#ansible-lockdown: hardening-lockdown merger first steps

Meeting started by defionscode at 14:04:17 UTC (full logs).

Meeting summary

  1. Documentation (defionscode, 14:09:07)
    1. IDEA: each repo contains its own role and the docs for that role (defionscode, 14:18:50)
    2. https://github.com/openstack/ansible-hardening/blob/master/doc/source/_exts/metadata-docs-rhel7.py (odyssey4me, 14:19:27)
    3. https://github.com/openstack/ansible-hardening/blob/master/tox.ini#L33-L41 (odyssey4me, 14:19:35)
    4. https://github.com/openstack/ansible-hardening/tree/master/doc (odyssey4me, 14:19:41)
    5. https://docs.openstack.org/ansible-hardening/latest (odyssey4me, 14:19:47)
    6. ACCEPTED: use sphinx + AH tooling (defionscode, 14:20:54)
    7. IDEA: one builder that grabs docs from each builder and generates an ansible-lockdown page that can then link to the docs for each respective role (defionscode, 14:21:39)
    8. IDEA: use sphinx's book concept; each role is a book (defionscode, 14:22:43)
    9. AGREED: build process to go through repos, collect docs, and if possible leverage sphinx books (defionscode, 14:23:26)
    10. AGREED: a singular landing page/portal that then links to each 'book' (defionscode, 14:23:43)
    11. ACTION: shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content (defionscode, 14:26:21)
    12. ACTION: cloudnull odyssey4me to R&D book concept (defionscode, 14:29:50)
    13. IDEA: visit #openstack-doc for assistance/guidance on sphinx stuff (defionscode, 14:30:57)

  2. Implementation Style (defionscode, 14:32:44)
    1. https://github.com/MindPointGroup/RHEL7-STIG (defionscode, 14:37:06)
    2. IDEA: AH repo to retire and leverage AL SHA to grab specific commit points of AL stuff (defionscode, 14:41:12)
    3. ACTION: follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role (defionscode, 14:45:28)
    4. ACTION: explore differences between Ubuntu and RHEL STIGs (defionscode, 14:46:27)
    5. ACTION: shepdelacreme defionscode to port over cross-os compat to AL (defionscode, 14:50:16)
    6. AH supports OSes as VMs/metal and as systemdnspawn and lxc containers (defionscode, 14:50:59)
    7. AH has primary desire for host support (defionscode, 14:51:54)
    8. AGREED: containers as a secondary objective (defionscode, 14:55:15)
    9. ACTION: add testing to agenda for next meeting (defionscode, 14:59:16)
    10. IDEA: use AWS or containers for cross-platform support? TBD. Maybe zuul helps? (defionscode, 15:00:19)
    11. https://github.com/ansible/ansible/pull/40462 (odyssey4me, 15:02:33)
    12. https://github.com/ansible/ansible/pull/40462 (defionscode, 15:03:12)
    13. IDEA: use openstack infra for testing cross-os compat (defionscode, 15:03:57)
    14. IDEA: use openstack molecule drive (defionscode, 15:05:54)
    15. IDEA: have a molecule 'local' job that can be ran in hosts spun up by zuul (defionscode, 15:08:42)
    16. IDEA: use delegated drive in molecule (defionscode, 15:10:13)
    17. https://etherpad.openstack.org/p/ansible-hardening-lockdown-convo1 (defionscode, 15:10:36)


Meeting ended at 15:10:44 UTC (full logs).

Action items

  1. shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
  2. cloudnull odyssey4me to R&D book concept
  3. follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role
  4. explore differences between Ubuntu and RHEL STIGs
  5. shepdelacreme defionscode to port over cross-os compat to AL
  6. add testing to agenda for next meeting


Action items, by person

  1. cloudnull
    1. shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
    2. cloudnull odyssey4me to R&D book concept
  2. defionscode
    1. shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
    2. shepdelacreme defionscode to port over cross-os compat to AL
  3. odyssey4me
    1. cloudnull odyssey4me to R&D book concept
  4. shepdelacreme
    1. shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content
    2. shepdelacreme defionscode to port over cross-os compat to AL
  5. UNASSIGNED
    1. follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role
    2. explore differences between Ubuntu and RHEL STIGs
    3. add testing to agenda for next meeting


People present (lines said)

  1. defionscode (127)
  2. odyssey4me (50)
  3. cloudnull (36)
  4. shepdelacreme (35)
  5. zodbot (6)


Generated by MeetBot 0.1.4.