Attendees:
Jim Baker Kenny Paul Gervais-Martial Ngueko Mandar Sawant
What went well?
DMaaP: cooperation between teams to get certificates
DMaaP: Brian F scanned the certificates for validity for the teams
CLAMP: limited scope helped create focus
CLAMP: the new certificate was correct from the start (just better timing as the 6 month cert issue had already been identified)
CLAMP: communication with RelEng
What need improvements?
DMaaP: First cert from AAF was only a 6 month expiry - expected 1 year duration
DMaaP: script was executed to check the scripts later and found the shortfall
DMaaP: Requirements for the cert changed AFTER the initial work (started at 6 months THEN moved to 12 months)
CLAMP: Should have caught the certif issue in Casablanca before 3.0.0 shipped OR 3.0.1
CLAMP: Shouldn't have to perform a release just for certificate expiration - should be another mechanism for update certs
CLAMP: Tagging - notification when to tag was unclear
DMaaP: Certif is a part of the image - it should be a part of the configuration and not a part of the image (need OOM cooperation - K8s secrets?)
DMaaP: No obvious checklist for this type of release - it would be helpful to have something to guide the small release like this (eg. tagging images)
Ideas for next steps?
Checklist for small "dot" releases
Certificate as a part of the configuration and not a part of the component image
Checklist item for validating certificates has already been added