Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

August 14th, 2023 Community Meeting #156

Closed
qu1queee opened this issue Aug 1, 2023 · 5 comments
Closed

August 14th, 2023 Community Meeting #156

qu1queee opened this issue Aug 1, 2023 · 5 comments
Labels
community meeting

Comments

@qu1queee
Copy link
Contributor

qu1queee commented Aug 1, 2023

  • Please add a topic in this thread and add a link to the GitHub issue associated with the topic.
  • Please make sure you give folks enough time to review/discuss the topic offline on GitHub before coming into the meeting
  • (optional) Paste the image of an animal 😸
@coreydaley
Copy link
Contributor

coreydaley commented Aug 8, 2023
edited
Loading

This was completed.

@SaschaSchwarze0
Copy link
Member

Let's discuss on which path we go in [BETA API] Provide a solution to automatically create TLS secret and inject caBundle #1344.

@qu1queee
Copy link
Contributor Author

  • Hacktoberfest participation is confirmed, we need to work on the issues.
  • Chuang Wang from Tekton should join us today, we will discuss on the security features we are working at the moment.

@coreydaley
Copy link
Contributor

coreydaley commented Aug 14, 2023
edited
Loading

I would like to propose that we bulk add all existing issues and pull requests to https://github.com/orgs/shipwright-io/projects/6 now that automation is setup on all repositories to add newly created issues and pull requests.

We should also link the project to all of the repositories Projects tab so that it can be found easily.

@qu1queee
Copy link
Contributor Author

Meeting minutes:

  1. On August 14th, 2023 Community Meeting  #156 (comment) , we conclude the following:
    a) default will be with cert-manager annotations, will generate the CABundle and update the CRD for the four CR's
    b) second option is to extend the one-line kubectl apply, and add one more step, where the CABundle is autogenerated with a script and the CR's(4) are patched on the fly.
    c) To consider how the above two options will look for the operator.

  2. On August 14th, 2023 Community Meeting  #156 (comment) :

    • On Tekton Chains, currently generating attestations for SLSA v1.0 spec
    • On Tekton Chains, non forgeable provenance, e.g. how to ensure the Tekton CRD's are not temper.
    • Currently Tekton is compliant with SLSA level 2.
    • One of the conclusions is about reusability of libraries in Tekton Chains for SHP, we might need an spike issue for this
    • How do we continue the collaboration? from @adambkaplan to continue a discussion on SHP having its own attestation controller.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
community meeting
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@qu1queee @coreydaley @SaschaSchwarze0