►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
yeah,
so
hey
everyone
welcome
to
the
harper
community
meeting.
A
So
the
agenda
for
today
is
a
little
different
from
usual.
We
don't
have
a
demo
plan,
we're
sort
of
at
the
very
end
of
the
2.1
release,
which
goes
out
end
of
this
week
or
early
next
week,
and
so
we're
trying
to
prioritize
some
of
the
items
for
2.2.
A
So
you
know
here
I
have
the
harper
project
board,
so
you
can
take
a
look
at
you
know
some
of
the
things
we're
thinking
about
for
2.2
the
2.2
product
suggestions,
and
so
I
thought
we
could
just
go
through
a
couple
of
these
real,
quick,
some
of
the
ones
that
you
know,
we've
sort
of
landed
on
and
for
the
subsequent
community
meetings.
We
can
talk
about
these
in
greater
detail
and
demo
each
of
these
along
the
way.
A
So
I
have
a
couple
that
I've
opened
up
here,
so
the
first
one
is
harvard
exposed
matrix,
so
we'll
most
likely
leverage
prometheus
for
this
because
of
its
popularity
and
sustainability.
You
know
the
the
capabilities
and
the
sort
of
support
that
kubernetes
has
for
this
already
yeah.
A
You
can
tell
by
some
of
these
comments,
which
some
of
which
can
be
quite
forceful,
but
it's
almost
a
no-brainer,
but
this
was
unfortunately
never
super
urgent
for
us
in
you
know,
in
the
larger
scheme
of
things
of
everything
else
that
we've
delivered
over
the
last
couple
releases,
you
know,
but
I'm
glad
that
we're
finally
getting
to
this,
so
I
think.
A
Be
really
useful
to
monitor
metrics
on
the
registry
actions
themselves,
as
well
as
on
the
kubernetes
itself,
the
kubernetes
cluster,
so
you
can
detect
abnormalities
like
denied
login
attempts.
You
can
look
at
denied
ips
data
transfers
and
then
you
know
your
registry
operations
like
stats
about
replication
images,
served
like
the
most
most
polled
images.
The
biggest
images
top
repos
being
requested
things
things
of
that
nature.
D
A
A
Okay,
yeah-
and
I
think
you
know
the
goal
for
us
here-
would
be
for
harvard
to
export
these
metrics
somewhere
and
then
let
users
use
their
prometheus
system
to
scrape
off
whatever
data
they
want
or
it's
a
pull
based
system.
A
A
So
I
think
this
is
a
really
really
important
feature
and
it's
about
time
that
we
tackle
this
all
right.
Moving
on
so
the
next
one
is
the
proxy
cache
expanded
support
for
additional
registries,
and
this
is
just
alluding
to
the
fact
that
in
the
2.1
release
we
only
support
harper
acting
as
a
proxy
cache
for
docker
hub
and
harbor,
and
we
want
to
add
additional
registries
additional
third
party
registries
that
harvard
can
add
as
a
full
cache
for,
but
we
sort
of
have
to
validate
this
on
the
case
by
case,
but
yeah.
A
So
the
next
one
is
add:
oidc
admin
group
to
oidc
authentication
like
ldap,
has
so
basically
in
ldap.
Currently,
you
can
configure
a
special
group
as
your
oidc
admin
group
and
once
you've
once
you've
configured
that
group
on
your
ldap
side,
all
all
the
users
as
part
of
that
group
when
they
flow
through
to
the
harbor
side,
they'll
automatically
be
made
system
admins
and
so
we're
looking
for
that
same
feature.
A
Looking
for
that
feature,
parity
when
configuring
against
oidc,
so
an
oidc
configuration
configuration
screen,
you
can
specify
a
particular
name,
a
particular
group
name
as
your
admin
group,
and
once
you
configure
that
on
the
oidc
idp
side,
then
those
users
will
be
made
system,
admin
yeah,
it's
just
something.
That's
come
up
constantly,
there's
only
one
ticket
here,
but
I've
sort
of
closed
the
other
tickets
and
and
pushed
the
other
users
to.
C
A
Okay,
the
next
one
is
robot
accounts
should
have
should
be
shared
across
multiple
projects,
so
this
is
a
pretty
common,
heavily
requested
feature
as
well,
so
scoping
robots
out
of
projects
instance
and
creating
them
at
the
system
level.
A
A
Also,
if
you
remember
from
the
previous
community
meetings,
we
had
talked
about
some
additional
improvements
needed
for
robot
accounts
in
order
to
support
a
specific
set
of
commercial
third-party
image
scanners
that
are
leveraging
robot
accounts
in
the
background
to
pull
the
images
across.
So
this
will
help
us
achieve
that.
A
B
A
There's
another
ticket
that
specifically
addresses
the
requirements
for
csb
scanners.
I
just
didn't
open
up
here.
C
A
Didn't
tag
it
2.2
yet,
but
this
is
just
one
of
the
things
that
will
help
us
get
to
that
goal,
but
we
still
we
thought
about
you.
C
A
Are
typically
used
for
service
account
type
of
scenarios
anyway,
so
the
the
work
that
we're
doing
that
will
eventually
do
for
workspaces
are
not
in
scope
for
2.2,
because
we
haven't
really
thought
clearly
about.
You
know
what
it
could
be.
It's
sort
of
it's
a
big,
it's
a
big
re-implantation
of
the
current,
our
back,
so
I
would
say
this
is
probably
I
wouldn't
say
it's
a
temporary
solution.
A
You
know
we'll
think
about
architecting
in
such
a
way
that
you
can
you
can
you
know
that
it'll
just
work
with
the
the
upcoming
workspaces
but
yeah
we're
just
thinking
about
this
in
terms
of
what
makes
sense
for
what
kind
of
improvements
should
go
into
the
current
robot
accounts,
and
you
know
how
to
solve
the
problem
with
csp
scanners.
A
Problem:
okay,
moving
on
the
robot
account
should
have
dollar
sign,
or
a
new
special
character
should
not
have
dollars
on
any
special
character
yeah.
So
this
is
again.
A
This
is
something
that
comes
up
constantly
it's
the
way
we
create
a
robot
account
name
right
now,
when
you
create
a
web
account
that
has
this
appended
in
front
of
the
account
name,
it
caused
a
lot
of
problems
with
with
bash
with
people
needing
to
escape
the
special
character
we
designed
in
this
way,
because
we
needed
a
way
to
distinguish
a
a
real
user
from
a
robot
account,
and
you
know
we
disallow
that
character
when
creating
username.
A
Doing
it
in
a
better
way
to
be
able
to
delineate
between
real
account
and
actual
users,
but
not
having
to
you
know,
have
to
escape
this
character
every
time.
A
A
All
right
next,
one
robot
accounts
should
access
to
should
be
allowed
to
access
the
full
hardware
api.
I
don't
know
about
full
access.
A
I
think
this
is
when
it's
configured
with
oitc,
which
is
not
possible
right
now,
but
we
do
plan
on
giving
some
access
to
robot
accounts.
Again,
you
know,
robot
accounts
are
very
popular,
they're
being
utilized
pretty
heavily,
and
so
there
are
a
lot
of
imprint.
A
lot
of
improvements
that
we're
going
to
make
to
robot
accounts.
A
D
D
Yeah,
so
we
had
in
our
setup
hardware
2.2.1
running
with
availability
setup,
so
yeah
so
with
the
robot
account,
as
you
told
with
robot
account,
it's
not
possible
to
delete
repository
image
stack
via
cli
with
the
hardware
api,
but
with
the
normal
user
account
as
we
were
trying
we
have
ydc
configured
with
our
infrastructure,
so
with
the
odc
we
were
getting.
We
are
facing
some
issue,
so
I
just
pasted
in
the
chat
box.
So
we
are
not
able
to.
We
are
able
to
get
get
request,
but
all
post
and
delete
requests
are
failing.
C
D
C
Yeah
yeah
yeah
for
for
better
tracking.
It
would
be
better
if
you
can
red,
have
an
issue
and
in
actual
fact
you
can
use
the
id
token
of
that
user
to
call
hardware's
api.
C
But
the
way
you
get
this
id
token
is
different.
Depending
on
what
ib.
A
A
Token
from
your
odyssey
provider,
I
think
a
lot
of
the
issues
in
slack
and
on
github.
It
shows
people
using
you
know
the
the
whatever
is
being
generated
from
harper.
That's
you
have
to
get
it
from
like
if
you're
using
you
know
the
extra
key
cloak,
there's
a
specific
process
to
retrieve
that
id
token.
C
A
A
Pro
we
have
a
guide
on
how
to
do
this
in
the
harbor
fact
faq.
I
can
try
to
find
it
for
you.
It
goes
over
how
to
access
apis.
A
And
using
yeah
when
using
idc.
A
Suggest
you
create
an
issue
on
harper,
it's
it's
the
best
way
to
track.
C
A
D
One
more
doubt:
actually
it's
so,
like
suppose.
D
If
I
have
one
reduce
repository
and
if
I
push
the
reduce
repository
into
the
hardware,
it
just
the
first
time
the
tag,
the
tag
name
is
also
visible,
but
if
I
again
push
different
radius
repository
multiple
times,
suppose
if
I
push
the
same
same,
reduce
repository
four
to
five
times,
all
the
previous
stacks
won't
be
having
any
tag
name
only
the
one
which
is
pushed
at
the
latest,
only
that
is
having
the
tag
name
and
the
other
four
previous
one
are
not
showing
the
tag
name
this
which
this
is
which
we
are
experiencing
so
has
anybody
else
reported
regarding
this.
C
D
A
Sure,
if
you
know,
if
you
still
have
questions,
please
create
an
issue
on
github
and
we'll
definitely
get
to
it.
A
Okay
yeah,
so
this
is
all
I
have
based
just
a
rundown
of
you
know
things
we'll
probably
deliver
in
2.2.
I
don't
have
a
specific
timeline
in
mind,
yet
we
may
try
to
have
a
tech
preview
ready
by
the
us
kubicon
like
we
did
for
for
the
eu
group
con
this
time
or
we
might
release
a
little
bit
later
on,
depending
on.
A
So
if
you
have
any,
you
know
things
that
you
want
to
get
done
or
if
you
have
any
questions
or
if
you
want
to
contribute
in
any
way.
Please
check
out
this
2.2
product
suggestions
only
go
through
these
and
add
your
comment.
So
all
right,
that's
all
I
had
for
today's
agenda.
Does
anyone
else
have
anything
else
to
share
any
questions?
What's
your
experience
with
harvard
you
know
with
the
latest
2.0
or
2.1,
or
2.0,
0.1
or
2.0.2,
the
2.1
is
coming
out
this
friday,
I
believe,
hey
daniel.
A
Are
we
gonna
release
the
2.1
next
monday
because
of
the
the
vulnerability
or
are
we
gonna
stick
to
this
friday.
C
That
depends
we'll
see
and
yeah
I
mean
when
it's
ready,
we'll
have
the
release
and
you
know,
get
anything
get.
Okay,
everything
uploaded.
A
Okay,
yeah,
I
think
you
know
if
it's
a
if
it's
a
delay
by
you
know
a
day
or
two,
it's
worth
it
to
just
get
it
in.
A
Okay,
any
other
questions:
if
not,
we
can
give
six
minutes
back
to
everyone.