►
From YouTube: Pinniped Community Meeting - February 3, 2022
Description
Pinniped Community Meeting - February 3, 2022
Our first meeting of 2022! We meet every 1st and 3rd Thursday of the month at 9am Pacific Time. We'd love for you to join us live!
This week we discuss the community feedback survey (please fill out!), open staff engineering role, the latest release of Pinniped (v0.13.0) and the project roadmap. Full details here: https://hackmd.io/rd_kVJhjQfOvfAWzK8A3tQ
A
Hi,
everyone
welcome
to
the
first
pinniped
community
meeting
of
2022..
Today's
date
is
february
3rd
and
we
are
excited
to
come
back
with
our
community
meetings.
If
you're
watching
this
from
home-
and
you
would
like
to
join
us
live,
we
do
meet
every
first
and
third
thursday
of
the
month
at
9
a.m.
Pacific
time
you
can
join
our
google
group
to
get
updates
on
the
project
and
invites
to
the
community
meetings,
and
if
you
have
anything
you
want
to
discuss
with
the
team
during
these
meetings.
A
Please
add
that
down
in
the
agenda
within
the
discussion
topic
section
if
you're
unable
to
attend-
and
you
still
want
to
reach
out
to
us
for
any
reason
at
all-
you
can
find
us
on
the
kubernetes
slack
workspace
within
the
piniped
channel
or
you
can
find
us
on
twitter
within
project
picniped
at
any
point
in
which
you're
interacting
with
us
with
the
community.
In
these
meetings,
we
ask
that
you
do
please
read
and
abide
by
our
code
of
conduct.
A
Now,
if
you
are
using
pinniped,
we
want
to
know
more
about
how
you're
using
it-
and
we
want
to
add
you
to
our
adopters
page.
So
please
add
a
comment
to
are
you
using
pinniped
in
this
github
discussion,
link
right
here
and
just
give
us
a
little
bit
more
details
about
how
you're
using
pen
a
pad?
Add
your
logo?
If
you
wish
be
added
to
the
adopters
page,
and
that
way
we
can
understand
more
about
how
folks
are
using
it
and
share
it
with
the
community
for
those
that
are
attending.
A
A
A
All
right
next
up,
we
have
the
release
of
0.13.
This
was
a
long
time
in
the
making
congrats
to
the
team
on
pulling
this
through.
We
have
a
blog
post
by
anjali
the
product
manager
for
pinniped,
covering
all
the
details
regarding
this
particular
release.
So
please
go
read
that
and
get
more
information
there,
and
we
also
have
a
little
demo
by
one
of
the
the
maintainers
depending
head
margo.
B
B
B
B
Yeah
so
upstream
refresh
so
previously,
the
pinniped
supervisor
would
log
you
in
at
the
beginning
of
the
day
and
then
throughout
the
day
it
would
log
you
in
with
your
upstream
identity
provider.
You
know
your
oidc
or
active
directory
or
ldap
identity
provider
at
the
beginning
of
the
day,
and
it
wouldn't
check
back
so
you
know
if
someone
moved
teams
or
quit
or
anything
else
in
the
middle
of
the
day,
they
would
still
have
the
rest
of
that
today's
session.
B
C
Okay,
okay,
I
was
trying
because
it's
been
a
while,
so
I
was
trying
to
remember
what
have
we
already
talked
about
so
yeah,
so
it's
okay,
so
yeah.
So
this
is
the
first
time
we're
talking
about
the
013
release,
basically
so
everything
in
there
yeah.
So
previously,
if
you
were
running
security
scans
against,
like
the
pinpoint
supervisor,
which
is
supposed
to
be
component
exposed-
broadly,
you
know,
maybe
even
on
the
public
internet
you
would
they
could
fail
because
it
would
be
like.
Oh
you
support
triple
des,
which
is
like
terrible.
C
Don't
do
that
and
you
know
I've
even
spoken
to
the
ghost
security
team
on
this,
and
you
know
their
viewpoint
is
that
the
only
time
that
it
would
ever
be
used
is
if
the
client
could
not
do
anything
better
and
I
was
like
yeah.
I
understand
that
and
if
a
client
can't
do
anything
better,
I
just
don't
want
to
talk
to
that
client.
It's
the
way.
I
want
the
system
to
behave
by
default.
That's
not
how
google
is
by
default.
C
C
C
We
we
do
relax.
This
configuration,
I'm
integrating
with
ldap
providers,
because
we
test
against
active
directory
2012
because
that's
still
supported
by
microsoft
and
they
don't
support
nearly
as
good
of
a
set
of
ciphers.
They
support
a
slightly
less
good
set
of
ciphers,
so
we
automatically
kind
of
just
downgrade
that
connection,
because
we
just
expect
I'll
have
to
build
it
so
yeah.
So
no,
if
you
run
pinpat
against
a
a
scan
today,
it's
gonna
pass
with
flying
colors.
C
C
C
It
is
technically
not
backwards
compatible
in
the
strictest
sense,
in
the
sense
that
previously,
you
just
blindly
updated
and
basically
any
finite
release
after
the
yeah
5
and
up
nothing
really
bad
was
going
to
happen
in
this
one.
You
could
get
into
a
situation
where
users
are
going
to
have
a
bad
experience.
C
So
it's
just
something
to
be
aware
of
carefully
the
the
I.
The
ideal
approach
to
the
upgrade
path
would
be
to
first
upgrade
your
configuration
and
then
do
the
update
and
that's
that's
the
desired
approach
and
that's
totally
practical
and
possible.
You
can
enhance
all
the
configuration
into
the
perfect
state
and
then
exactly
yeah
at
least
notes.
Talk
about
this
in
some
pretty
specific
and
painful
detail,
along
with
updated
documentation
on
every
single
provider.
C
I
think,
just
at
a
high
level,
you
know
we
really
did
focus
on
the
security
bits.
You
know
the
the
customer
outcome.
There
is,
if
you,
if
you
lose
access
in
your
identity
provider,
benefit
notices
that
you
don't
get
to
continue
to
having
access
to
your
head
for
up
to
nine
hours
after
that
accident
reacts
quickly.
C
This
is
one
of
the
key
steps
in
in
in
the
future.
We
want
to
allow
you
to
configure
how
long
your
finite
pet
sessions
ask
for
so
we
need
a
little
bit
of
stuff
there,
in
particular
around
rotation
of
our
signing,
keys
and
stuff,
and
once
we
get
to
all
that
working,
I
think
we'll
be
in
a
good
place
to
allow
users
to
safely
configure
that
value,
because
we've
done
all
the
work
right,
it's
much
easier
to
say
that
you
can
have
a
one
week
session.
A
C
A
B
But
yeah,
so
the
sort
of
what
I
demoed
was
oidc
upstream
group
information
refresh
it's
a
technically
a
bit
of
a
harder
problem
in
ldap
and
because
of
that,
we
we
delayed
that
until
after
this
release
to
get
out
the
door.
But
first
thing
on
this
roadmap
is
allowing
that
same
behavior
of
checking
back
in
with
the
upstream
identity
provider
and
seeing
which
new
groups
are
added
or
removed
throughout
the
day
for
ldap
and
active
directory,
and
then
yeah
we've
got
some.
Some
documentation
changes
some
of
the
stuff
that.
B
B
B
C
It
has
a
very
different
security
model
and,
just
in
general,
isn't
as
isn't
in
your
control
as
much
as
a
full.
You
know
it
all
seems
technically
possible.
It's
gonna
be
a
large
set
of
work.
I'm
excited
for
this
set
of
work
because
I
I
think
dashboards
and
things
of
that
nature
is
actually
how
a
lot
of
people
want
to
interface
with
kubernetes,
especially
when
they're
just
getting
started.
C
C
A
A
Team
can
come
into
some
blockers
moving
things
around,
but
this
kind
of
gives
you
an
idea
of
what
the
team
is
actively
pursuing
for
new
features
of
pinniped,
and
if
you
have
any
feedback
whatsoever
on
the
project
roadmap,
please
feel
free
to
reach
out
to
us
on
slack
and
if
you
want
to
help
us
out
with
any
of
this,
we
would
love
to
add
on
some
more
contributors
from
outside
of
the
maintainers
to
assist
in
all
these.
So
with
that
looks
like
we
don't
have
anything
put
into
the
discussion
topic
section.
A
Yes,
so
with
that,
thanks
for
watching
from
home,
we
hope
that
you
come
and
join
us
for
the
next
commun
pinniped
community
meeting,
which
is
going
to
be
the
third
thursday
of
february
and
again
we
meet
at
9am
pacific
time,
but
in
the
meantime,
we
hope
that
you
check
out
that
feedback
survey
fill
it
out.
Let
us
know
what
you
think
about
the
tool,
what
you
think
about
these
community
meetings.
A
What
is
it
that
you
would
like
to
see
in
the
future?
We
we
built
this
for
the
community
and
we
want
to
make
sure
that
we're
we're
doing
our
part
to
make
it
the
most
beneficial
tool
out
there
for
you
all
and
as
well
as
that,
these
community
meetings
are
adding
value
to
your
life.
So
with
that,
thank
you
and
we
hope
to
see
you
next
time.