►
From YouTube: 2021-10-27 meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
Hello,
everyone,
I'm
sorry,
it's
running
a
little
bit
late.
If
you
can,
please
add
your
names
to
the
meeting,
notes
and
add
any
agenda
items
you
have
that
you
wish
to
discuss.
We
can
get
started
shortly.
B
Okay,
so
this
first
issue,
someone
wanted
to
speak
to
the
the
issue
and
how
it's
affecting
them.
C
Yeah,
so
I
can
go
over
the
first
issue,
which
is
basically
unable
to
re-label
the
job
at
instance
labels.
So
the
issue
is
that
the
job
and
instance
labels
when
we
try
to
label
them
using
the
relabel
config
or
the
metric
or
conflict.
They
don't
work
because
once
it's
relabeled
and
it
is
sent
by
the
prometheus
scraper
to
the
order
collector
so
to
send
it.
It
basically
tries
to
look
for
the
targets
with
the
relabeled
labels
and
it
fails
to
find
the
jobs
and
instances
with
the
same
labels.
C
So
it's
the
order.
It's
the
way
that
the
order
collector
has
implemented
itself
because
it's
implemented
to
look
up
the
targets
based
off
of
the
labels.
That's
coming
from
the
matrix.
So
this
issue
of
expedition
as
well,
because
when
we
try
to
use
the
federation
with
honor
label,
said
to
true.
C
C
So
this
is
the
first
issue,
and
I've
created
an
issue
for
this
and
like
it's,
it
doesn't
seem
to
be
an
easy
fix
because
it's
it
it
needs
to
fundamentally
change
the
way
that
hotel
collector
looks
at
the
destination.
So
I'd
just
like
to
hear
about
what
your
thoughts
are.
B
Yeah-
and
this
is
an
issue
that
I
was
discussing
with
mustafan
yesterday-
we
were
talking
about
some
of
the
testing
that
he
and
perez
are
preparing,
and
we,
I
think
we
came
to
basically
the
same
question-
that
for
some
reason
the
collector
is
expecting
that
the
job
instance
labels
exist
in
a
map
that
it
has
that
it's
built
off
of
the
configuration
where
we
left.
That
was
that
we
don't
have
a
solid
understanding
of
why
it
has
that
expectation,
and
that's
something
that
I
I
need
to
dig
into.
B
B
I'm
gonna
guess
probably
not,
but
this
is.
This
is
something
that
I'm
going
to
be
looking
into
today
or
tomorrow
and
hopefully
I'll
be
able
to
find
a
way
forward
like
I.
Ideally
we
can
just
remove
that
check
because
it
isn't
actually
doing
anything
valuable,
but
we'll
we'll
see.
C
Okay,
so
that's
good,
thank
you
and
I
think
the
next
issue
is
also
from
me.
So
the
good
art
sound
file
has
some
older
versions
of
the
dependencies
which
are,
I
think,
coming
from
prometheus
too.
So
so
when
we
we
have
enabled.
So
we
have
taken
dependency
on
the
hotel
collector
and
we
have
built
our
own
customized
collector
on
top
of
it
and
then
so,
when
we
have
enabled
when
we
enable
the
dependable
alerts
on
top
of
the
repository.
C
So
it
flats
some
of
the
older
versions
of
the
gold
on
some
file
for
many
of
the
dependencies
for
many
of
the
vulnerabilities
that
we
have,
and
so
is
there
any
thoughts
about
like
cleaning
up
the
code
or
some
file,
because
many
of
the
versions
are
old
and
may
not
be
used
at
all
they're,
just
they're
as
texan.
So
I
just
wanted
to
know
if
there's
like
any
plans
to
like
clean
up
the
godot
sums
periodically
and
also
taking
your
versions
of
the
dependencies
every
so
often.
B
So
we
we
do
apply
dependable
pr's
to
update
our
direct
dependencies
as
as
they're
made.
So
if
there
are
transitive
dependencies
that
are
out
of
date
and
have
vulnerabilities,
they'll
most
likely
depend
on
our
direct
dependencies
than
making
an
update
so
like.
If
prometheus,
had
a
dependency
on
something
and
we
depend
on
prometheus,
then
we
would
need
prometheus
to
update
that
dependency.
B
We
are
also
in
in
the
collector
using
the
go
117
mod
format,
which
includes
all
of
the
trends
of
dependencies
that
are
actually
used
by
a
module
in
godot
mod.
So
I
don't
know
if
it's
possible
to
have
depend
on
the
bot
look
at
that.
Instead
of
looking
at
go
dot,
some,
which
may
include
checksums,
as
you
mentioned,
for
modules
that
are
not
actually
used
by
that
module.
C
Yeah,
I
will
dig
a
little
bit
more
on
this
on
my
intro,
but
okay,
so
you're,
saying
you're,
saying
that
you,
you
just
include
that
and
go
down
more
and
then
you're.
B
I
so
we
we
apply
all
of
the
changes
that
depend
about
tells
us
we
should
change.
We
would
do
that
in
what
I
think
it's
generally
a
reasonable
time
frame.
I
don't
know
that
there
are
any
vulnerabilities
explicitly
that
have
been
identified
for
us
by
dependenbot.
I'd
have
to
go
and
take
a
look
at
it
again,
but.
E
But
but
anthony,
I
think
I
see
all
these
currently
flagged,
but
I
I
am
not
a
security
owner
for
the.
C
A
C
B
Okay,
yeah,
I'm
not
seeing
that
in
the
security
tab
of
collector
contrib,
I
think
or
collector.
So
this
may
be
an
issue
that
would
be
good
to
bring
up
in
the
next
hour
at
the
collector
sig,
to
see
if
one
of
the
admins
of
those
repositories
can
enable
to
depend
about
alerts,
security
alerts
or,
if
there's
something
in
addition
to
what
we're
currently
doing
with
defendant.
Whether
we
need
to
enable.
B
Okay
and
then
grace
you
have
a
question
about
the
prometheus
ui.
A
Yep,
julius
or
augustine,
I
also
put
the
maintainers
md
into
into
the
meeting
notes
you
have
email
addresses
and
such
in
there
as
well.
B
Okay,
does
anybody
else
have
any
other
issues
that
we
should
discuss
or.
E
Yeah,
I
have
one
question
so
I
say
we
have
moved
to
otlp
0.10.
So
is
there
any
plans
that
we
are
going
to
actually
move
the
sales
representation
to
the
protocol
representation?
B
Yeah,
so
I
think
that
now
that
that,
now
that
the
collector
is
using
v10,
that
is
a
change
that
we
can
make
and
should
be
made
soon.
I
don't
know
if
there's
already
an
issue
existing
for
it
or
not.
If
there
isn't,
I
will
create
one
when
we
could
get
that
change,
it
should
be
fairly
straightforward.
We
need,
we
just
need
to
coordinate
it
between
the
the
receiver
and
the
the
two
exporters,
the
prometheus
exporter
and
the
actually
the
prometheus
exporter
might
not
even
need
it
with
the
remote
right
exporter.
B
Okay,
I
think,
with
that
we
can
I'll
take
a
bit
of
our
time
back
this
morning.
Thank
you
all
for
coming
and
we'll
see
you
guys
next
week
or
in
the
next
hour,
depending.