======================================================== #ansible-lockdown: hardening-lockdown merger first steps ======================================================== Meeting started by defionscode at 14:04:17 UTC. The full logs are available at https://meetbot.fedoraproject.org/ansible-lockdown/2018-10-17/hardening-lockdown_merger_first_steps.2018-10-17-14.04.log.html . Meeting summary --------------- * Documentation (defionscode, 14:09:07) * IDEA: each repo contains its own role and the docs for that role (defionscode, 14:18:50) * LINK: https://github.com/openstack/ansible-hardening/blob/master/doc/source/_exts/metadata-docs-rhel7.py (odyssey4me, 14:19:27) * LINK: https://github.com/openstack/ansible-hardening/blob/master/tox.ini#L33-L41 (odyssey4me, 14:19:35) * LINK: https://github.com/openstack/ansible-hardening/tree/master/doc (odyssey4me, 14:19:41) * LINK: https://docs.openstack.org/ansible-hardening/latest (odyssey4me, 14:19:47) * ACCEPTED: use sphinx + AH tooling (defionscode, 14:20:54) * IDEA: one builder that grabs docs from each builder and generates an ansible-lockdown page that can then link to the docs for each respective role (defionscode, 14:21:39) * IDEA: use sphinx's book concept; each role is a book (defionscode, 14:22:43) * AGREED: build process to go through repos, collect docs, and if possible leverage sphinx books (defionscode, 14:23:26) * AGREED: a singular landing page/portal that then links to each 'book' (defionscode, 14:23:43) * ACTION: shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content (defionscode, 14:26:21) * ACTION: cloudnull odyssey4me to R&D book concept (defionscode, 14:29:50) * IDEA: visit #openstack-doc for assistance/guidance on sphinx stuff (defionscode, 14:30:57) * Implementation Style (defionscode, 14:32:44) * LINK: https://github.com/MindPointGroup/RHEL7-STIG (defionscode, 14:37:06) * IDEA: AH repo to retire and leverage AL SHA to grab specific commit points of AL stuff (defionscode, 14:41:12) * ACTION: follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role (defionscode, 14:45:28) * ACTION: explore differences between Ubuntu and RHEL STIGs (defionscode, 14:46:27) * ACTION: shepdelacreme defionscode to port over cross-os compat to AL (defionscode, 14:50:16) * AH supports OSes as VMs/metal and as systemdnspawn and lxc containers (defionscode, 14:50:59) * AH has primary desire for host support (defionscode, 14:51:54) * AGREED: containers as a secondary objective (defionscode, 14:55:15) * ACTION: add testing to agenda for next meeting (defionscode, 14:59:16) * IDEA: use AWS or containers for cross-platform support? TBD. Maybe zuul helps? (defionscode, 15:00:19) * LINK: https://github.com/ansible/ansible/pull/40462 (odyssey4me, 15:02:33) * LINK: https://github.com/ansible/ansible/pull/40462 (defionscode, 15:03:12) * IDEA: use openstack infra for testing cross-os compat (defionscode, 15:03:57) * IDEA: use openstack molecule drive (defionscode, 15:05:54) * IDEA: have a molecule 'local' job that can be ran in hosts spun up by zuul (defionscode, 15:08:42) * IDEA: use delegated drive in molecule (defionscode, 15:10:13) * LINK: https://etherpad.openstack.org/p/ansible-hardening-lockdown-convo1 (defionscode, 15:10:36) Meeting ended at 15:10:44 UTC. Action Items ------------ * shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content * cloudnull odyssey4me to R&D book concept * follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role * explore differences between Ubuntu and RHEL STIGs * shepdelacreme defionscode to port over cross-os compat to AL * add testing to agenda for next meeting Action Items, by person ----------------------- * cloudnull * shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content * cloudnull odyssey4me to R&D book concept * defionscode * shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content * shepdelacreme defionscode to port over cross-os compat to AL * odyssey4me * cloudnull odyssey4me to R&D book concept * shepdelacreme * shepdelacreme defionscode cloudnull to work on unifying build process where each repo has a 'book' or at the very least AH-like content * shepdelacreme defionscode to port over cross-os compat to AL * **UNASSIGNED** * follow up with mnaser on moving ubuntu way from RHEL STIG standards and deving out a Ubuntu STIG proper role * explore differences between Ubuntu and RHEL STIGs * add testing to agenda for next meeting People Present (lines said) --------------------------- * defionscode (127) * odyssey4me (50) * cloudnull (36) * shepdelacreme (35) * zodbot (6) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot