Hello, here are the minutes of today's meeting: 2024-06-06 heroes meeting Attendees: Christian, Georg, Gertjian, Dominik, Bill - IAM meeting (replacing idp-portal) - so far, only high-level discussions * SUSE wants to split employee and community accounts * probably own Kanidm for openSUSE * firstyear helping with design - fail2ban on code.o.o work in progress - improved monitor.o.o page - prometheus monitoring now covers everything icinga monitored (and more!), icinga will be removed - release notes sync job now uses the official documentation repo directly - most machines are now highstate-able (no local changes that would be overwritten) - couple of pagure/code.o.o related issues fixed - Incorporate oS members as part of the user group for simplified management? https://progress.opensuse.org/issues/160508 - disable stale Heroes accounts - contact users who did not authenticate to the Heroes VPN for >= 6 months - if no response + login within a month, disable Heroes IDM account and revoke the corresponding VPN client certificate -- Bill's VPN never worked, he needs to get re-setup https://progress.opensuse.org/issues/161132 - Content-Security-Policy (CSP) - good idea in general - we'll work on it, but it probably takes some time - a few services that include "random"/user-defined external content will be interesting[tm] Regards, Christian Boltz -- <jjohansen> its a bug tracker, developers aren't supposed to look at those things :) [from #apparmor]