►
From YouTube: Pinniped Community Meeting - October 21, 2021
Description
Pinniped Community Meeting - October 21, 2021
We meet every 1st and 3rd Thursday of the month at 9:00am PT. We'd love for you to join us live!
This week we discussed some updates to the project roadmap, Helm chart discussion update, and AD upstream refresh Slack discussion. Full details found here: https://hackmd.io/rd_kVJhjQfOvfAWzK8A3tQ?view#October-21-2021-Agenda
A
Hi
everyone
welcome
to
this
week's
edition
of
the
pinniped
community
meeting.
Today's
date
is
october.
21St
2021,
if
you're
watching
this
recording
from
home,
just
a
reminder
that
we
do
meet
every
first
and
third
thursday
of
the
month
at
9
a.m.
Pacific
time
it's
an
opportunity
for
you
to
come
and
meet
the
maintainers,
listen
to
what
they're
working
on
provide
feedback
and
also
bring
up
any
questions
that
you
might
have
on
using
the
tools.
The
actual
tool,
if
you
do
have
something
you
wish
to
discuss
with
the
team.
A
A
A
A
And
on
to
announcements,
pretty
light
on
announcements
this
week,
just
a
reminder:
pinup
is
participating,
participating
in
hacktoberfest
and
what
hacktoberfest
is
is
a
month-long
celebration,
helping
others
who
might
not
be
familiar
with
open
source
or
familiar
with
doing
any
pull
requests
within
github,
getting
them
more
comfortable
with
contributing
and
getting
started
with
an
open
source,
and
the
way
that
piniped
is
helping
out
is
that
we
have
our
repo
labeled
as
hacktoberfest,
showing
that
we
are
participating,
and
we
have
an
issue
here
that
has
been
labeled
with
oktoberfest
and
you
will,
if
you're
wanting
to
participate,
you
can
go
in
here
and
look
to
see
how
you
can
work
on
it
and
add
your
own
pull
request
to
to
this
particular
issue,
and
once
you
get
four
pull
requests
submitted
throughout
the
month
of
october,
you
will
be
given
a
limited
edition,
t-shirt
and
some
stickers
via
digitalocean.
A
B
Yeah,
so
I
think
I
worked
on
a
little
earlier,
but
ryan's
mostly
been
working
on
the
uidc
part
of
things.
I
think
the
initial
story
of
just
when
you
refresh
making
sure
that
the
refresh
token
that
you
got
from
the
upstream
odc
provider
is
valid
is
done
and
now
I
believe,
ryan's
working
on
garbage
collection
and
making
sure
that
everything's
provoked
properly.
B
A
No
worries,
thank
you.
Margo.
C
I
was
just
going
to
make
a
comment,
so
I
did
review
the
initial
work
that
ryan
and
margo
have
done,
looks
solid.
I
just
I
think
I
have.
C
I
just
need
to
go
back
and
look
at
after
I'd
gone
offline
last
night
ryan
had
addressed
some
of
my
comments,
so
I
think
we're
at
a
state
where,
like
the
very
first
part
of
the
work,
was
basically
ready
to
be
immersed
in
and
then
what
that
will
enable
is
that
ryan
and
margot,
or
it
opens
up
more
than
one
parallel
track
of
work.
C
D
C
Can
can
work
on
that
going
forward?
I.
B
Yeah,
I've
sort
of
started
working
locally
on
parallelizing,
some
of
the
work
to
get
ldap
and
active
directory
upstream,
refresh
checks,
but
once
we
have
it
on.
C
Yeah
and
we
wanted
to
kind
of
get
into
the
state,
because
various
folks
on
the
team
will
be
on
pgo
are
coming
up,
so
we
to
we
want
to
get
into
the
state,
get
something
merged
in
that
it's
still
releasable
we're
not
merging
anything
into
maine
that
we
could
not
like
make
a
release
out
of
this.
Just
it's
a
it's
an
intermediate
state,
that's
still
better
than
this
there
today.
C
C
Yeah,
so
to
give
anyone
watson
recording
context,
I
I
just
happen
to
think
of
one
concern
with
the
active
directory
work.
That's
coming
up
is
our
our
ci
system
for
active
directory.
Is
one
durable
singleton?
C
So
it's
you
know
one
instance
of
a.d,
that's
in
aws,
I
think
somewhere,
and
you
know
it
has
a
very
particular
config
and
it's
very
much
a
pet
and
not
not
a
cattle
and
the
the
it's
okay
today,
because
all
of
our
tests
against
are
completely
redone.
C
So
it's
fine.
You
know
it
exists
in
a
pristine
state
and
we
can
sort
of
test
against
that
pristine
state
and
hit
all
of
the
functionality
with
the
ad
upstream
refresh
one
of
the
core
things
you
want
to
check.
Is
you
know
if
you're
using
pinpad,
but
during
the
act
of
using
it
once
you
already
have
logged
in
once?
C
If
your
user
was
in
some
way
disabled,
deleted
or
otherwise
put
into
a
state
that
we
don't
consider
to
be
valid,
we
want
to
observe
that
occurring
and
stop
letting
you
benefit
right,
that
in
to
do
that
in
a
real
integration.
Test
inherently
involves
causing
a
mutation
to
actually
direct
you,
okay,
which
then
puts
us
into
a
strange
place,
because
our
ad
system,
which
so
far
has
been
completely
read
only
from
the
perspective
of
our
tests,
now
has
to
have
some
kind
of
right
semantics.
Going
on.
B
Yeah
there's
some
we,
it
wouldn't
be
quite
as
good,
but
we
could
also
consider
doing
a
similar
trick
to
what
ryan
did
with
his
integration
tests,
where
he
modified
the
storage.
B
So
we,
you
know,
store
the
upstream
refresh
token,
so
we
can
so
we
can
use
it
later
and
he
modified
the
storage
to
make
it
garbage
and
then
performed
a
refresh
and
showed
that
the
garbage
didn't
work.
We
could
try
to.
B
C
C
C
C
The
the
sort
of
discussion
I'm
thinking
about
is
do
we
do
we
need
to
invest
a
little
bit
more
in
our
80
infrared
and
make
it
a
little
bit
more
flexible.
So
that
way
as
we
move
forward,
we
don't
like.
I
think
the
thing
that
ryan
did
for
the
upstream
refresh
is
actually
like
effectively
correct,
because
all
it
is
is
like.
We
have
some
arbitrary
string
that
we've
stored
and
if
we
just
happen
to
make
it
slightly
different,
so
the
upstream
won't
be
happy
with
it
anymore.
C
For
any,
you
know
it
sort
of
emulates
that
really
well,
the
the
stuff
with
ad
is
gonna,
be
much
more
particular
right,
like
you're
gonna
you're
supposed
to
be
fetching
a
user
looking
at
a
particular
field,
doing
bit
masks
against
it
make
sure
you
trick
us
through
looking
at
the
wrong
music.
Maybe
it's
fine.
B
Yeah
and
it
still
doesn't
get
at
testing
password
last
password
change
time.
B
There's
not
really
any
way
to
do
that
if
you're
not
entirely
taking
out
dates
everywhere
like
if
we
want
to
make
sure
that
if,
if
you
log
in
to
pin
a
pad
and
then
your
password
changes,
and
then
we
refresh,
we
should
see
that
your
password
has
changed
since
you've
logged
in
and
you
should
no
longer
be
logged
in,
and
so
that's
kind
of
hard
to
fake
out
so
yeah.
It
might
be
worth
trying
to
look
at
like
scott's
scripps.
C
Yeah
all
right,
yeah
yeah,
I'm
sure
if
we
I'm
sure,
if
we
forced
ourselves,
we
could
maybe
come
up
with
the
fake
that
one
it's
more
of
like.
Would
it
make
more
sense
to
just
bite
the
bullet
and
come
up
with
a
more
robust
way
to
set
up
our
80
stuff?
What
whether
I
I
did
really
like
scott's
suggestion,
which
was
basically
make
your
active
directory
multi-tenant
like
have
basically
different
ous
or
whatever
for
different
tests
or
whatever,
and
you
know,
put
everything
inside
that
bucket.
I
really
like
that
suggestion.
C
The
hope
here
is
that
you
know
if
you're
using
us
with
id
that
we
behave
like
you
would
expect
us
to
be
hated
within,
but
the
the
whole
like
oidc
stuff
is
just
an
implementation,
which
I
write
to
an
end
user
that
is
based
on
the
system
in
the
apron.
A
Yeah,
I'm
just
making
sure
there
wasn't
any
further
comments
on
that.
So
I
was
curious
as
if
there
was
any
updates
regarding
that
helm.
Chart
discussion
that
we
had
in
the
last
meeting
last
community
meeting.
If
we
heard
anything
from
scott
regarding
his
reaching
out
to
bitnami
or
if
there
was
any
discussion
you
wanted
to
share
with
the
community.
D
So
we
did
reach
out
internally
to
vietnamese,
and
you
know
I
had
a
chance
to
talk
to
some
of
their
folks
and
we
we
really
want
to
understand.
You
know
how
they
host
the
charts,
what
what
sort
of
versions
etc.
So
we
have
planned
a
discussion,
but
not
yet
done
yeah.
So
it's
in
the
works.
D
Yeah,
if
you
scroll
down
I've,
updated
the
roadmap
with
a
lot
of
what
we
are
thinking
and
focusing
on
which
is
basically
security,
hardening
and
improving
the
security
posture
for
the
project.
So
we've
come
up
with
a
list
of
features
that
will
help
and
enhance
the
security.
A
All
right
well,
thank
you
again
for
joining
today's
meeting
and
if
you're
watching
from
home,
I
can
encourage
you
to
come
and
join
us
live
again.
We
meet
every
first
and
third
thursday
of
the
month
at
9
a.m.
Pacific
time,
so
we
hope
to
hear
from
you
soon.
Thank
you
thanks.