►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
A
A
Cool
so
hi
everybody
welcome
to
the
hardware
community,
so
the
agenda
for
today
is
mainly
two
items
for
system
which
I've
pulled
up
here
will
present
the
work
they
get
to
integrate
their
image
scanner
with
hardware.
B
This
is
a
photo
about
me
just
several
years
before
I
have
my
twins-
and
I
love
to
say
that
about
me,
because
I
have
two
twins
that
are
more
or
less
three
years
old.
So
that
means
that
I'm
probably
the
the
person
in
the
entire
world
with
the
most
passion,
the
most
passing
work,
the
most
passion
person
in
the
entire
world.
B
So
if
you
have
some
some
questions,
some
doubt
please
stop
me
and-
and
I
will
be
happy
to
help-
and
I
saw
that
okay,
the
point
about
the
the
this
short
meeting
is:
how
is
that
secure
love?
Scarborough
all
of
us
already
know
about?
What
is
hardware?
Is
the
an
open
source
container
in
my
registry?
It
has
the
airbag
it
has
image
scanning
features.
Also
image
image
singing.
It
also
is
able
to
host
helm,
charts
another
kind
of
stuff.
B
The
the
good
point
for
us
is
that
by
default,
hardboard
ships
in
the
in
the
2.0
version
with
with
3b-
and
it
has
two
image
scanner
by
by
default-
one
is
clear
and
the
other
is-
is
3v,
but
it's
open
to
implement
your
own
scanner
and
use
and
use
it.
Okay.
This
is
the
the.
So
that's
the
point
that
we
did
in
in
this
in
this
project.
B
For
all
of
you
that
doesn't
know
about
secure.
Well,
csd
is
a
company
that
basically
does
does
a
couple
of
things
with
system
calls.
I
mean
we
have
an
a
product
which
is
called
systick,
monitor
that,
basically
you
deploy
your
origin
in
your
cluster
and
we
know
just
sniffing
all.
The
system
calls
that
are
happening
in
the
host
and
we
can
use
that
information.
B
I
mean
if
someone
is
trying
to
read
from
regularity
shadow,
we
know,
and
it's
really
likely
that
that
person
is
going
to
trying
to
know
is,
is
going
to
trying
to
know
the
passwords
that
are
registering
your
system
or,
for
example,
if
someone
is
trying
to
replace
your
bnls
command
for
other
kind
of
command,
it's
altering
your
system
and
maybe
a
dangerous,
a
security
threat
I
mean
so
for
the
security
part.
B
I
I
love
to
to
showcase
only
for
four
points.
One
is
the
runtime
security
in
the
form
that
I
explained
to
you.
Even
we
can
also
ingest
ingest
information
at
the
cluster
level
using
the
kubernetes
of
this
law.
That
means,
if
you
try
to,
if
you
are
trying
to
deploy,
imagine
the
case.
You
are
trying
to
create
a
config
map,
and
indeed,
in
that
complete
map,
you
are
storing
your
aws
key,
just
just
in
plain
text.
B
We
can
warn
about
that
or
you
or
you
are
trying
to
deploy,
for
example,
an
ingress,
and
you
don't
have
atleast
a
tls
certificate
associated
to
it.
We
can
raise
the
hand
and
what
are
you
doing?
Okay,
we
also
cover.
We
also
have
image
scanning
features
with
the
as
we
we
also
have
support
for
build
db
feeds.
We
also
have
a
good
stuff
about
forensic
analysis.
As
long
as
we
are
capturing
all
the
system
calls
that
that
happens
in
the
in
the
system.
B
We
know
all
the
things
that
are
that
are
happening
on
that
and
we
can
take
a
photo
about
the
system
more
or
less
more
that
they
can
take
a
photo
is
more
like
record
a
video
in
a
period
of
time
and
know
how
the
system
the
host
has
behaved
on
that
system
and
also
the
compliance
pass
business.
B
B
This
is
a
typical
scanning
that
we
that
you
are
going
to
expect
from
from
other
software
as
a
service
vendors,
where
you
just
think
about
the
back
end
about
the
new
image,
the
the
new
tag
I
mean
and
then
the
back
end
pulls
the
image
and
do
the
analysis
in
the
cystic
infrastructure.
I
mean
in
the
in
the
cloudband
in
the
in
the
sas
infrastructure
and
the
other
way
that
I
wanted
to
to
show
you
is
the
inline
scanning.
The
line
scanning
happens
in
the
infra
in
the
same
infrastructure
where
hardware
is
deployed.
B
That
means
in
some
cases
we
usually
work
more
with
on-prem
installations,
but
in
some
cases
some
people
prefer
to
use
their
own
infrastructure
to
do
this
kind
of
of
analysis
for
performance
for
avoiding
few
times
or
or
something
like
that.
Okay
and
I'm
just
going
to
show
you
how
the
information
is
present
and
I'm
going
to-
I
I
think
I
know
I
I'm
going
to
show
you
how
the
jobs
has
been
spawning
in
kubernetes
to
do
the
inline
scan.
I
mean
the
back
end.
All
of
us
now
is
about
the
back
end.
B
B
B
B
B
Okay,
I
think
most
of
you
are
familiar
with
with
canaanites
is
just
a
cli
tool
to
to
see
the
kubernetes
cluster
and
then
I'm
going
to
check
for
another
hardware,
python,
I'm
going
to
try
to
okay,
docker
pool
python3.4.
B
Okay,
I'm
pulling
the
the
python
version,
I'm
going
to
tag
to
at
the
top
and
push
the
image,
and
we
will
see
how
we
expand
the
the
inline
scanning
job.
Okay,
complete.
B
B
It's
pushed
so
we
will
receive
here
the
post
to
api
v1
scan
and
the
next
line
is
the
health
check
and
wrapping
yeah
wrapping.
We
can
see
here
in
this
line
the
that
is
trying
to
get
the
report.
The
bad
news
I
have
to
told
you
is
that
the
good
news
is
that
we
can.
We
spawn
the
inline
scan,
but
my
colleagues
from
secure
deploy
this
morning
a
breaking
change
in
the
api,
so
that
if
we
check
the
lock
we
will
see,
we
will
see
that
error.
B
But
it's
not
a
problem,
because
I
had
other
other
jobs
working
on
other
logs
on
on
that.
I
created
before
of
that.
The
point
here
is
that
we
spawn
the
job
and
we
create
we
spawn
the
job
and
we
don't
load
all
the.
We
download
that
container
that
contains
all
the
vulnerability,
all
the
the
scanning
analysis
infrastructure
needed,
so
that
we
can
spawn
that
in
a
job
on
kubernetes
perform.
B
Sorry
here
is
the
project
in
csd
labs
in
github,
so
that
we
are
also
open
to
pull
requests
or,
if
or
whatever
you
have
more
details,
and
we
also
have
a
detailed
guide
to
deploy
this
in
in
your
cluster,
and
this
is
everything
on
my
side.
I
don't
want
to
to
cannibalize
or
or
take
all
the
time
for
the
for
the
community
call.
Thank
you
for
for
the
opportunity
to
showcase
this,
and
I
think,
if
you
have
some
questions,
I'm
open,
I'm
I
will
be
glad
to
to
answer
them.
C
And
so
this
is
awesome
by
the
way.
Thank
you
for
thank
you
and
your
team
for
doing
the
work
and
integrating
with
hardboard.
This
is
amazing.
It's
good
stuff.
We
really
appreciate
it
and
yeah.
C
A
C
B
B
A
Oh,
hey
thanks
a
lot.
I
think
there
are
a
lot
of
security
tools
for
the
docker
world
right
now
we
talked
about
just
just
briefly
where
the
stick
fits
into
the
picture.
You
know
what
what
problems
you
trying
to
solve.
You
know
that's
compared
to
something
like
trivia
by
encore
or
yeah
by
aqua
or
encore.
B
B
It's
I
mean
if,
if
just
I
had
some
time
to
dedicate
only
to
this
project,
I
I
can
ship
it
faster
right.
I
could
have,
it
could
have
been
faster,
but,
as
you
know,
we
also
have
more
work
than
the
hands
to
to
do
the
work.
That
was
pretty
easy
and
the
documentation
was
pretty
pretty
good.
So
thank
you
for
the
work
on
that.
A
A
E
Can
you
see
my
screen?
Yes,
the
one
with
the
pull
request
right.
I
know
I'm
not
yeah,
okay,
so
basically.
Well
now
I
I
am
at
the
made
of
nestor
I
work
for
cystic
since
november,
but
this
feature
was
developed
right
before
it
was
hired
by
csd.
I
was
working
by
adidas
and
our
investor
infrastructure
was
based
on
artifactory
and
active
directory
and
we
were
migrating
to
hardboard
and
microsoft
azure
based.
E
One
was
the
group
support
that
some
work
had
already
started
by
the
time
we
started
using
hardware
around
ropes
and
then
the
other
one
was
the
this
one,
which
is
including
this
pull
request.
So
basically
I
will
do
them.
Okay,
I
have
one
hardboard
here
configured
to
use
some
active
directory
inside
azure
and
the
problem
now
is,
for
example,
if
I
try
to
login
via
open
iv.
I
click
my
user
in
here.
E
E
Probably
two-factor
authentication
yeah,
so
let
me
check
my
mobile
and
approve
it
yeah.
So
this
is
the
standard
open
id
connect
flow
right
and
now
I'm
taking
to
the
onboard
screen.
So
I
see
two
problems
in
here:
one
is
the
username,
the
username.
If
you
check
the
id
token
that
is
returned
from
from
microsoft
identity
provider
the
default.
I
have
a
better
example
in
here.
E
The
default
claim,
in
the
token,
contains
the
full
username,
including
spaces,
dots
and
whatever.
So
I
get
something
in
here,
which
is
what
we
didn't
want
in
adidas,
we
wanted
normalized
and
unique
username,
okay
and
then
the
other
thing
we
could
couldn't
allow
is
the
user
to
type
its
own
username.
So,
in
this
pull
request,
we
are
adding
a
couple
of
options.
E
Hopefully
this
will
be
merged
soon.
If
I'm
not
wrong,
it
went
through
a
throat
full
review
and
we
made
some
changes
a
better
handling.
So
basically
one
of
the
first.
It's
these
two
points,
but
basically
one
of
the
first
customizations
is
you
can
choose
the
claim
from
where
the
username
is
taken.
So
if
I
put,
for
example,
email
in
here
now
when
I
login
via
oidc,
the
username
is
taken
from
that
claim,
instead
which,
for
example,
for
us,
the
username,
the
email
server,
is
a
better
approach
than
using
the
full
name.
E
So
if
you
don't
want
the
user
to
be
able
to
change
the
username,
and
you
choose
a
good
username
claiming
here,
making
sure
that
the
username
will
be
unique
per
each
user,
then
just
clicking
in
here
will
automatically
onboard
the
user
skip
the
onboard
screen
and
then
the
user
didn't
have
the
chance
to
set
a
different
username.
Okay,
I
think
it's
not
for
them
or
we
tested
the
other
day.
Some
error
conditions
like
if
the
user
was
duplicate,
get
an
error
and
similar,
but
basically
that's
it.
So
thank
you.
C
This
great
work
alvaro.
It's
awesome,
it's
great,
I
think
you
know
definitely
we'll
make
it
to
the
one
I
think
from
what
I
had
heard
before
from
daniel,
but
thank
you
for
coming
and
contributing
and
I'm
glad
that
it
solves
a
need
that
you're
for
your
organization.
E
I'm
glad
it's
helpful.
I
think
many
users
were
asking
for
a
similar
future.
We
were
in
adidas,
so
I
can
imagine
that
other
organizations
were
suffering
the
same
issue,
so
we
thought
we
are
taking
harvard
from
the
community,
so
we
must
give
to
the
community
back,
and
this
is
what
we
gave
this
pull
request.
So
thank
you
very
much
appreciate
it.
A
Hey
thanks
a
lot
especially
contributing
to
the
project.
Even
after
you
have
adidas
and
yeah.
We
have
gotten
the
summer
complaint
from
blue
air,
france
klm
and
another
company
as
well
another
useful
hardware
yeah,
it's
just
it
wasn't
in
line
with
how
people
were
using
rgc
locked.
A
Demos,
all
right,
I
think
we
can
move
on
to
all
you.
Do
you
want
to
demo
the
not
blocking
power
instructions.
F
And
today
I
will
give
you
our
e2e
demo
on
my
debugging
environment,
for
from
the
youtubers
perspective,
there's
not
much
difference
of
with
the
previous
version
of
garbage
collection,
but
in
the
background
we
dropped
the
dependency
on
the
distribution
got
garbage
collection.
That
means
hybrid,
no
longer
less,
on
the
distribution
to
do
the
capacity.
F
So
we
calculate
the
reference
code
of
each
blob
bases
on
the
hyper
database
and
also
implement
the
blog
and
then
manifest
the
tradition,
api
that
basis
on
the
distribution
source
code
to
handle
the
file
deletion
directly,
and
here
I
have
a
demonstrate
to
constantly
push
hardware
and
into
a
library
project
and
that
simulates
the
user
to
push
image
when
hardware
in
gc.
So
you
can
pay
attention
to
the
book.
F
So
in
the
previous
version,
harbor,
when
user,
when
says
I
mean
triggers
a
garbage
collection,
if
user
is
pushing
an
image
at
this
time,
he
will
get
a
failure
immediately,
because
the
hardware
rejects
any
modification
request
like
this.
So
when
cover
in
read
only
mode,
so
you
can
see
that
the
the
purge
is
faded
by
the
read
only
mode.
So
so
let
me
show
you
some
different.
F
Today's
in
the
number
of
you
see,
let's,
let's
see
what
we
have
now
we
have
two
project,
so
one
is
the
library,
so
the
the
backend
demos
right
is
continue
pushing
our
into
library.
So
if
I
try
to
delete
it,
it's
gonna
be
back
immediately
because
the
background
is
pushing
so
we
have
another
project
that
the
name
of
named
demo
ever.
I
have
a
radius
manifest
in
in
this
project.
F
Yeah,
this
is
what
we
have
in
these
two
projects
and
back
into
the
local
story.
Let's
see
what
we
have
now
for
the
storage
folder
here
on
here
we
can
see
we
have
a
lot
of
blogs
manifest
on
the
links.
So
totally
we
have
one
more
than
100
files
in
the
local
file
system.
So,
let's
start
the
timer.
Now
let
me
delete
the
previous
okay.
F
Let
me
switch
to
the
demonstration
and
let
me
delete
the
already
first
step
and
then
to
trigger
garbage
collection,
so
you
can
pay
attention
to
the
backend.
So
now
the
gap
scratch
is.
F
So
the
demonstration
is
is
working
as
as
expectations.
So
no
is
no
failure,
because
capture
connection
will
not
block
the
the
pressure
so
from
the
log.
We
can
see
that
harbor
marked
several
gloves
for
tradition
and
totally
we
we
marked
them
forty,
seven
bucks
and
eight
nine
eight
manifest
and
the
delay
them
one
by
one
from
the
vacant
storage
so
use
the
api.
I
mentioned
that.
F
Implement
by
ourselves,
so
let's
start
to
see
the
local
file
system
yeah
and
we
can
see
that
most
of
the
blocks
are
removed
from
the
story
and
it's
almost
three
lapto.
F
A
Thanks
honey,
anybody
have
any
questions.
E
I
must
say
thanks
also
because
this
one-
this
was
one
of
the
missing
features,
also
back
in
adidas,
the
blocking
garbage
collection,
because
there
were
like
several
terabytes
of
images
and
we
had
to
schedule
the
garbage
collection
for
saturday
nights
to
don't
interrupt
the
developer.
So
thank
you
very
much.
This
is
very
welcome.
A
Yeah,
basically,
you
know
we
were
calling
the
native
art
questioning
capabilities,
we're
leveraging
that
of
the
distribution.
A
They
didn't
quite
open
it
up
to
the
level
that
we
would
like
to
be
able
to
do
it
in
an
unblocking
way,
and
so
eventually,
just.
G
C
Absolutely
when
I
call
that
you
know,
without
this
feature,
hardware
cannot
scale
as
more
and
more
customers
are
putting
terabytes
and
terabytes
data
on
hardware,
having
a
significant
downtime
period
to
be
able
to
reclaim
storage
and
clean
up
the
environment
is
not
acceptable,
so
you
know
this
is
awesome.
We
got
to
it
and
to
the
one
we
have
this
feature
along
with
many
others,
so
this
is
very
exciting
for.
A
That's
all
we
have
for
this
questions
comments
things
that
they
want
to
discuss
can
open
up
for
a
few
minutes.
Maybe
mine,
early
everybody's.
A
Okay,
by
the
way,
we
will
be
releasing
a
2.0.1
today,
either
today
or.
C
Tomorrow,
when
we're
not
releasing
1.10.x
4,
I
think
is
the
next
one
for
to
cover
some
of
the
same
features
as
2.0.1.
C
We
can
take
that
offline
in
our
harbor
slide
channels.
B
A
Yeah,
someone
is
mentioning,
remove
untagged
chat;
basically,
we
we
added
a
toggle
or
the
ability
to
to
remove
one
pack
images
or
to
prevent
those
from
being
guard
collected
that
previously
was
not
available.
A
It
was
part
of
the
a
byproduct
of
the
work
that
we
did
for
supporting
those
images
that
we
started.
You
know
tracking.
We
started
we
added
the
concept
of
the
hardware
tag.
C
A
Yeah
it's
there,
but
it's
not
viewable,
like
people
have
always
been
complaining
that
you
know
they
thought
they
didn't
push
it
correctly,
but
they
were
able
to
pull
the
image
because
it
was
actually
pushed
directly.
You
just
couldn't
see
it.
A
Wood
2.0,
you
can
view
all
the
inside
images
you
can
add
or
remove
tag
on
a
single
image.
Just
want
more
granular
all
right.