►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
hey
everyone
welcome
to
the
harvard
community
meeting,
so
it's
been
a
while,
since
our
last
one
we
skipped
the
previous
meeting
because
of
the
national
holiday
in
china.
So
today
the
agenda
is
going
to
be
we'll
share
a
couple
things
that
we're
working
on
for
the
upcoming
2.2
release.
So
first,
our
maintainer
wang
yin
will
talk
about
our
new
system
level.
A
Robot
accounts
that
you
know
people
have
been
asking
for
for
a
really
long
time
and
then
our
other
maintainer
and
daniel
and
zhang
will
talk
about
our
plans
to
support
a
specially
privileged
admin
group
when
deploying
with
oidc
off
so
take
it
away
lion.
B
B
Yeah
in
our
2.2,
we
want
to
do
a
husband
about
the
rubber
cart
so
so
today,
let
me
give
you
a
briefly
introduction
about
that.
Why
do
we
want
to
have
a
enhancement
about
the
web?
Account
the
requirements
are
from
the
community.
B
The
key,
the
key
feedbacks
are
these
two
issues:
they
are
the
need
to
it
needs
the
robot
had
the
ability
to
access
multiple
projects,
another
one
is
allow
additional
scopes
to
be
provided
to
the
rubber
class.
So
basics
are
the
basis
on
the
about
requirements.
We
want
to
have
a
robot
version
two,
so
in
the
rubber
version
2
we
will
have
a
system
level,
rubber
comp
and
the
new
credential
mechanism,
which
can
like
that
mean
to
edit
the
access
code.
B
So
the
main
stories
are
at
the
system
admin
he
can
create
a
system,
liberal
robocon
and
with
the
select
data
projects
and
the
excess
scope
of
each
project
and
also
the
system
I
mean,
can
edit
the
project
on
the
the
also
the
edit
the
project
access
code
and
also
the
system
admin
can
view
and
specify
the
secret
of
a
rubber
car.
B
So
this
is
our
mind
stories
to
achieve
these
stories.
We
need
to
redesign
the
rubber
car,
so
the
the
main
points
are
deprecate,
the
gw
gwt
token,
and
since
everything
about
the
robocom
is
in
encapsulated
into
the
gw
token,
and
the
gw
token
cannot
be
added,
so
we
decided
to
use
the
secret.
Is
that
and
meanwhile
that
store
all
the
information
of
a
web
account
into
the
database
following
on
the
db
schema
chain
and
also
the
api
design,
we
will
introduce
a
new
entry
to
handle
the
system
live
or
web
account.
B
B
So
this
is
the
whole
house
process
and
we
will
add
a
new
one
that
called
the
rubber
2,
also
kit
into
the
house
process
and
another
hot
topic
in
the
community
about
the
rubber
comp
is
the
prefix
and
a
lot
of
user
companies
like
compiling
light.
They
have
to
script
escape
the
dollar
calculator
in
their
shell
script.
B
So
then
harbor
will
give
the
ability
to
let
users
to
define
their
own
prefix.
But
but
here
the
user
need
to
aware
that
the
self
defined
the
prefix
may
have
name
confliction
with
the
user.
A
A
I
can
just
set
that
in
my
in
my
in
my
yaml
array,
the
values.yaml
and
then
can
I
create
a
username
with
a
plus
sign
within.
B
Okay,
but
but
user
had
to
aware
that
the
name
confirmation
is
how
you
correct.
So
here
is
the
very
basic
ui
markup
to
help
you
to
understand
the
general
idea
of
this
proposal.
So
when,
when
system
ending
to
create
a
new
system
level
rubber
car,
it
can
specify
the
projects
that
the
robot
can
access
and
also
the
scope
of
the.
A
Look
like
this
right,
but
the
key
takeaway
is
that
when
you
create
it,
you
can
specify
the
projects
and
the
api
access
right
and
also
when
you,
edit
it'll,
look
like
this
as
well.
B
So
the
u.s
will
provide
more
details
about
the
ui
design,
but
here
is
just
a
general
idea:
let's
show
them.
A
You
know
we
also
discussed.
There
would
be
another
system
level
robot
account
where
you
know.
I
don't
know
what
the
ue,
what
the
ux
looks
like,
but
if
you
had
chosen
that
it
would
basically
like
for
any
subsequent
projects
created,
it
would
also
be
usable
for
that
robot
camera.
So
you
don't
have
to
manually
add
in
new
projects
into
their
robots
scope.
A
B
Yeah
yeah,
the
automation
we
do
have
an
option
for
the
assistant
admin
to
to
like
the
the
replicant
will
cover
all
the
projects
so
like
a
star
or
something
else
too.
All.
B
B
A
Okay,
daniel,
do
you
want
to
share
the
admin
group
for
oidc
yeah.
C
Let's
see
my
screen
yep
yeah,
I'm
using
a
a
patch
environment
because
the
code
is
still
on
the
reveal.
Hopefully
it
will
be
merged
into
master
in
another
couple
of
days.
C
So
the
reason
we
are
adding
the
admin
group
for
idc
is
that
I
mean
some
user
asks
for
it
and
they
want
this
similar
admin
group
mechanism,
as
in
the
ldap
authentication
mode,
so
such
that
the
user's
privilege
of
administration
in
harbor
can
be
controlled
in
the
id
provider
and
the
system
admin
does
not
need
to
assign
the
admin
role
one
by
one
when
the
user
is
onboarded
to
harbor.
C
He
just
need
to
add
the
user
into
this
admin
group
in
his
id
provider
and
when
the
user
is
onboarded
or
authenticated
that
he
will
automatically
has
the
admin
privilege
and
so
in
this
oidc
configuration
page
you'll.
See
here
is
an
another
attribute-
is
the
already
admin
group,
so
the
admin
can
set
one
group
name
here
whose
member
will
have
the
admin
privilege
when
he's
authenticating.
C
However,
here
we
name
it
group
one
and
I'm
using
this
key
cloak
id
provider,
but
this
is
now
now
related
to
the
kind
of
the
oidc
provider,
because
the
mechanism
is
the
same.
Now,
let's
look
at
the
settings
in
key
cloak.
C
There
is.
There
are
two
groups
I
created
and
the
group
one.
We
have
user
zero
zero
one,
but
just
keep
this
in
mind
because
I'm
gonna
demo
using
this
user
only
so
if
I
log
out
and
log
in
as
user
the
other
one.
C
Yeah
it
it
used
to
he
used
to
be
onboarded
before
so.
The
name
is
001
underscore
user,
and
you
can
see
after
he's
logged
in
he
has
this
admin
privilege
to
such
as
creating
the
to
create
replication
policies
and
manage
all
the
users
and
groups
and
etc,
and
similarly,
at
the
cli.
C
C
C
C
C
This
I
mean
under
the
hood
we
use
this
id
token
as
a
single
source
of
choose
and
because,
in
the
id
token
it
contains
this
member
in
for
that
user,
one
is
a
member
of
group
one.
So,
each
time
they
do
the
he
does
the
authentication
we
will
check
if
he
is
a
member
of
this
admin
group
according
to
the
setting.
So
once
he's
no
longer
the
in
the
admin
group,
as
said
in
the
oidc
setting,
he
lost
all
the
privileges.
C
A
Alrighty,
it's
very
straightforward,
but
it's
really
nice
to
have
that.
So
we
have,
you
know,
feature
parody
with
when
it's
deployed
with
with
ldap.
A
A
Okay,
that's
all
I
had
planned
for
today.
We
plan
on
delivering
both
of
these
in
2.2,
the
you
know.
The
designs
that
we
just
went
over
are
in
the
community
rebo.
So
if
any
has
any
questions
or
want
to
contribute.