Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Open Feature / Project / 24 Jan 2023
Open Feature / Project / 24 Jan 2023
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: OpenFeature - Project meeting,January 19th, 2023

Description

TODO: ADD descrioption here

OpenFeature website: https://open-feature.github.io/

A

Hey hey.

B

I'm too proud I have two lights.

C

I just got in the meeting and then just slowly raising your arms, like I, don't know like you're.

D

Trying yeah.

D

uh Oh sorry, sorry guys I thought my mic was muted.

C

uh I heard I heard something very interesting about Wallace's. Oh.

D

Yeah there's a python operator- that's colloquially named at walrus because it's a colon and an equals and uh they're very divisive in the python world. So I hear.

C

Is is it a declaration? An assignment at the same time? Is that what it is.

D

What is a walrus, it's a declaration and assignment. Is it.

A

Oh.

D

Yeah: okay, yeah. You declare a variable as part of a conditional statement. Yeah.

D

Because they can't leave the language alone sort of weird book, whatever quit picking at it, I don't really like python schools.

C

Okay, um so looks like we have seven I'm, not sure how many people will get today. um Mike uh Mike kind of usually runs these meetings. Mike Beamer um he's he's uh not here he's not with us today, um but he'll be here next time, um so I'm kind of filling in for him.

C

um The agenda uh I'll put the sorry meeting notes in the chat.

C

Just in case you want to follow along, or you want to add something, it's not too late to add something. So if you, if you want to, please feel free.

C

Okay, so yeah, that's in the chat.

C

um We'll give it one more minute, just in case.

C

uh

B

Ben I'm just gonna copy your item below uh because I created like an entry for the 19th.

B

Let me just get rid of that piece on top. Just everything is, is uh one one piece down ah my bad.

D

Sorry.

B

Yeah.

D

No worries no worries, no.

B

No I I created it late today, I I thought I had already done it.

C

Okay, so yeah we we're three minutes after um uh so I guess we'll get started uh like I was just saying: Mike isn't joining us today, so I'm kind of uh running the meeting um and uh oh looks like we have been volunteering to be scribe. So thanks a lot Ben uh feel free to add yourself as a participant um and uh if, if you'd like to uh you, can um just use the reactions in Zoom to raise your hand if you'd like to introduce yourself, um that's totally optional.

C

If this is your, if this is your first time tending.

C

uh Okay, go ahead, Adam.

A

Hey yeah I figured I'd, introduce myself I'm Adam I'm from Dev cycle, uh we're also building a feature flying platform so yeah. He came in to kind of, listen and see what see. What's going on.

C

Very cool good to meet you thanks for coming.

C

uh Okay, so uh I don't have too many items today, um but I'll get started so uh I'm, I'll I'll just do a brief update on client support. uh Pete and I did have a a very productive meeting with um with Spotify um I.

C

uh We did ask their permission to record it and they were okay with that, so I don't want to just broadcast it, but if you're interested in getting a copy of that recording, um I'm sure that would be okay with them, considering they let us record it. uh So, if you're interested, please hit me up on the cncf slack and I'll, happily send you a copy of the of the video. If you'd, like of the recording um there's. Also a select is a cool thing where it automatically transcribes them.

C

So I can send that to you too, if you're interested we've.

E

Also got one of us has got a recording from the launch Darkly um interview that we did as well. So if you are interested in two recordings then hit both of us now.

C

Yeah uh thanks Pete, that's yeah, that's right! So I think it was a really productive meeting. um I don't want to dive too deep into that topic, because we, uh the other thing I guess I have to to mention, is we do have a dedicated meeting on client-side tomorrow.

C

um One of the reasons that we kind of moved it outside of this topic time is because it's been kind of monopolizing discussions and also, frankly, I wanted to put it in kind of an unusual time slot, because maybe I thought we might get different attendees.

C

um So we're shifted a little bit more to to the West Coast tomorrow. It's at um 1 1 p.m, Eastern Time, and it's also on our Google Calendar. So if you're interested in and hearing more about client development, the client spec changes, uh we can talk more about some of the feedback from Spotify as well as the launch Darkly meeting Pete just mentioned. Please attend there.

C

It's going to be more of a free-form meeting and we'll just we'll just kind of review where we're at so far um and and that kind of thing, um the other somewhat minor thing I wanted to to mention, um is uh I- did open up a security board uh in in the open feature uh open feature project um I'll provide a link to that.

C

So there's a couple high level issues on it.

C

uh So a lot of what the security board has has on it is um basically implementing the uh the.

A

Repository.

C

Requirements which I'll also link they are available here.

C

um So these are the repository requirements for for basically any open feature. Any repositories under the open feature project, especially ones that that want to hypothetically, do 1.0 releases of artifacts.

C

um These aren't arbitrary they're, designed mostly uh they're kind of designed, mostly considering the cncf tooling, recommendations which are also linked in in the um uh in the requirements page that I just uh I just put in the docs, um so I'm a lot of the. What the security board contains is uh collections of tasks to implement these in various repositories. So it's things like s-bomb generation, which is particularly important, particularly important. These days for open source projects, um especially with supply chain attacks becoming more and more widespread.

C

We want to make sure that we're not uh we're not falling victims to any of those and that we have. um We have those things kind of officially documented, as well as things like dependabot, slash, renovate um and also some basic testing automated releasing uh releasing is something that, especially uh that a lot of maintainers. It takes a lot of maintainer time, so we want to do our best to kind of um automate those things in a consistent way. I know when I, when there's release it release issues.

C

It definitely slows me down a lot trying to troubleshoot them and I. Think probably everybody who's, a maintainer of one of the SDK repos, has dealt with something like that at some point, um so we're just trying to bring some consistency in there and and using cncf recommended tools to improve security as well, so I'm going to continue to keep this board up to date.

C

If there's a security related, uh CI, CD, um stuff, I suggest you use the security label to kind of collect them uh under that under that topic, because then we can easily run queries against our repository to see what kind of security related things we need to do. Obviously, not all of the repo requirements are strictly about security, but a lot of them do kind of urge into that that territory uh so yeah, that's those are basically the two things I wanted to to talk about at a high level.

C

We don't need to go into too much more detail. um I think there was a point by Ben um I, don't know if you still wanted to say something. Sorry.

D

Yeah I'll just open it up. I didn't realize that there was a specific client meeting tomorrow. So um I'm happy to wax about that tomorrow because um thought about it. A lot about an opinion about now. I think I agree with Justin so but I'll stop talking.

C

Foreign yeah so I mean that's. Those are the only things I want to mention I I guess if, um if there's nothing else, one one question I I wanted to kind of follow up on, and maybe I hope not to put you on the spot too much David. But I was wondering. If maybe you could talk a little bit about the incubation process. I've been you've been you've, been kind of creating issues and stuff like that. um That I've been trying to follow my best uh and I was wondering if you could update us.

B

Yeah, of course, that was I was actually gonna, put an item but I wasn't sure uh yeah. So the incubation uh proposal, we've reported, um we've forced the general proposal and we're kind of following the lines of obviously other projects. uh For now.

A

Oh.

C

I guess we'll come back to David because he seems to have lost connection um well in in lieu of that. Does anybody have any other topics uh before Oh my God David he's back with us.

A

Who.

B

Are you um yeah sorry about that so yeah, the the incubation proposal is, is moving forward. I was saying uh we have some parts which are completed. uh My plan is now to reach out to everyone who's listed as a maintainer for the different sdks um to kind of get an advancement of what has happened in each SDK, which one is stable. Oh sorry, which ones are stable and um yeah that way we have kind of a full proposal. uh I think the largest item.

B

That's still missing is the future plans section um which I think Mike had already brought this up, probably with the governance board I'm at least that's my last update.

E

I, don't think he did.

B

But.

E

Maybe he's flying to the next time we have a meeting.

B

Okay, yeah I, don't know if anyone has any questions or um I think yeah something else, we're still looking for a sponsor to then get this done. um We haven't approached anyone yet as we're still completing the The Proposal, but we do have some names in mind. I think.

C

One one of them so back to the governance board thing and the future plans I think one of the things that happened at the governance board meeting is it got side sidetracked with a whole bunch of client discussion, which is why why we added a dedicated client meeting tomorrow um and why I didn't want to have the same thing happen here. I mean if we, if we totally run out of topics, maybe we can discuss a little bit also, maybe it's worth saving it for tomorrow, but um I guess.

C

The other thing I'd like to ask about that is I know. There's adoption requirements uh and I I also know David that you've been in contact with some production users and I was wondering if you could give us an update on that.

B

Yeah, so um it hasn't been so much myself as as uh also Adam, so Adam Gardner I think he reached out uh to you. Justin he's reached out to you other people.

B

um Let me just check really quickly yeah so reached out also to Viet wired I, know for sure. If I'm pronouncing it correctly, so I asked forgiveness uh has reached out to Rob, Crowe and I think also uh John Rowley. So we we need at least three adoption stories in production.

B

um In theory, we have a little over four or five I'm, not sure right now, um if the fifth one is confirmed but yeah. So ideally we adopted stories. We don't need a let's say, a large description, it's mostly a link to the company um web page and then a small sentence just of how this this has been adopted, or let's say some comments coming from the company that adopted the technology.

F

uh Sorry to jump in there So. Eventually, we will need more I think we can sort the stories in there for the uh for the document, but then people will be invited to join a dedicated meeting on their adoption.

C

So since.

F

Information.

C

Yeah.

F

So somebody from the TSC there's, usually one or two TUC members who more or less have a private meeting private in the sense of the none of the project. Members um are joining the meeting, so we should also have names and people who would be willing to to speak uh about the project. So it's a bit more effort for them. So usually it's like a half an hour interview um covering questions. Well, how are they using the project, what they like? What I think the project should improve?

F

How well the community is working, how easy it is to contribute. These are kind of like the questions that that usually come up in these meetings.

C

So do is, is kind of Adam Gardner still the point man on that process, or do we need to do? We need to solidify that a little bit more like who's tracking, that effort.

F

From from my experience, I think we really should wait how we move along with the due diligence Pro uh process, because this can actually take quite some time and in some cases it then gets frustrating, because you're lining up meetings with people and then they keep getting delayed or in some cases and other people kind of move on. So I would wait until we have at least a TUC sponsor assigned and then I would start those discussions and try to get the end. User interviews usually scheduled. Rather sooner than later, honestly, foreign.

F

Sorry by the way for being late, but for some reason my calendar is entirely empty. Now, I, don't know what happened to my corporate calendar, but it's congratulations. Yes, it's getting me a bit uneasy to be free. There was a lot more readings in there an hour ago. Anyways sorry.

C

Okay, um yeah so I mean I. Think yeah. Thanks for that update, I think that's something we need to stay on top of, even if we want to wait on uh on.

C

You know, formalizing those those things and uh making meetings about them and that that kind of thing, even if that's the case, I, think that we still need to keep track of who our production users are somewhere and make somebody responsible for that, so that when we need to have those meetings- and we need to create that documentation, we have a list of people.

C

So um yeah I mean, if you, if anybody here knows of production, use cases that you know that we're not aware of um please like Ping, somebody on the governance board, ping, myself or somebody else in the technical steering committee, because we just want to make sure that we keep track of these uh users at least so that when they, when the time comes, that we need to document the stuff, we need to have these meetings. We know who they are.

C

um It's one of the things that I think is an ongoing challenge with the project, because we don't essentially know, especially when somebody just pulls up a maven artifact or pulls an npm artifact like there's, not there's not an easy way to track that, even with tooling like like scarf Etc.

C

um It's still, it still basically relies on uh consumers reaching out and letting us know that they're using using stuff.

F

I think it might also get easier honestly once we reach uh really incubation stage, because then we can have a dedicated project meeting um at like kubecon and other kind of things, I mean nothing is holding us back from doing one, but we won't just get any sponsored uh space from uh from the cncs. Obviously, uh I have seen this in another project we had.

F

We had talked to people who has been using approachment for a year and never really interacted with you and sometimes that the only reason why they talk to you is because you changed something on that project that they really cared about, uh but never actually really talked about. So.

C

Okay, I guess um kind of kind of so far, a short one today, so I'll open it up to any other topics anybody wants to mention. uh Like I said we have a dedicated client meeting tomorrow, so I'd recommend.

E

We.

C

Don't spend too much time talking about that, um but I'll open the floor up to anybody who wants to drop more topics in.

G

I'll just note that I added sonar Cloud to the organization, our GitHub organization, and so it's like an installed thing. If you log in with your GitHub credentials, you can add it to your various repositories.

C

And did you add that to the Java SDK already? Is it doing scanning.

G

um I I clicked the button to analyze the Java repository like during this meeting, because I saw it on the security list, so I am concurrently. Listening in and fixing up some of the generic issues that it is highlighted.

C

Okay, um well, it might be a short and sweet one today, unless uh somebody wants to unless somebody wants to um bring any other topics up. um Maybe.

B

One question could be if we want to try and put in a um a proposal for the LFX mentorship I thought I thought they sent out the the emails for project proposals, so there's I think about a week and a half still time to do this. To also share this.

B

Not sure so, there's.

B

There's a GitHub repo with all the information information.

F

I think the same would be true for Google sum of code right.

B

uh The same is true for Google summer of code, which opens yeah, which opens um on the 23rd per submission.

B

Oh, the question is: if we want to, if we want to participate, for example, in Google summer code, we need at least uh two people that let's say, do the admin work um and then the ideas you have usually mentors that help the mentees go through their projects, but I'm, not sure. If anyone else has already participated in the past.

B

Foreign.

B

I think one final update on my side is yeah. There will also be soon the um the form uh for the kiosk kubecon EU. So once once that's out. I'll also put that in the next agenda.

B

That way we can see whoever wants to participate and maybe support the booth at kubecon EU.

A

Appreciate that just.

D

um Quick questions uh is who's planning on going to.

A

Okay,.

D

Yeah I I might um jump on the train yeah.

D

So yeah, if I'm there I'll definitely be happy to yeah um yeah sore throat standing in an overly air.

C

Conditioning conference room it'd be good to see, you uh see you in person, maybe we should uh do we do we have a I, don't know if we have I think we used to have a coupon um Channel like a kubecon, open featured Channel. Maybe we can revive that or create a new one yeah. There is an open feature. Kubecon.

C

um Yeah, so it's it's open feature Dash kubecon in the cncf slack, which we used, uh we've used a number of time or times around other kubecon. So you can go ahead and yeah there. You go I, see Dan O'brien! Is there now? So if you, if you're, especially if you're going to be a coupon you you might want to join that channel just so, we can sync up um and then yeah and a little bit after that we'll be another coupon na.

C

Okay, well, I, don't I, don't think we need to take up any more people's times. If that's it. um I.

F

Think yeah David would be maybe great for the next meeting to have an update from the various sub-projects like from sdks operator. Select the.

F

Like more globally, and because whether I leave the tasks of nominating the the tech, they maintain us to give them a chance to provide an update more more globally.

G

Is there something that, in relation that you would like us to report against like I'm, happy to talk about what's going on in the Java SDK, but there's not a ton going on in the Java SDK um and if there's a sdks I guess we can like report against the security board? That's one like how.

D

Things are going in relation.

G

To that didn't know, if there.

F

Were others yeah I think it's also fine if nothing is really going on other things that you might want to work on, I think we have after that 1.0. We have kind of like reached kind of this stable level right now and also what we will need as part of future plans is to come up with a roadmap.

F

I think I believe one of obviously of the uh this approach that should have I have wood in it, so I think it's just what's currently going on and what you would like to work on and maybe would need support kind of need. Support on maybe I've been working. Quite it almost felt like after 1.0, everybody was like super happy uh with the 1.0 release, um but yeah I think. Maybe that's also done something tough for the rest of the technical committee to decide on like. When are we going to cut the next release?

F

What do we want to have in there.

C

Well, we've had releases of sdks subsequently, like we just did 1.1 of.net yesterday, there's probably going to be a 1.1 of almost every uh 1.0 SDK, um just for just for some minor stuff. It's nothing crazy, but um the next big thing is client support and, though that won't implicate I, don't think that will really implicate any of the existing sdks.

C

um We have to talk about how we're going to actually implement the JavaScript SDK for client support, um but I think like it could mean a kotlin SDK Spotify May donate a swift SDK. um So that's that's. What's really implicated in the client discussion, I think as far as I know and that that's a bit predictive a bit of a guess, because the spec is not complete um but I. Think that's that's really where, from a specification, SDK standpoint I think we're going to spend some energy in the near future.

F

All right, I think we don't have to keep replay robots longer than needed. I think everybody is enough to do client discussion again tomorrow, I think David. You posted a link to everybody who's interested in the client discussion.

B

Yeah there should be the link, it's also on our LinkedIn page, and so whoever these they can also join a bit more easily.

F

Okay,.

B

Perfect yeah, then I guess have a great week. Everyone or end of week.

F

All right.

C

Thanks all thanks.