►
From YouTube: August 6, 2021 - Ortelius Architecture Meeting
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
everybody
to
the
august
5th
ortiz
architecture
meeting
and
I
just
dropped
the
link
to
the
docs
in
the
chat.
So
if
you
could
sign
in
that'd
be
great,
let
me
just
zoom
in
on
that
we
can.
A
So,
as
you
know,
the
service
catalog
is
primarily
focused
around
the
components
and
the
information
we
can
gather
around
a
component
version,
so
some
of
the
stuff
that
we
have
added
thanks
to
ukarsh
and
other
folks
helping
out
and
the
microservices
you
know
coming
along,
so
the
swagger
javascript
is
working
really
well.
What
I
ended
up
having
to
do
was
the
the
way
the
code
works.
A
Is
it
likes
a
url
to
be
passed
to
it,
so
I
ended
up
changing
our.
So
this
is
where
we
use
the
javascript
that
loads
up
the
swagger
and
what
I
ended
up
doing
is
changing
the
text
file
api
endpoint
to
return
the
full
swagger
file.
So
before
we
were
returning
a
json
string
with
another
json,
it
was
like
embedded
json
and
the
simplify
things
I
just
ended
up
making
it
all.
When
you
go
and
ask
for
the
text
file,
it
returns
everything
that
you
requested.
A
You
know
the
whole
file
and
none
of
the
additional
stuff
that,
because
you
already
know
it,
you
already
know
what
the
component
id
is.
You
already
know
what
the
type
is,
so
those
types
of
things
I
took
out
and
we're
just
returning
the
whole
text
file.
So
that's
where
the
swagger's,
rendering
that
one
of
the
things
that
on
the
microservice
side
I
ended
up
doing,
was
to
switch
between
the
mime
type.
A
I
had
to
derive
the
mime
type
appropriately,
so
the
swagger
api
will
act
real
nice
if
you
give
it
the
right
mime
type.
So
I
found
some
code
out
there
if
we
know
that
the
file
that
were
stored
that
was
stored
in
the
database
was
a
readme
file
that
that
was
a
markdown
and
that
we're
going
to
return
a
markdown
mime
type.
Otherwise,
you
do
this
little
try
catch
to
catch.
A
It
was
interesting
that
I
found
that
this
mime
type
for
yaml
really
hasn't
been
adopted
yet
by
as
a
standard,
but
it
seems
to
be
text
slash.
The
ammo
is
the
mind
type
that
will
allow
you
to
download,
or
I
can't
remember,
which
way
it
was
whether
it
allowed
you
to
render
it
or
download
it
either
way.
A
So
when
we're
working
with
the
on
the
build
side
after
you
build
your
component,
you
know
you
build
your
microservice.
We
go
ahead
and
gather
the
information.
A
You
know
the
the
get
digest,
all
that
fun
stuff
we're
going
to
go
ahead
and
and
if
there's
a
swagger
file,
that's
passed
in
we'll
go
ahead
and
upload
it,
whether
it's
json
or
yaml.
So
it
makes
it
really
nice
on
that
front
and
then
here's
the
readme
on
this
side,
where
we
have
the
readme
that's
coming
across,
and
I
found
a
another
javascript
library
to
go
ahead
and
parse
the
mark
down
and
render
it
as
html.
A
So
we
have
a
go,
laying
program
that
will
go
and
run
a
couple
security
scan
tools
and
store
the
data
back
in
the
database
and
then
we're
going
to
pull
it
out.
So
for
the
the
sample
data,
we
can
see
right
now
we're
just
looking
at
python
modules.
A
So
this
is
the
the
package
you
know
the
like
the
flask
restful
and
then
the
version,
and
that
one
is
using
bsd.
We
did
put
in
hyperlinks
with
this
and
it
will
take
you
right
to
the
license
that
one
wasn't
found.
So
we
just
take
the
default.
Let's
try
mit,
so
people
can
go.
Look
up
what
the
the
typical
mit
license
file
looks
like
at
that
level.
So
it's
going
to
be
very
handy
now.
A
One
of
the
things
we'll
do
with
the
licenses
and
the
cves,
because
we
have
component
versions-
are
packaged
into
application
versions,
we'll
be
able
to
roll
up
all
the
licenses
up
to
the
application
version
and
all
the
cves
up
to
the
application
version
as
well.
So
if
you
want
to
know
you
know
what
licenses
that
your
application
is
consuming,
we'll
have
that
list
right
there.
A
You
don't
have
to
go
dig
for
anything
which
would
be
nice,
the
cve
side,
I'm
still
that's
still
a
work
in
progress,
the
the
back
end's
there
I
just
working
on
pulling
in
the
front
end,
but
we'll
have
a
cve
list
with
the
links
over
to
the
cve
database
as
well.
A
So
that's
kind
of
what
what
were
has
been
going
on
that
front.
So
many
other
things
we
did
move
around
like
the
dependency
map
and
we'll
probably
move
around
a
couple
of
these
other
boxes
as
well.
A
So
with
that
I'd
like
to,
let
me
see
who
cares
here
on
on
as
right
now
right.
A
D
Yeah,
so
am
I
audible
now,
yes,
okay,
so
the
objective
was
to
create
an
application
that
would
scan
any
docker
image
and
generate
the
jsons
file.
So
currently
we
are
using
the
commands
to
generate
two
types
of
files
that
are.
One
of
them
will
generate
the
file
that
will
have
a
field
of
material
and
the
licenses
that
we
used
and
the
other
one
will
have
like
if
we
have
found
any
security
vulnerabilities
so
that
we
will
have
inside
the
cve.json.
D
A
Yeah-
and
I
think
we'll
have
to
figure
out,
which
is
the
next
language
we
focus
on
the
one
of
the
hard
parts
with
the
the
security
scanning.
Is
there
no
one
tool.
Does
everything
quite
right?
A
So
when
we
were
working
with
the
pull
request,
marquee
jackson
was
asking:
why
don't
you
just
use
trivi
as
a
github
action
to
get
this
information?
Well,
what
I
found
is
trivia
does
not
give
you
the
licensing
for
each
python,
module
that's
installed
and
then
that
tool
which
that
was
cycle
and
dx
right
for
the
the
licenses.
A
A
You
know
we're
going
to
have
to
make
it
and
I
think
we've
we've
architected
it
that
way.
So,
whatever
the
scanning
tools,
the
customers
want
to
use,
we'll
be
able
to
take
that
file
that
output
of
it
we'll
take
it
put
a
copy
of
it
into
our
database.
A
So
we
can
tie
this
version
of
the
component
with
that
license
consumption
or
this
or
the
vulnerabilities,
we'll
store
that
and
then
we'll
just
go
ahead
and
and
the
microservices
will
help
us
render
it.
A
So
what
basically
we're
just
creating
a
fancy
wrapper
around
the
licensing
tools,
we're
not
reinventing
any
of
the
scanners,
we're
just
kind
of
tying
them
together
to
enable
us
to
make
it
simple
for
somebody
to
to
plug
into
their
pipeline
a
tool
that
allow
them
to
perform
some
scanning
and
all
we're
doing
is
we're
getting
json
or
yaml
files
out
and
then
from
there.
A
One
is
to
gather
the
the
the
scanned
data
and
the
second
one
is
going
to
be
uploading
it
to
our
database,
which
we
already
have
the
restful
apis
and
the
microservices
and
in
our
python
program,
to
do
all
that
upload
part.
So
we're
not
like
telling
anybody
that
they
have
to
use
cyclone
or
that
they
use
safety
as
long
as
their
tool
is
going
to
be
able
to
provide
some
sort
of
file,
we'll
be
able
to
take
that
file
and
add
it
to
our
database.
A
Now,
when
we
do
get
a
new
file
format,
we
will
have
to
make
a
a
change
on
the
microservice
level
to
parse
that
file
accordingly
and
store
it
into
the
database.
The
data
that
we
need,
but
it
looks
good.
It's
going
to
be
really
nice
to
be
able
to
add
on
this
information
and,
like
I
said
all
this
information
will
roll
up
to
the
application
layer.
A
A
So
we
are
going
to
have
to
whoops
rearrange
some
of
the
boxes
at
the
application
layer.
A
That's
pretty
funny
this
roast,
but
these
couple
rows
are
supposed
to
be
hidden,
and
this
is
what
you
get
with
tests
doing
a
demo
with
a
test
code,
but
we'll
have
to
put
put
those
cves
and
the
roll-ups
somewhere
on
the
screen.
We
get
we're
getting
on
a
lot
of
data,
and
I
know
before
there
are
some
talks
about
making
these
collapsible
rows,
and
that
may
be
something
that
we'll
need
to
do
before.
We
release
this
to
be
able
to
cl
collapse.
Some
of
these
roles.
A
A
Yeah
the
idea
that
the
yeah
this
is
confused
because
of
the
let
me
do
this,
some
of
the
things
that
the
one
of
the
suggestions
that
we
had
for
the
tabs
was,
you
would
still
do
the
tabbing,
but
the
tabbing
would
take
you
to
another.
A
So
the
tabbing
right
like
right
now
when
I
click
on
package
components,
it
goes
over
to
another
diagram
and
if
I
go
back,
I
go
back
to
the
the
general
so
we're
actually
switching
screens.
The
idea
was,
you
would
have
the
basically,
these
would
be
bookmarks.
So
if
you
wanted
to
go
to
the
license,
it
would
then
go
down.
C
A
Yeah,
it
was
going
to
be
more
that
way,
instead
of
changing
the
tabs.
What
we
felt
this
is
a
couple
meetings
ago
that
it
was
easier
to
navigate
if
we
had
everything
on
the
same
page
and
we
were
just
going
to
collapse
next,
I.
A
C
Because
there
have
been
some
folks
that
I've
spoken
to
that
said
secrets
would
be
something
that
they
would
like
to
see
managed
there
as
well
backstage,
I
think,
manages
secrets.
But
I
didn't
see
how
and
I
didn't
see
what
about
secrets
that
they
managed
if
they
exp,
if
they
exposed
them
here
or
if
they
pointed
to
a
vault
of
some
sort.
I
I
didn't
know.
A
So
this
is
like
our
pipeline
for
google
and
we
have
a
couple
secrets
here:
they're
encrypted
and
and
they're
actually
stored
inside
of
google
there's
a
an
encryption
key
on
the
google
side,
that'll
decrypt,
the
user
id
and
password.
When
this
runs,
so
I
can't
foresee
us
becoming
a
secrets
tool.
I.
C
C
C
I
don't
think
I'm
not
suggesting
we
manage
secrets
ourselves,
because
that
would
just
be.
I
think
it's
just
an
attribute
of
a
component
that
might
need
to
be
associated.
A
Okay,
if
it's
an
attribute
to
a
component
that
can
be
easily
managed,
we
do
have
the
key
value
pairs
and
we
can
explicitly
break
out
secrets
just
to
call
them
out
a
little
more.
C
I
think
that
might
be
a
good
idea
unless
somebody
wants
to
look
into
it
a
bit,
and
I,
like
I
said
I
I
did
a
review
of
backstage
yesterday
and
I
noticed
that
they
had
a
plug-in
for
secrets.
So
they
have
you
know
at
spotify.
They
have
they're,
obviously
managing
secrets
for
some
tool
and
in
that
tool
they
had.
When
you
looked
at
a
component
overview,
they
had
a
tab
that
said
secrets,
but
he
didn't
go
into
it
to
show
how
it
was
managed.
A
Yeah,
so
here's
where
we
have
our
our
key
value
pairs
of
extra
stuff
and
we
could
do
a
secrets
box.
Oh
one
of
the
other
things
we
kind
of
need
to
make
a
decision
on,
is
at
the
right
now
we're
loading
in
the
readme
file
for
the
component
or
the
microservice.
A
C
Want
to
open
some
issues
on
those
two
things
secrets
and.
A
Yep
I'll
do
it
after
this
I'll
make
sure
they
open
them.
So
that
was
if,
if
we
think
the
the
and,
if
there's
anything
else
in
the
reit
and
in
the
get
repo
that
I'm
missing,
that
we
would
need
that
would
be
of
interest
to
any
anybody.
A
Does
anybody
use
the
like
the
the
github
wiki
or
the
discussions,
or
if
we
should
be
making
having
like
hyperlinks
here
to
right?
Now
we
have
like
the
git
url,
but
that's
more
like
if
you
want
to
clone
the
repo.
A
If
we
need
to
put
in
like
where
the
issue
page
is,
if
you
want
to
put
in
where
there's
the
the
prs
are
done,
wasn't
one
of
the
tools
we
looked
at
because
like
went
and
brought
like
the
last
five
pull
requests,
or
something
like
that
in
the
list.
C
A
D
A
In
the
get
repo,
I
think
we
can
get
that
I
know
from
github
they
have
the
api
set,
but
I
don't
know:
does
anybody
know
anything
like
about
bitbucket
or
gitlab
and
how
they
kind
of
track
issues
in
pull
requests?
I
know
in
git
lab
they
call
merges
instead
of
merge
requests
instead
of
a
pull
request.
E
So
I
think
so
there's
no
particular
criteria
like
depending
on
organization
so
like
we
used
to
use
gitlab,
but
all
our
stories
and
issues
were
present
in
jeera.
Okay,
like
there
is
no
any
particular
structure
that
is
followed.
A
A
But
that's
something
I
think,
I'm
not
going
to
worry
about
for
this
release
of
the
service
catalog,
but
something
that
we
should
definitely
keep
our
pulse.
You
know
keep
the
pulse
on.
A
A
Yeah
and
then
obviously
we'll
we'll
have
issues
for
basically
the
cleanup
process.
A
We
need
to
clean
up
and
standardize
all
the
microservice
code,
chrom's
working
on
some
pieces
around
the
postgres
connection,
pooling
for
our
python
code,
the
pie
breaker,
allowing
us
to
retry
and
avoid
crash
back
loops
loop
crash
back
whatever
it
is.
You
know
what
I
mean
in
kubernetes,
and
you
know
things
like
that.
We
need
to
create
swagger
files
for
each
microservice.
A
For
ourselves.
We
need
to
make
sure
that
the
documentation
is
all
updated,
not
only
for
the
how
to
use
it,
but
also
on,
like
the
restful
api
side,
to
make
sure
that
that
all
is
available
as
well,
so
that's
kind
of
where
we're
at
just
you
know
I
like
to
spend
the
next.
You
know
three
to
four
weeks
wrapping
everything
up
and
get
it
out
the
door.
I
think
we
was
looking
really
good.
Just
gotta
get
that
last
last
sprint
in
here.
C
A
Yeah
we
have
the
azure
cluster
that
we
can
run
this
on,
so
everybody
can
be
looking
at
the
same
data
and
interacting
that
way.
So
so
we'll
have
that.
E
E
A
Okay
yeah,
so
one
of
the
things
the
the
javascript
library
we
weren't
sure
about
is,
if
it
would
support
rendering
and
open
api,
is
open.
Api,
yaml
or
json,
or
both.
E
A
Okay,
so
we'll
have
to
I'll
make
sure
that
we
put
an
issue
out
there
to
take
care
of
that
to
test
it.
C
Report
bugs
and
stuff
steven
or
test
cases
do
you
want
to
create
a
separate
repository.
Take
a
look
at
that
as
well.
A
A
So
off
of
the
ortilius
repo,
if
you
go
to
issues
we
do
have
a
project
called
service
catalog.
So
all
you
have
to
do.
C
A
Tag
it
as
service
catalog,
okay,
now
that
you
bring
that
up,
I
am
gonna
go
through
and
a
lot
of
these
things
around,
like
the
microservices
and
things
like
that.
I
think
they're
far
enough
along
to
go
ahead
and
close
some
of
these,
so
I'm
going
to
like
at
add
a
container
dependency
box.
So
I'm
going
to
go
ahead
and
and
do
a
pull
request
and
close
a
bunch
of
these
as
part
of
that
process
so
and
then
new
ones
I'll
create
for
like
what
we
just
talked
about.
A
You
know:
testing
with
open
api,
adding
in
you
know
the
links
to
github
issues,
those
type
of
things
I'll,
add
in
here
and
I'll
tag
them
as
the
service
catalog
project,
okay,
and
if
you
have
any
issues
that
come
up
even
like
documentation,
what
we
do
is
we,
I
don't
know
if
it's
in.
Let
me
just
change
my
filter.
A
So
all
we
do
is
we
go
ahead
and
just
put
the
keyword
in
front
of
it
if
it's
documentation,
all
of
our
issues
are
centralized
in
one
location,
even
though
that
this
is
going
to
refer
to
the
documentation
repo,
it
just
makes
it
easier
for
people
to
find
things
to
work
on
if
it's
all
in
in
one
place,
instead
of
spread
across
our
15
20
repos
and
in
github,
you
can
cross-reference
repositories.
A
So
if
you
do
a
pull
request
in
the
documentation
in
the
docs
repo,
you
can
reference
this
issue
over
here
and
you
can
automatically
close
it
when
you
do
the
pr
merge.
C
A
Yeah,
oh
and
the
automatic
deployment
to
azure
for
the
website
and
docs
is
broken
right
now
we
had
a
certificate
expire
at
the
azure
level
and
I'm
trying
to
figure
out
how
to
get
that
certificate
updated.
So
if
anybody's
an
azure,
rockstar
ping
me
on
discord,
I
need
to
create
a
new
new.
What
does
it
call
this
service?
A
Well,
I
have
a
service
principle.
I
need
to
associate
a
new
pem
file
against
that
had
that
has
a
certificate
that
hasn't
expired.
A
So
if
any
of
you
out
there
are
on
the
azure
side,
one
last
thing
we
have
the
this
evening.
My
time
it'll
be
8.
30
australian
time
is
going
to
be
the
get
ops
working
group.
A
I'm
not
going
to
be
able
to
make
that
I
let
brad
know
I
he'll
probably
still
keep
doing
that,
even
though
I'm
not
going
to
be
there,
so
that
is
they're
moving
along
pretty
well.
On
that
front,
they
got
some
good
progress
around
argo
and
how
how
they're
getting
into
the
next
next
phase
of
where
they're
gonna
be
able
to
start
laying
out
the
design
for
ortelius
they're
they're.
C
That's
exciting,
I'm
looking
forward
to
it.
You
didn't
happen
to
share
with
them
the
what
spinnaker
or
where
oppsimex
is
done
around
spinnaker
and
get
up.
Did
you.
A
No,
I
did
not
know
about
that.
A
A
So
they've
been
working
mainly
with
argo
right
now,
understanding,
argo
and
basically
the
problem
I
keep
posing
to
them,
which
they
keep
on
thinking
they
have
solved,
is
a
repository
sprawl
and,
more
specifically,
manifest
files
sprawl
on
how
to
deal
with
those
in
a
microservices
world.
A
The
the
get
ops
works
really
great
if
you
have
a
monolith
or
if
you
have
five
microservices
right,
but
everybody
last
time
I
talked
to
sasha,
he
was
doing
a
an
application.
He
was
splitting
out
into
microservices
that
they
had
150
of
them
and
he
says
it's
just
you
just
pull
your
hair
out
with
all
these
files.
A
So
if
you
can,
I
know
it's
weird
times
for
folks
for
australia,
but
it's
it's
gonna
be
8
30
sydney
time.
I
believe.