Attendees
- @dduportal (Damien Duportal)
- @MarkEWaite (Mark Waite)
- @smerle (Stephane Merle)
Announcements
- Weekly - 2.344 package + Docker Image. Still some release checks to be done.
-
Digital Ocean credential exposure leading to unwanted VMs created
- Confirmed with Digital Ocean and GitHub that no other sensitive information was accessed
- Thanks to the Jenkins security team for their help
- Further improvements planned for areas that may have been source of problem
- Thanks to @lemeurherve for the call on Sunday and rapid response to the suspicious activity
Notes
-
Done (infra-team-sync-2022-04-19 Milestone · GitHub)
- VPN access granted, documentation improved
- Helped Gavin Mogan on a plugins site issue
- Automatic updates of helm charts
- Allows contributors to deploy based on merge of pull request
- Jenkins permission updates
- Plugin maintainers archiving repositories on GitHub
-
Work in Progress (infra-team-sync-2022-04-19 Milestone · GitHub)
- Digital Ocean credential exposure
- Disabled GitHub checks from infra.ci, only publish exceptions, very specific content
- May consider disabling even that specific contentt
- Credential rotation and a runbook to support it
- Thanks to @olblak for his work on it
- Upgrade to Kubernetes 1.21 has started
- Updating the kubectl command in our environment
- Need a new Kubernetes cluster on Digital Ocean
- Digital Ocean does not support 1.20, need to be on 1.21
- Mark Waite and Herve create a blog post and add Digital Ocean image on page
- Jira version is end of life later this year
- Linux Foundation ticket opened
- Digital Ocean credential exposure
-
New/Importants
infra-team-sync-next
- LF: question about list of active maintainers emails for a survey. To be decided in Jenkins board and an issue will be opened if required to have the infra team gather its.
-
ToDo (next milestone) (infra-team-sync-2022-04-26 Milestone · GitHub)