
soon
approaching
and
yeah,
looking
at
so
for
some
of
the
clients
of
outfit
who
I
work
for
and
like
what
that
migration
strategy
would
be.
Like
the,
I
guess,
the
conclusion
from
that
I
kind
of
touched
on
a
bit
in
the
blog
post,
which
I
can
share
back
in
the
slack
and
stuff
and
share
next
in
the
next
working
group.
That
was
hoping
to
have
it
published
today.
But
it
will
be
later
but
yeah
like
the.
B
The
conclusion
that
I
came
to
from
looking
at
the
pod
security
standards
was
that
it's
great
to
shoot
if
you're
a
software
vendor
to
shoot
towards
restricted
and
try
and
make
your
app
work
in
that
and
that's
great,
but
to
actually
use
it
in
anger.
B
There's
always
going
to
be
times
where
you'll
want
to
have
an
exemption,
and
I
would
have
like
some
small
tweak
on
a
restricted
policy
somewhere
across
the
estate
and
as
soon
as
you
do
that
it's
a
massive
step
down
to
like
to
that's
the
next
thing
down
to
what
baseline
and
yeah.
B
Consequently,
like
that
that
massive
leap
you're
going
to
never
probably
want
to
bridge
that
with
something
and
if
it's
not
built
into
cube
you're,
then
going
to
be
looking
into
other
admission
controllers
and
stuff
so
like
if
as
a
software
vendor,
then
it's
awesome.
I'd
say
that
that
if
you
can
say
like
my
product
works
in
restricted
and
you
aim
towards
that
and
test
against
it,
then
you're
probably
going
to
be
in
pretty
good
stead
for
delivering
that
to
other
people
that
are
consuming
it
without
too
much
friction.
B
A
Yeah,
that
makes
sense
so
yeah
thanks
for
sharing
all
of
this.
I
think
this
is
probably
going
to
be
useful
for
some
end
users
who
are
converting
their
phps
into
something
else
outside
of
kubernetes
to
manage
it
I'll
share
it
in
some
other
places
as
well,
but
yeah
thanks
thanks
for
letting
us
know
about
this.
I
did
not
know
about
this
before
not
sure
about
others.
B
Awesome
yeah,
it
will
have
bugs
that's.
Why
there's
a
big
button
so
yeah,
please
use
it.
A
Yeah
all
right
cool,
so
we
have.
While
we
were
discussing
this,
we
had
a
couple
of
others
join
as
well,
and
hey
welcome
neha
rahul.
So
we
did
a
quick
intros
before
you
join.
If
you
both
can
also
introduce
yourself
very
quickly,
then
we'll
jump
on
to
the
topic
at
hand,
which
is
about
the
official
cve
feed.
F
Security,
tooling
project,
so
I
am
currently
working
with
one
of
the
story
which,
where
we
are
trying
to
populate
the
cve
issues
on
the
github
website,
using
some
automation.
So
currently
I'm
working
on
that,
so
we
will
have
means.
We
will
discuss
that
with
the
cap,
so
yeah.
We
will
discuss
that
in
detail.
Maybe
in
this
meeting.
G
Rahul
I
work
for
a
startup
called
as
equinox.
We
work
on
zero
trust,
runtime
security,
I'm
working
as
an
engineer
lead
there
and
you
know
I'm
joining
this
meeting.
A
Yeah
well
welcome
back
rahul
and
nia
is
really
kind
of
humble.
She
has
also
done
a
lot
of
work
in
the
past
on
container
image
scanning
with
snake,
basically
wrote
the
whole
script
and
has
been
helping
me
a
lot
there
as
well
and
now
is
gonna
lead.
The
cv
feed
kept
so
really
looking
forward
to
how
that
goes.
A
A
Yes,
yes,
okay,
cool,
all
right,
okay,
so
basically,
what
we
are
doing
here
is
for
folks
from
unfamiliar
or
new
to
caps.
Cap
is
basically
a
design
dock
in
and
it's
called
an
acronym
for
kubernetes
enhancement
proposal.
So
the
reason
for
having
this
flow
in
general
is
being.
We
wanted
one
place
and
one
way
to
suggest
bigger
designs
or
newer
features.
A
A
If
you
see
the
owners
are
our
co-chairs
so
and
the
label
auto
sign
based
on
this
location
would
be
security
and
then
the
dock
will
go
here
as
readme.md,
and
then
there
is
a
simple
cap.yaml
that
we
have
to
create
with
some
bare
minimum
fields
that
we
need
to
update.
So
title
kept
number
author
and
participating:
sync
are
really
the
ones
that
we
want
to
make
sure
are
there
and
then
the
others
can
be
added
later
as
needed.
A
So
that's
how
generally
it
looks
like
now
any
questions
on
the
logistics
before
we
dive
into
the
content
sounds
feasible,
okay,
cool
so
for,
for
everyone's
sake,
I'll
just
summarize
what
the
design
is.
So
today
what
happens
is
when
a
cve
is
released
or
announced
for
kubernetes.
Two
things
happen.
A
github
issue
is
created
which
explains
what
what
happened.
What
was
the
cause?
What
is
the
cv
id?
What
is
the
severity?
A
The
problem
here
is:
there
is
no
way
for
an
end
user
of
kubernetes
to
fetch
this
data
programmatically
like
a
curl
command,
where
I
can
pull
a
json
blob
and
get
all
of
that
data
and
then
continue
to
hit
that
url
every
time
as
needed,
because
you
you
don't
know
people
might
want
to
know
as
soon
as
possible
when
there
is
a
new
cv.
So
if
they
see
a
new
update
there
they'll
be
able
to
know
that
instead
of
keeping
track
of
google
groups
or
github
issues
etc.
A
So
that
part
is
missing.
It
was
sort
of
managed
earlier
when
we
had
rss
feed
for
google
groups
where
people
could
subscribe
to
that.
But
rss
feed
was
this
disbanded
in
the
past
for
google
groups,
because
of
that
that
is
now
broken,
and
the
cvdetails.org
website
also
doesn't
have
all
the
list
of
kubernetes
cvs.
So
we
as
a
community
wanted
to
make
sure
we
can
have
that
feature
which
is
part
of
the
official
docks
of
kubernetes
and
that's
what
basically
the
design
is
about.
A
So
the
that's
the
summary
and
the
motivation.
The
goal
is
that
the
list
will
be
auto
refreshing.
So
anytime,
a
new
cv
is
announced.
We
don't
have
to
do,
create
a
pr
or
do
anything
manual.
It
should
get
automatically
updated
and
that
way
nobody
has
to
really
maintain
it
every
day
and
only
maybe
take
care
of
it
when
something
really
breaks.
A
So
there
were
some
prerequisites
that
we
completed
in
the
past,
so
one
of
them
was
creating
a
label
that
can
recognize
the
github
issues
that
are
about
kubernetes
cvs,
then
identifying
the
issues
that
are
labeled
with
that
and
then
labeling
them
with
the
new
issue.
You
know
the
new
label
and
then
make
sure
that
whenever
src,
which
is
the
security
response
committee
responsible
for
vulnerability,
disclosure,
etc
will
also
add
that
label
anytime,
a
new
cv
is
going
to
get
announced.
A
So
we
have
the
goals
listed
down
here,
one
which
is
create
a
json
doc
based
on
the
results
of
the
label.
We
created,
then
a
pro
job,
which
is
essentially
like
a
cron
job
tool
which
is
used
in
kubernetes
that
will
run
periodically
and
generate
that
json
dock.
A
So
some
some
non
goals
which
we
wanted
to
clarify
was
we
will
not
overtake
any
triage
or
vulnerability
disclosure
from
src
that
will
continue
to
be
src's
responsibility.
We
are
just
consuming
the
feed
of
cvs
that
they
are
publishing
and
the
second
thing
is
sometimes
there
are
cvs,
which
was
which
are
somewhat
related
to
kubernetes.
So
let's
say
a
container
image
base.
Image
has
a
cv,
that's
why
we
are
bumping
an
image
or
a
build
time.
A
Dependency
has
a
cva
which
we
are
bumping
by
bumping
that
dependency,
so
we
have
scan
jobs
for
that
with
sneak
already
running,
but
we
are
not
going
to
keep
that
in
scope
for
this
particular
design
and
the
reason
is
we
only
wanted
to
focus
on
the
official
kubernetes
cvs,
which
basically
means
they're
announced
by
src,
and
the
second
thing
is
the
code
in
kubernetes
is
actually
vulnerable
and
the
validity
is
in
kubernetes
code,
which
is
why
we
as
kubernetes
community
has
to
fix
it.
A
So
that's
the
distinction
we
are
making
where,
instead
of
bumping
a
package
or
bumping
an
image.
If
we
are
going
to
change
the
code
and
it's
going
to
be
tackled
by
src,
we
are
going
to
have
those
cvs
in
our
list.
Nothing
else,
and
then
some
stories
are
as
an
end
user.
Like
I
said,
we
want
a
list
that
I
can
programmatically
pull
and
as
a
maintainer.
I
want
to
have
a
process
that
will
auto
update
so
that
I
don't
have
to
do
anything
manually.
A
So
there
are
some
risk
and
mitigations.
Basically
what
if
the
json
block
construction
fails.
So
in
that
we'll
have
an
option
to
actually
do
a
manual
pr
which
will
updo
the
job
that
pro
job
would
have
done
and
then
also
fix
pro
job
in
background,
so
that
we
don't
have
to
wait
for
pro
job
to
finish.
A
B
Curious
to
why
the
like
publishing
on
the
kubernetes
website,
as
opposed
to
preferencing,
make
assuring
that,
like
cv.org
or
anything
else
like
as
a
as
a
common
thing,
that
most
folk
would
be
consuming
regularly.
B
Why
it
was
elected
to
do
that
and
like
have
like
yet
another
thing
that
ultimately
organizations
would
need
to
kind
of
watch
and
monitor
what
the
kind
of
where
the
friction
points
were.
With
maintaining
those.
A
Yeah,
I
think
my
perspective
here
is
even
for
cva.org
to
consume
the
data.
A
There
is
no
automated
process
for
them,
so
maybe
somebody
manually
is
doing
it
and
then,
as
a
result
of
that,
they
are
also
spending
time
that
can
be
saved
if
we
have
an
automated
feed
that
not
only
end
users,
but
some
official
standard
bodies
like
cvr
can
also
consume.
So
the
perspective
is,
let's
get
our
ducks
in
one
row
first
and
have
that
feed
in
place
and
then
either
end
users
can
use
it
or
some
other
third
parties
that
other
end
users
rely
on,
can
also
consume
it
from
us.
B
A
Right
right,
so
one
of
the
things
hopefully
is
when
we
once
this
is
done,
we'll
create
a
blog
post
and
do
some
level
of
awareness
on
this
and
build
awareness
on
this,
and
we
have
had
other
community
members
from
other
communities
reach
out
and
say
hey.
This
is
really
nice.
We
would
like
to
consume
it.
A
B
I
guess
just
out
yeah
as
kubernetes
becomes
as
it
evolves
and
becomes
less
of
a
thing
and
more
things
are
separated
out
right.
That's
there's
less
of
a
cons
and
you're
the
view
of
things
that
someone's
like
to
monitor
what
they're
running
is
going
to
be
more
of
an
aggregated
thing
over
time,
so
yeah
watching,
I
don't
know
ingress
or
like
what
their
ingress
controllers
or
anything
else
they'll
want
to
be
able
to
ideally
can
have
an
aggregated
view
so
that,
as
time
moves
on
with
the
evolution
of
keeping
securities,
it
becomes
even
more
important.
A
Okay,
cool.
We
have
10
15
minutes
more,
so
we'll
probably
able
to
jump
into
details.
So
let's
go
okay,
so
for
how
it
will
actually
look
like
when
we
implement.
We
need
a
few
things
in
terms
of
more
stuff
to
be
done
before
the
feed
will
be
alive
in
a
way.
So
first
thing
we
have
to
do
is
try
and
understand
this
bot
that
already
exists.
So
this
part,
essentially
auto,
creates
a
pr
based
on
raw
input
data
that
we
will
provide
and
then
using
that
pr
creator
bot.
A
The
idea
is.
We
will
update
the
cve
feed
in
k
website
where
the
cv
data
feed
will
exist
as
a
json
block.
A
How
that
will
look
like
is
is
something
we
don't
know
yet,
but
we'll
have
to
do
some
level
of
poc
and
see
if
it
works
out,
but
people
have
done
use
this
bot
for
doing
something
else
like
pro
job
itself
runs
on
different
set
of
base
images
and
those
are
auto
bomb
today
using
something
called
auto
bumper,
which
is
creates
a
pr
that
bumps
the
image
of
pro
whenever
a
new
image
is
available.
A
So
something
like
that
we'll
have
to
do,
but
for
this
one
and
once
that
is
figured
out,
what
we'll
have
to
do
is
query
the
github
api
to
look
and
filter
on
this
label
that
we
have
and
get
all
the
issues
and
the
relevant
details
from
that.
I
believe
neha
has
a
poc
working
there.
You
can
correct
me
now
where
we
are
able
to
fetch
what
we
want.
A
And
then
the
idea
is
once
the
blob
is
created,
we'll
essentially
do
a
matching
with
the
json
blob
that
we
have
created
and
the
json
blob
that
exists
in
k
website
so,
first
time
the
json
blob
will
be
empty
on
k
website,
which
is
fine,
which
means
there
is
something
to
update
and
we'll
update
it
next
time.
If
the
blob
is
same,
the
one
we
have
generated
and
the
one
it's
in
k
website,
no
pr
is
created
the
next
step
after
that.
Okay,
I
see
a
chat
message.
A
Let
me
check
quickly:
okay,
all
right
cool,
so
if
yeah,
okay,
so
based
on
that
now
we
have
an
ex.
How
will
the
project
look
like?
So,
let's
take
an
example
here
I
move
this
somewhere
else
and
oops.
A
A
A
They
will
typically
have
a
test
grid
which
we'll
have
also
have
to
create,
which
will
have
the
build
output
essentially
about
what
actually
ran
and
in
the
at
the
top
you'll
notice.
How
often
it
is
running
so
we
could
run
it,
maybe
potentially
like
this
like
they
have
done
it
where
it
runs
either
24
7
or
we
do
it
only
during
when
either
of
us
are
active.
A
So
that's,
that's
something
we'll
have
to
discuss
and
understand,
but
that
is
a
real
possibility
because
of
how
diverse
overall
our
community
is
now
once
let's
say
we
have
created
the
job,
we
have
a
way
to
generate
the
json
blob
and
we
have
a
way
to
query
it.
What
will
happen
is
we'll
have
to
create
we'll
have
to
and
if
you
have
to
use
the
skip
review
label.
A
So
this
is
something
we
can
do
in
parallel,
while
we're
working
on
this
and
then
another
thing
we'll
have
to
potentially
do
is
create
a
owner's
file
under
this
directory,
where
the
owners
of
this
will
maybe
will
be
alias
of
security
response
committee
and
I'm
thinking
here,
a
new
alias
for
our
sub
sub
project,
called
security
tooling,
so
either
src
or
us,
where
we
help
them
fix
anything
that,
let's
say,
is
broken
in
terms
of
json
block
construction
or
something
urgent
needs
to
be
updated.
A
A
We
won't
really
have
to
worry
about
production
readiness
review,
for
example,
but
we'll
still
get
feedback.
If
people
want
from
sig
architecture
this
kind
of
answers,
we
will
try
to
come
up
with
those,
so
we
have
about
56
minutes
more
before
we
wrap
up
any
questions
based
on
implementation
details.
Is
there
any
missing
context
or
steps?
I
probably
skipped.
A
Yeah,
I
know
we
have
discussed
this
probably
multiple
times
now,
so
any
sort
of
do
you
have
do
you
think
this
gives
us
more
clarity
in
terms
of
how
to
really
approach
it
and
second
question
for
you
was:
should
we
also
add
the
google
cloud
bucket
example
or
alternative
we
had
somewhere
in
the
design
boxing?
We
considered
this,
but
we
are
going
to
skip
it
for
these.
In
this
xyz
reasons,.
F
Okay,
yeah,
I
mean
this
design
look,
looks
good
like
as
we
discussed
and
yeah
I
mean.
I
think,
that
google
cloud
bucket
also
we
can
put
as
alternative
but
yeah
I
mean
we
have
some
pros
and
cons
on
that
side
as.
A
Okay,
good,
so
any
any
other
questions
from
anyone.
A
No
okay!
Well,
if
you
come
up
with
something
we
we
can
always
discuss
more
on
slack
and
I'll
also
share
the
did.
I
stop
sharing.
Okay,
wait.
A
Zoom
is
not
okay!
There
you
go
okay,
sorry,
so
we
will
create
a
pr
most
likely
today
or
today
or
tomorrow,
and
I'll
share
it
on
our
six
security
tooling
channel.
So
you
can
take
a
look
at
that
ask
questions
there.
This
is
not
the
only
time
to
come
up
with
questions
and
ask
them.
We
can
discuss
it
there
as
well
and
then
we'll
slowly
slowly
start
implementing
it
based
on
the
release,
schedule
and
timelines.
A
I
don't
expect
us
really
making
this
in
124
release,
which
is
the
upcoming
release,
so
we'll
track
it
for
125
and
we'll
start
implementing
it.
Now,
whenever
125
kept
start
trickling
in
we'll
just
have
it
more
or
less
ready
and
then
see
how
it
goes
there
are,
there
is
a
chance
that,
out
of
this
kept,
multiple
github
issues
will
come
up,
which
are
which
will
be
fairly
small
and
very
simple
to
implement.
A
So
I'll
also
share
those,
and
if
you
are
interested
just
add
a
comment
in
that
issue,
anyone
which
you
like
saying
hey,
I
would
like
to
work
on
this
and
me
or
nia,
can
help
you
figure
out
what
what
needs
to
be
done
and
we
will
make
progress
that
way
much
faster
than
one
or
two
of
us
only
working
on
it.
A
Okay,
cool
so
any
any
parting
thoughts,
any
general
questions
that
of
any
topic,
relate
to
seek
security
or
things
that
we
covered
today.
A
Okay,
cool,
okay,
so
we'll
wrap
up
in
that
case
thanks
everyone
for
joining
in
hope.
This
was
fun
and
hope.
This
was
sort
of
useful
and
you
learn
new
things.
I
always
learn
new
things
in
these
meetings.
We'll
potentially
have
a
learning
session
next
next
to
next
week,
and
basically,
couple
of
weeks
from
now,
you
get
to
also
host
that
learning
session.
A
If
you
have
a
topic
in
hand
which
is
somewhat
community
rated
related
to
kubernetes
related
to
security,
happy
to
bring
you
up
to
speed
up
about
what
needs
to
be
done,
and
then
you
can
present
it
for
about
40
minutes,
or
so
we
get
a
recording.
So
once
recording
is
up,
you
can
share
it
with
other
people
instead
of
like
you
repeating
something
that
you're
going
to
demo
multiple
times.
So
that's
one
of
the
benefits
and
it
also
acts
as
like
a
good
iron
for
any
conference
talks.
A
You're
going
to
do
so
think
about
it.
Hit
share
share
if
you
have
want
to
do
it
on
slack.
My
if
you,
if
you
want
to
talk
privately,
my
dma
dm
me
on
slack,
handle
pj
p
for
peter
j
for
jack
and
then
we
can
also
tie
our
chat
there.
If
you
want.
A
Okay
with
that,
I
will
close
the
meeting
for
today.
See
you
in
a
couple
of
weeks
and
if
not
we'll,
keep
chatting
and
finding
each
other
on
slack
all
right,
bye
thanks
all
okay.