►
From YouTube: StackRox Community Meeting #12 - 2023-03-14
Description
The StackRox community meetings are held on the second Tuesday of every month. We use this time to get together and discuss gaps in the product and how best to move forward. Contributors are rewarded with StackRox gear as the RoxStar of the month.
- If you want to learn more about the project, head to StackRox.io
- The project's code repository can be found at https://github.com/stackrox/stackrox
A
A
Michael
Foster
joined
by
my
other
co-chair
Matthias
medinger
and
today
we're
going
to
talk,
bug
fixes
a
little
bit
of
the
4.0
release
just
planning
for
next
month,
and
then
we
want
to
address
a
bunch
of
questions
in
slack
because
we
can't
get
to
them
all
so
again,
if
you're
ever
in
the
channel
or
in
slack
you
can
post
them
there
we
get
to
them
when
we
can
busy
people,
though,
but
again
you
can
always
come
to
the
meetings
if
you're
looking
for
a
one-on-one
information
with
that
being
said,
if
you
want
to
take
it
away
on
some
of
the
updates
fixes,
pre
4.0
ship.
B
Yeah,
so
actually
it's
exciting
times,
because
right
now
we
are
preparing
for
the
big
release,
which
is
4.0,
but
also
we've
been
in
the
process
of
actually
shipping
three
patches.
So,
first
of
all,
if
you
experience
a
problem
that
you
are
missing,
runtime
events
or
the
network
craft
doesn't
look
like
it
should.
Please
have
a
look
at
your
version
because
likely
you
might
need
to
update
to
the
latest
patch
version,
because
that
is
the
main
reason
why
we
needed
to
patch
so
quick
status
on
that
372.
B
B
With
that
said,
let's
talk
maybe
about
things
that
are
a
little
bit
more
exciting,
which
is
the
4.0
release.
So
we
actually
decided
to
bump
the
major
version,
because
for
that
zero
for
the
people
that
haven't
heard
about
it
is
actually
a
major
change.
B
So
if
you
folks
have,
if
you
folks,
have
any
questions
about
the
about
anything
regarding
storage,
the
upgrade
path,
obviously
we're
going
to
give
you
examples
and
documentation
how
that
works,
but
also,
if
you
have
any
questions
or
any
scenarios
that
you
would
like
to
address,
feel
free
to
either
open
an
issue
on
GitHub
or,
let
us
know
in
the
slack,
because
that
will
be
most
likely
a
big
part
of
our
next
meeting.
B
A
B
So
if
you
have
anything,
please
feel
free
to.
Let
us
know
the
4.0
release
for
everyone
in
interested
is
scheduled
for
late
April,
so
we
will
most
likely
have
a
concrete
date
in
the
next
community
meeting,
but
for
now
rough
pointer
for
you,
bigger
changes
coming
late
April
this
year
and
with
that
I'll
hand
it
off
to
Foster
with
more
questions
that
we
had
in
the
meantime
right
yeah.
A
It's
spot
on
yeah,
so,
like
I
said,
the
slack
channel
is
always
Busy.
Has
a
lot
of
questions
can't
get
to
them
all
and
I
thought
it'd
just
be
nice
to
try
to
Corral
the
monthly
ones
in
here
in
case
they
weren't
addressed
or
weren't
addressed
succinctly
again,
like
Matthias,
said
any
4.0
questions
Post
in
the
slack
I
know
the
PMS
really
want
to
see
feedback
about
their
use
cases
because
there
are,
let's
say
smaller
use
cases.
They
don't
necessarily
hit
their
ears.
Sometimes
it's
always
customer
or,
let's
say
a
little
biased.
A
So
it's
nice
to
hear
some
of
the
open
source.
Examples
really
appreciate
it
and
I'll
do
a
little
CTA
as
well
in
the
slack
channel.
For
you,
some
questions
that
came
in
so
with
a
4.0
and
4.74
release.
4.74
has
some
of
those
features
that
are
going
to
ship
with
4.0,
like
the
new
network
graph.
The
collections
feature
for
policy
management
that
you
need
postgres
to
be
able
to
use
things
so
David
asks.
A
B
We
planned
and
built
this
feature
in
a
way
that
you
will
be
able
to
use
an
external
database
for
it,
or
at
least,
if
all
goes
well.
That's
actually
not
on
my
team,
so
I'm
not
entirely
aware,
but
the
thing
is
I
think
the
helm
charts
currently
don't
support
providing
an
external
database,
but
that
should
we
will
we,
as
as
far
as
I'm
aware,
we
plan
to
make
it
customizable
that
so
that
you
can
bring
your
own
database,
but
that
might
take
a
little
bit
longer
until
we
get
to
that.
A
I
I
also
marked
it
for
myself.
The
follow-up
brand
has
a
question:
has
anyone
sell
the
helm
charts
using
a
declarative
approach,
restoring
helmets
in
a
git
repo
using
a
tool,
Argo
CD,
to
load
them
into
a
cluster
kind
of
curious?
If
everybody
has
any
examples
of
this,
I
was
toying
with
maybe
creating
a
community
repo
where
people
could
upload
examples,
so
I
might
Post
in
the
chat
see
how
much
interest
there
is,
because,
obviously
somebody
has
to
manage
that
in
the
access
alone
and
it's
a
whole
work
thing.
A
But
I
do
know
that
there
are
examples
where
people
take
the
helm,
values
file
specifically
and
they
have
multiple
different
values
files,
but
the
underlying
Helm
chart
Remains
the
Same
and
you
just
basically
apply
and
that's
how
you
can
manage
updates
as
as
code
I've
seen
that
happen,
I
know,
there's
some
moving
parts
to
that.
You
really
kind
of
have
to
know
the
applications
you're
working
with
to
do
that
effectively.
A
I,
don't
know
of
any
concrete
examples
in
there.
So
if
anybody
in
the
sectional
has
done
it
I
know,
Brandon
would
definitely
like
to
see
it
and
I
will
follow
up
to
see
if
doing
examples
like
that
is
worthwhile
like
having
a
repo
of
of
customer
and
say
user
examples
would
be
interesting.
It's
it's
just
nice
to
get
all
that
in
one
place,
so
minda
says
I
want
to
add
synthetic
checks
to
monetary
Stack.
Rock
instance:
I've
only
seen
admin
user
having
username
password
authentication
Matisse,
said
anytime
you're
doing
checks
like
this.
A
B
So
generally,
if
you
want
to
automate
things
around
Stack
rocks
or
ACS,
usually
I
would
recommend
if
you
can
use
the
API
and
the
API
is
token
based.
So
there
is
no
username
password
things
that
you
need
to
take
care
of,
but
instead
you
can
just
create
tokens.
These
are
rather
finely
grained.
So
you
you
don't
need
to
use
an
admin
token,
for
that
we
also
have
callbacks,
so
stack
rocks
can
also
be
configured
to
make
use
of
callbacks.
B
So
for
specific
violations
or
alerts.
You
can
also
have
an
external
URL
called,
for
example,
so
this
is
also
an
integration
that
could
be
used
for
this
purpose.
Obviously,
that
we
have
very
much
depends
on
the
purpose,
at
least
for
for
tremenda
I'm,
not
aware
of
the
or
I'm
I'm,
not
familiar
with
the
tool
that
they're
trying
to
use.
So
obviously,
I
cannot
really
talk
a
lot
about
that,
but
in
general
API
token,
based
General
recommendation
and
also
maybe
the
callbacks
are
something
that
is
of
use
to
people.
A
Yeah
interesting
synthetic
checks
with
stack
rocks
is
kind
of
a
cool
use
case,
so
saminda
if
you've
get
that
all
set
up.
I'm
kind
of
curious
to
hear
more
following
up
so
Jesse
has
some
dockershim
updates,
eks
1.24,
no
longer
Sports,
Docker
shim,
so
applications
cannot
Mount
Docker
dot,
sock,
Now,
The
Collector
does
Mount
that
in
ACS,
so
we're
reviewing
options
moving
forward,
I
think
a
lot
of
it
had
to
do
with
some
compliance
checks.
Some
old
Docker,
CIS,
Benchmark
checking
as
well.
A
Probably
so
we're
reviewing
that
we'll
have
an
update
for
you
next
month,
hopefully,
and
then
the
last
thing
Colton
said
a
pod
prior
update,
so
being
able
to
set
the
Pod
priority
in
the
helm.
Chart
is
something
that
that
Colton's
looking
for
so
that
stack,
rocks
collector
sensor
doesn't
get
evicted
in
the
case
of
a
high
memory
usage.
A
Let's
talk
about
Matthias
earlier.
One
of
the
issues
is
that
if
you
set
it
on
the
stack
rocks
level,
it
gets
set
cluster
wide.
So
there's
a
whole.
A
Let's
say
thought
behind:
do
you
leave
it
as
default?
Complete
zero
and
then
let
somebody
fill
it
in.
Do
you
recommend
that
it's
10
000,
but
then
people
have
to
know
the
effect
in
their
cluster?
It's
something
that
we
need
a
little
bit
more.
We
need
to
collect
a
little
bit
more
information
on.
So
if
anybody
wants
to
weigh
in
on
the
Pod
prior
update,
I
put
the
link
to
the
GitHub
issue,
there
would
love
to
hear
your
thoughts
and
yeah
thanks
again
for
Colton
for
bringing
that
up.
That
is.
A
We
definitely
do
not
want
the
central
getting
evicted
for,
let's
say
less
favorable
workloads,
yeah
and
again,
we
have
to
think
about.
If
we
change
the
helm
chart,
there's
the
operator
there's
the
static
ammos
and
how
does
that
affect
all
of
the
the
manifests
Downstream
so,
but
definitely
a
feature
that
we
want
to
look
into
I.
Think
that
wraps
up
all
the
slack
issues
again,
if
anybody's
watching
throws
questions
in
the
slack,
we'll
always
review
them
every
month,
Matisse
did
I
miss
anything
there.
B
B
How
we
could
do
this
in
Helm
charts,
but
I
guess
before
we
before
I
am
happy
to
merge
that
that
would
need
a
rather
big
round
of
testing,
because
we
are
running
more
I
mean
openshift
first
of
course,
but
we
are
running
kubernetes
agnostics.
B
So
we
would
need
to
make
sure
that
this
works
as
intended
on
all
platforms
and
also
I
need
to
check,
with
our
pams
a
little
bit
to
actually
see
whether
this,
whether
this
use
case
works
out
for
us
and-
and
this
is
the-
if
that's
the
way-
how
we
want
to
do
things,
because
our
operator
is
also
based
on
these
very
Helm
charts.
So
every
change
we
do
also
propagates
to
the
helm
to
the
helmets
operator,
which
means
we
need
to
take
a
little
bit
of
care
when
we
update
hand,
charts.
A
For
sure
I
see
we
have
Oscar
and
Neil
in
the
chats
anything
you
want
to
add
anything.
You're
looking
forward
to
4.0
I'll,
take
silence
as
you're
just
patiently
awaiting
the
release,
but
it's
nice
to
see
you
all
the
meeting
yeah
other
than
that
I
think
that's
all
we
have
for
today.
We'll
see
you
guys
in
the
slack
channel.
The
next
meeting
is
April
11th,
so
April
11th,
12
p.m,
Eastern
6
p.m,
Central
savings
times
yeah
we
I
just
went
through
daylight
savings
times.
A
I
woke
up
extremely
groggy
on
Sunday,
like
what's
going
on
completely
forgot,
so
you
know
30
years
in
life
still
forget,
but
awesome
yeah
thanks
everyone
for
joining
Matthias.
Any
final
thoughts
before
we
head
out.
B
I,
don't
think
so
it's
except
as
usual
folks
we're
in
slack
we're
there
we're
in
on
GitHub,
so
feel
free
to
open
a
GitHub
issue
or
ping
us
on
slack.
So
basically,
Foster
and
I
hang
out
there
always
there
to
help
and
I
guess
with
that
I!
That's
it
for
me.
Sign.