hardening-lockdown_merger_first_steps
14.04
October 17, 2018
ansible-lockdown
#ansible-lockdown: hardening-lockdown merger first steps
Meeting started by defionscode at 14:04:17 UTC
(full logs ).
Meeting summary
Documentation (defionscode , 14:09:07)
IDEA : each repo
contains its own role and the docs for that role (defionscode ,
14:18:50)
https://github.com/openstack/ansible-hardening/blob/master/doc/source/_exts/metadata-docs-rhel7.py
(odyssey4me ,
14:19:27)
https://github.com/openstack/ansible-hardening/blob/master/tox.ini#L33-L41
(odyssey4me ,
14:19:35)
https://github.com/openstack/ansible-hardening/tree/master/doc
(odyssey4me ,
14:19:41)
https://docs.openstack.org/ansible-hardening/latest
(odyssey4me ,
14:19:47)
ACCEPTED : use sphinx + AH tooling (defionscode ,
14:20:54)
IDEA : one builder that
grabs docs from each builder and generates an ansible-lockdown page
that can then link to the docs for each respective role (defionscode ,
14:21:39)
IDEA : use sphinx's book
concept; each role is a book (defionscode ,
14:22:43)
AGREED : build process
to go through repos, collect docs, and if possible leverage sphinx
books (defionscode ,
14:23:26)
AGREED : a singular
landing page/portal that then links to each 'book' (defionscode ,
14:23:43)
ACTION : shepdelacreme
defionscode cloudnull to work on unifying build process where each
repo has a 'book' or at the very least AH-like content (defionscode ,
14:26:21)
ACTION : cloudnull
odyssey4me to R&D book concept (defionscode ,
14:29:50)
IDEA : visit
#openstack-doc for assistance/guidance on sphinx stuff (defionscode ,
14:30:57)
Implementation Style (defionscode , 14:32:44)
https://github.com/MindPointGroup/RHEL7-STIG
(defionscode ,
14:37:06)
IDEA : AH repo to retire
and leverage AL SHA to grab specific commit points of AL
stuff (defionscode ,
14:41:12)
ACTION : follow up
with mnaser on moving ubuntu way from RHEL STIG standards and deving
out a Ubuntu STIG proper role (defionscode ,
14:45:28)
ACTION : explore
differences between Ubuntu and RHEL STIGs (defionscode ,
14:46:27)
ACTION : shepdelacreme
defionscode to port over cross-os compat to AL (defionscode ,
14:50:16)
AH supports OSes as VMs/metal and as
systemdnspawn and lxc containers (defionscode ,
14:50:59)
AH has primary desire for host support
(defionscode ,
14:51:54)
AGREED : containers as
a secondary objective (defionscode ,
14:55:15)
ACTION : add testing
to agenda for next meeting (defionscode ,
14:59:16)
IDEA : use AWS or
containers for cross-platform support? TBD. Maybe zuul helps?
(defionscode ,
15:00:19)
https://github.com/ansible/ansible/pull/40462
(odyssey4me ,
15:02:33)
https://github.com/ansible/ansible/pull/40462
(defionscode ,
15:03:12)
IDEA : use openstack
infra for testing cross-os compat (defionscode ,
15:03:57)
IDEA : use openstack
molecule drive (defionscode ,
15:05:54)
IDEA : have a molecule
'local' job that can be ran in hosts spun up by zuul (defionscode ,
15:08:42)
IDEA : use delegated
drive in molecule (defionscode ,
15:10:13)
https://etherpad.openstack.org/p/ansible-hardening-lockdown-convo1
(defionscode ,
15:10:36)
Meeting ended at 15:10:44 UTC
(full logs ).
Action items
shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
cloudnull odyssey4me to R&D book concept
follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role
explore differences between Ubuntu and RHEL STIGs
shepdelacreme defionscode to port over cross-os compat to AL
add testing to agenda for next meeting
Action items, by person
cloudnull
shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
cloudnull odyssey4me to R&D book concept
defionscode
shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
shepdelacreme defionscode to port over cross-os compat to AL
odyssey4me
cloudnull odyssey4me to R&D book concept
shepdelacreme
shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
shepdelacreme defionscode to port over cross-os compat to AL
UNASSIGNED
follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role
explore differences between Ubuntu and RHEL STIGs
add testing to agenda for next meeting
People present (lines said)
defionscode (127)
odyssey4me (50)
cloudnull (36)
shepdelacreme (35)
zodbot (6)
Generated by MeetBot 0.1.4.