# Porter Community Meeting Minutes Bi-weekly call with the Porter maintainers, contributors and community. :::info - **Agenda:** https://getporter.org/dev-meeting/ - **Zoom:** https://getporter.org/zoom/dev/ passcode `77777` - **Calendar:** https://getporter.org/calendar - **Time:** Every other Thursday at 10am Central Time (3pm UTC) - Everyone is invited! πŸ’– - Attendees can add agenda items before a meeting. - All attendees are encouraged to sign in and add add their name to the participants list. - πŸŽ₯ Meetings are recorded and available at https://getporter.org/videos/ ::: ## Future Topics * Redesign of Porter Operator * Desired State * Storage of Porter Data (cred/param sets, config, plugins) * Flux Integration * Storing parameters used on an installation * How do the parameters on the installation compare to the claim. * Simply how to store state in a bundle * https://github.com/getporter/porter/discussions/1672 * Discuss how porter allows interaction between the host and a bundle * https://github.com/getporter/porter/discussions/1665 * Running the bundle on the target machine vs connecting to target machine from the bundle * suggestions: ssh/scp mixin, volume mounts * [Evaluate porter commands and yaml for consistency](https://github.com/getporter/porter/issues/1430) as part of our v1 milestone ## July 14, 2022 **Attendees** * Yingrong Zhao * Carolyn Van Slyck * Ralph Squillace * Jeremy Goss * Steven Gettys * Joshua Abednego * Aaron Schlesinger * David Justice * Add your name (https://getporter.org/dev-meeting) **Agenda** * Advanced Dependencies * Current Status * Updated designs and notes * Feature Flag plan (how to release this without it being a breaking change requiring a porter v2) * Incremental PR plan to avoid a mega PR of doom that is unreviewable * Find related issues with label [pep003-advanced-dependencies](https://github.com/getporter/porter/issues?q=is%3Aopen+is%3Aissue+label%3Apep003-advanced-dependencies) * Open Questions * Is it possible to integrate with third-party workflow engines (Argo, Brigade, or something that runs on Docker only)? David: third party workflow engine is a huge dependency. Is it worth it? Carolyn: Bundle is a workflow. Porter does not want to reinvent the wheel. It will also allow for workflow engine to be pluggable. Ralph: plugin approach how it affects immutability. Carolyn: who kicks off the running container does not really affect immutability. Container Orchestration. Steven: So we have argo kicking off porter currently.. You're telling me soon I could have argo kick off porter to kick off argo?? That’s pretty meta argo workflow -> porter's installation collect secrets -> terraform enterprise Carolyn: we don't want to write another workflow engine so we can focus on solving problems with bundles and improving security. abstracting workflow from porter might be too complex passing output from one argo stage to another, it requires to parsing k8s logs. * (Ralph) deployment model vs distribution model (handing it off for a customer to install like a deb) * have a built-in simple solution ## June 16, 2022 **Attendees** * Carolyn Van Slyck * Yingrong Zhao * Steven Gettys * Joshua Abednego * Tanmay Chaudhry * Jeremy Goss * Add your name (porter.sh/dev-meeting) **Agenda** * Introductions * Porter Hoodie! Follow the directions here to request one https://groups.io/g/porter/topic/91602108#94 * v1 release coordination * [1.0 Milestone](https://github.com/getporter/porter/milestone/16) * Release Stages * Alpha * Unstable database schema, no migrations supported * Almost done! We'll move to beta when the [migration PR](https://github.com/getporter/porter/pull/2150) is merged * Beta * Data migrations from v0.38 are supported * New PORTER_HOME directory, and porter migrates data from your old directory into the new one. * We don't touch old data so that you can go back if needed. * `porter storage migrate --old-home ~/.porterv0` * Someone should be able to use their current data with beta onwards though our final release * Existing bundles, parameter sets and credential sets created with v0.38 will need minor schema changes to work with v1.0.0-beta+ * Last chance to give feedback! * A [few breaking changes](https://github.com/getporter/porter/issues?q=is%3Aopen+is%3Aissue+label%3A%22breaking+change+%F0%9F%92%A5%22+milestone%3A1.0) are still planned for beta. Getting these out of the way to keep 1.0 consistent * Release Candidate * We will cut an RC when we think we have a viable 1.0.0 build. If we find bugs, we'll fix them and cut another RC * After the RC is vetted, it will be retagged as 1.0.0 * v0.38 EOL 🚨 * v0 is over a year old. Move off of it quickly especially in production. A lot of security redesigns went into the v1 release. * We will give v0.38 security support (when possible) for 3 months. * So if there are high severity vulnerabilities in our dependencies or Go, we'll rebuild with patched dependencies. * Moving forward with v1 * We plan to release dependencies as a minor patch to v1. More on that at our next meeting * No breaking changes to database schema, or document schema without increasing the major version. * Whenever possible, new features will be released with flags, so that they don't affect compatiblity. * Roadmap will be updated again, and we'll discuss in a meeting post 1.0 * Outputs in the operator (Steven) * Brainstorm on how to fetch agent action stdout * Things we have tried: * inside the installation controller, after the agent action finishes * modified teh agent image, support a list of commands to run * porter install foo * porter installation outputs show * right now trying to do pod logs... this is an ugly hack * -o /porter-shared/outputs/myoutput didn't work well due to timing issues and needing a pod around to access the mounted volume * It seems like it's time to just add a grpc service and support retrieve the output * F5 isn't blocked, they have hacks to get the data, but we don't want to bake in those hacks into theo perator. ## June 2, 2022 **Attendees** * Carolyn Van Slyck * Steven Gettys * Brian DeGeeter * Yingrong Zhao * Jeremy Goss * Prakash Mirji * David Justice * Add your name (porter.sh/dev-meeting) **Agenda** * Porter v1.0.0-alpha.20 release and breaking plugin changes * Demo: Storing Porter secrets in Azure Key Vault * Discuss Installation outputs in Operator * https://github.com/getporter/operator/issues/63 * porter-agent with updated kubernetes plugin to work with new secret pluin protocol: https://github.com/getporter/porter/pkgs/container/porter-agent/22774395?tag=canary-v1 * Here is the issue to track capturing outputs from a stateless run: https://github.com/getporter/porter/issues/1980 ## May 5, 2022 **Attendees** * Carolyn Van Slyck * Jeremy Goss * Steven Gettys * Yingrong Zhao * Add your name (porter.sh/dev-meeting) **Agenda** * Open office hours * Brian: output retrieval in the operator * Add an annotation installation CRD, that indicates that the operator should scrape theoutputs and put them into an new installationoutupt crd * Someone can make a PEP for the grpc service using the inital discussion from Porter's discussion tab on GH * https://github.com/getporter/porter/discussions/1313 * Doc error in the k8s plugin and how to resolve the secret value: * https://github.com/getporter/kubernetes-plugins/issues/106 * https://github.com/getporter/kubernetes-plugins/issues/107 ``` credentials: - name: password source: secret: secretname.secretkey # if no key is specified, default to value ``` ## April 21, 2022 **Attendees** * Yingrong Zhao (porter.sh/dev-meeting) * Carolyn Van Slyck * Steven Gettys * Jeremy Goss * Joshua Abedengo * Prakash Mirji * Brian DeGeeter **Agenda** * (yingrong) Status Update: Storing sensitive data in a secret vault * sensitive parameter values and outputs are currently persisted to the claimstore (database) * This is a security concern that we want to address before 1.0 * Porter will persist sensitive values into your configured secret store, and the db stores a link to where to get it * By default, no secret store is configured so porter will refuse to work with bundles that generate or require sensitive data * We will provide a secret plugin that you can use if you are okay with storing sensitive data on the filesystem, for dev/test (or trying out porter) * Otherwise in production you should use Azure KeyVault or HashiCorp Vault for the secret plugin * Parameters and outputs are marked as sensitive in the porter.yaml * porter installation output show MYPASSWORD (get sensitive value) * porter installation show (redact) * Human output is redacted by default, but you can get it with json * (carolyn) Changes to the plugin protocol * Secret is adding Create function * All plugins will pass context.Context and support opentelemetry * gRPC protocol instead of net/rpc * all plugins will need to recompile and be updated * We will provide migration doc for the plugin updates * * (carolyn) Data migration will be AFTER alpha.20 (which has the sensitive data fix) - don't recommand to build based on source until alpha.20 a bug in plugin.Serve method. Fix is on the way Storage plugin can't work with external storage plugin. The fix is in progress. cred/prameter set CRD in kubernete operator plugin is in progress ## April 7, 2022 **Attendees** * Carolyn Van Slyck * Krishna Sagiraju * Jeremy Goss * Yingrong Zhao * Steven Gettys * Srujan A * David Justice * Joshua Abednego * Add your name here (porter.sh/dev-meeting) **Agenda** * Supporting data migrations from v0.38 to 1.0.0 * https://github.com/getporter/porter/issues/1700#issuecomment-1088787968 * Moving into beta and the release candiate process * Roundup of recently released features * Build behind a proxy * build-args * secrets and ssh - Krishna: non-docker buildkit * Techincal guidance on [issue#2022](https://github.com/getporter/porter/issues/2002) * usecase: add assets to a bundle and be able to use porter to get the assets out of the bundle * put the assets into a separate layer(separate from invocation image) and have ability to identify the location of those assets in the bundle * pull the assets only rather than the entire image * current workaround: base64 encode the data so it can be part of the manifest through custom metadata * * Discuss CredentialSet and ParameterSet CRD implementation [issue#18](https://github.com/getporter/operator/issues/18) look very similar to the installation controller rethink the list of type of values supported in kubernetes link to native kubernete concept(like: configMap) * No way to extract custom resources from a bundle * Multiple invocation images * 1 image to package all the assets * CNAB spec allows to define multiple invocation images * data image * mount reference images into the running container ## Mar 24, 2022 **Attendees** * Carolyn Van Slyck * Add your name here (porter.sh/dev-meeting) **Agenda** Open Office Hours ## Mar 10, 2022 **Attendees** * Carolyn Van Slyck * Steven Gettys * Joshua Abednego * Brian DeGeeter * Don Stewart **Agenda** * Porter builds bundles to run as an unprivileged user now (v1.0.0-alpha.12) * home directory for the user is /home/nonroot * Dockerfile * USER 65532 * How to deal with dependabot * cascade merge requests, so we could first merge cnab-to-oci, tag it, then cnab-go, tag it, then porter * [Mixins as Bundles Proposal](https://github.com/getporter/proposals/pull/11) * How to install plugins on the porter agent * current workaround: building the agent with extra plugins installed * Possible ideas: * mount a plugin volume * use the k8s plugin and then connect k8s to other secret stores * azure keyvault service, and prepoulate secrets * Carolyn will ask Azure about how this works * It's possible to get stuck * kubectl delete -> deletionTimestamp (stuck) * uninstalled = true on the installation ```yaml metadata: name: foo finalizers: - porter.sh/finalizer ``` * https://release-v1.porter.sh/reference/file-formats/#installation ## Feb 24, 2022 **Attendees** * Carolyn Van Slyck **Agenda** * Reminder this meeting is recorded and will be posted at https://porter.sh/videos/ * Introductions * Switching to bundles that don't run as root (nonroot invocation image) * https://github.com/getporter/porter/pull/1930 * Upcoming AgentAction resource in the Porter Operator * https://github.com/getporter/operator/pull/73 * Let's chat about dependencies! * Status * [Proposal](https://github.com/getporter/proposals/pull/8) is mostly there, need to finish and merge. * CNAB Spec will follow after we vet with an implementation. * I have a branch that vets the manifest changes, graph resolution. Still need to vet the execution plan. * Picking a default implementation for an environment * Managing an installation and its dependencies * Visualizing * Working with them as a unit * Lifecycle management * When is something not used anymore? ## Feb 10, 2022 **Attendees** * Vaughn Dice * Steven Gettys * Joshua Bezaleel Abednego * Krishna sagiraju * Carolyn Van Slyck **Agenda** * New operator version v0.4.0 with permission fix * https://github.com/getporter/operator/releases/tag/v0.4.0 * Dependencies! πŸš€ * Carolyn went through all of the CNAB Spec changes in the most recent CNAB Community meeting * Walk through proposed new porter.yaml format to specify dependencies and discuss how various scenarios will work * https://github.com/carolynvs/porter-proposals/blob/dependencies-labels-namespaces/pep/003-dependency-namespaces-and-labels.md ## Jan 27, 2022 **Attendees** * Steven Gettys * Carolyn Van Slyck **Agenda** * Introductions * Progress on IronBank (PlatformOne) submission and how we plan to maintain those images. * Discuss a proposed breaking change to specifying parameter and credential sets during porter install. We would like to remove specifying a filepath. https://github.com/getporter/porter/issues/1809#issuecomment-1020571092 * Discuss a proposed breaking change to the templating language used in porter.yaml. https://github.com/getporter/porter/issues/316#issuecomment-1021536427 * Operator refactored to make it easier to implement supporting Credential Sets and Parameter Sets in the operator. Once that's merged, I'd love to help anyone interested in contributing to the operator. ## Jan 13, 2022 **Attendees** * Carolyn Van Slyck * Nathaniel Hatfield * Yingrong Zhao * Joel Baxter * Brian DeGeeter * Ralph Squillace * Joshua Bezaleel Abednego * Steven Gettys * Vaughn Dice * Krishna Sagiraju * Jeremy Goss * Add your name here **Agenda** * Introductions * Yay, new people! * Discuss submission of distroless Porter docker images to Iron Bank * Summary: Certain organizations have a set of standards in order to approve software use (related to Platform One?) * Porter has added a few things towards this goal * (Defer rest of discussion) * Demo of the latest operator build and how to install it and use it * https://release-v1.porter.sh/operator/ * https://release-v1.porter.sh/reference/file-formats/#installation * Background: We have the porter CLI, but we'd like to run Porter in a K8s cluster to automate bundle installation/lifecycle * Side note: Toggle the docs on porter.sh/docs at the top left to v1 to see these docs * (Demo!) * (Looking at installation manifest for the operator): Note that the metadata section has K8s-y things while the namespace/name under the spec is for Porter * Should be able to interrogate operator logs via porter CLI, shouldn't need to drop down to K8s pods, etc. (though possible; note that the operator will soon start cleaning up pods, etc. when completed) * Editing the installation manifest triggers an upgrade * What is the `active` field? * Two diff ways to manage custom resources in K8s * 1. Delete CRD directly (but when it's gone, it's gone) * 2. Keep CRD but track uninstall history * This is what active means for the operator: Setting active to false triggers an uninstall *but* keeps the record around so users can see its uninstall status via the porter CLI *and* the CRD continues to exist * Thought: Issues may arise w/ the two modes and multi-party use on a shared cluster * Should Porter ignore the kubectl delete CRD command?! Or at least not mapping it to 'porter uninstall' * Let's reference other prior art (Argo), maybe create an issue/discussion * 99% of the operator functionality is encapsulated by the `porter installation apply` CLI command * Starting to add Status metadata to the installation object/record * Caveat: There *can* currentlly be drift between Porter's datastore (mongo) and K8s * To be clear, we won't ever consider K8s the source of truth for Porter installation records * Uninstalling a bundle with the operator * Not yet released * *Maybe* within the next week or so! * Tangential Q: State of K8s plugin for Porter? * Needs to be revisited to get to work w/ Porter v1 * Currently, Carolyn set up a port forward from the mongodb instance running in K8s to access the operator installation records/data * Since Porter switched to the mongodb backend for data store, the K8s plugin would be revised to only handle secrets (Think: I need to access a secret/sensitive value and I want it stored in an external provider e.g. Hashicorp Vault, Azure, K8s secrets, etc.) * After the uninstall work is in, we'll use file formats for Creds/Params to improve this use case * e.g. they will be represented by CRDs in K8s as well * Looking for contributions/collab here! * Next step: resolve mongodb connection string from a secrets plugin *instead* of hard-coding it into config on the host (or in K8s) * Mixin error handling * https://release-v1.porter.sh/mixins/exec/#ignore-error * In the latest v1 release (notes forthcoming) * Example scenario: Using a mixin to create a resource and it already exists. Some CLIs will error in this case (or return w/ non-zero exit code). Previously, this would trigger a failure in the Porter action being run, which would halt the action. * Now, we can configure such a step to ignore the error, with a lot of different options: * Ignore *all* errors * Ignore any error with specific exit code * Ignore an error with certain output (either string or regex match) * Currently implemented in exec mixin; want to roll out to others (like `az`) * If you use a mixin and would like this logic incorporated, we can help! * But wait there's more! We have a new Porter dev! * Meet Yingrong, who has just joined the Porter team full-time * Last job was in OSS as well * Now Carolyn has more help!!! ## Nov 18th, 2021 **Attendees** * Carolyn Van Slyck * Joel Baxter * Jeremy Goss * Krishna Sagiraju * Nathaniel Hatfield * Add your name here **Agenda** * Operator backlog * Porter v1 backlog * Introductions: Joel, Jeremy and Krishna ## Nov 4, 2021 **Attendees** * Carolyn Van Slyck * Joshua Bezaleel * Erickson Moskito **Agenda** * https://hackmd.io/d6mFx44bQ3WCurW3gsGSFA * https://github.com/cncf/toc/blob/main/process/graduation_criteria.adoc ## Oct 21, 2021 **Attendees** * Carolyn Van Slyck * Vaughn Dice * Add your name here **Agenda** * What open designs do we have? * Dependencies * Dependency Graph Resolution * Bundle Interface and depending on an interface * Workflow Engine * Create an abstracted interface and substitute different implementations (docker, k8s) * Use it for inside a bundle, and for dependencies * Structured Logging * log levels/tags * what is displayed in the console vs the logs * Integration with opentelemetry * Mixins as Bundles (lynchpin feature) * https://github.com/getporter/porter/discussions/1499 * Using the dependency workflow engine to execute mixins * Mixin Distribution and Versioning * Bundle Index * https://github.com/getporter/proposals/blob/9ed393e424b99f3d2bb09ee1773719dc46278b4f/pep/003-dependency-namespaces-and-labels.md#porter-bundle-index * Porter Service πŸ‘ * https://github.com/getporter/porter/discussions/1313 * hard to interact with operator through just the CRD * inside the operator it would be a sidecar, and not exposed as a data service to the cluster * outside of the cluster (see discussion) people can use it for a wider range of integrations * Integrated signing with signy * Template Language * How can we make the entire porter.yaml templatable? * https://github.com/getporter/porter/issues/1002 * Would another representation like cue help? * Step Through Debugger * Interacting with the host * using porter to install a binary * Implementing a bundle with wasm instead of docker * Passing arbitrary/extra credentials * https://github.com/getporter/porter/discussions/1525 * Reusable action blocks, conditional logic * Let's discuss which ones we would like to finish so that someone could implement it ## Oct 7, 2021 **Attendees** * Carolyn Van Slyck * Mohamed Chorfa * Steven Gettys * Vaughn Dice **Agenda** * v1 milestone progress and backlog grooming * https://github.com/getporter/porter/milestone/16 * Some top issues to look at: * Mixin schema - could break into 2 issues * 1. Get rid of the squigglies - allow arbitrary mixin config * 2. Get full auto-complete for mixin config * Improve DX around using Porter as a library (out of v1) * Of course, CLI, Porter config, etc. will be covered with semver guarantees -- we don't wish to focus on the same for Porter's API * Params and Outputs from array to map? (out of v1) * Not convinced the benefits outweigh the impacts * Perhaps a little too late to make the change (all Porter manifests would need updating, etc.) * WSL DNS bug attempting to install from cdn * Not holding up v1 * Any WSL pros out there that can help?! * Validate bundle digest https://github.com/getporter/porter/issues/1626 * Security-wise, validating digests would be preferred * Q: If you have the tag and the actual expected digest, what would be the value of pulling via tag and checking digest -- as opposed to pulling w/ the digest directly? (No compelling answer) * Re: supply-chain security, arguably the more pertinent missing piece is checking the signature on the artifact * Carolyn shows current state of support for bundle versioning: can use version, tag or digest (digest will always be given top priority when provided) * Thinking this just needs clarification in the docs (in fact, a dedicated Security section would be the next move) * Support buildkit flags https://github.com/getporter/porter/issues/1769 * Today, we support buildkit as a driver -- but we don't expose buildkit opts/flags in the porter CLI * Open to interested contributors!! * Adding lint/scan fields to Helm and K8s mixin * Should be able to add today, to run during build * Add verbosity flag * Initially added to support better granularity on what is logged * Carolyn experimented with structured logs and tracing and we think this will be the way to go. (Current impl uses OpenTracing and sends to Jaeger; looking at OpenTelemetry which looks to be the successor) * Enthusiastic support from the community! * Allow setting step outputs as non-sensitive * They are sensitive by default * Community support for this! * Params/creds that are JSON * Support accessing fields of object in manifest, e.g. '{{ bundle.parameters.object.key }}' * Wrapping up: Encouraged to go thru the [v1 milestone](https://github.com/getporter/porter/milestone/16) and add comments/feedback. We'd like to get it into a state where only the necessary or highest-pri items go to v1. Lower-pri/non-breaking-changes are more eligible to delay. Thanks! ## Sept 23, 2021 **Attendees** * Carolyn Van Slyck * Vaughn Dice * Jeremy Goss * Brian DeGeeter **Agenda** * Introductions when we have new attendees * Welcome, Jeremy! Interested in using Porter to bundle their cloud-native apps. Already have a tool for authoring apps which produce CNABs. * Carolyn: Reminder - these meetings are primarily for the community, so don't hesitate to suggest working sessions, ask questions, add to the agendea, etc. * Show and Tell: Share how you are using bundles, show a new mixin, and other neat stuff. * Recent Releases * [v1.0.0-alpha.3](https://github.com/getporter/porter/releases/tag/v1.0.0-alpha.3) is out! * Reminder: these are alpha releases, so no guarantees of backwards compat, data migration, etc. Only for kicking the tires. * Though, final v1.0.0 *will* have migration support from pre-v1 to v1 * Demo of new v1 features: * MongoDB data backend! Way more performant, both locally and remote. Supports complex querying. * Namespaces and labels to support organization of installations, parameter and credential sets. Porter also has a global namespace for shared/team params/creds. * Labels currently allow filtering of resources. In the future, this will tie in with better/more advanced dependency support. * Bundle state: Porter now supports use of a 'state bag' to manage application state.Have porter persist state data for you, such as a tfstate or tfvars file so that you don't have to deal with it yourself * Example: bundles using terraform mixin to track tfstate/tfvars. See the tabbycats demo: https://github.com/carolynvs/tabbycat-demo * Q: Can users still access the 'hidden' state resources? Yes, if they look at the bundle definition, say via `porter inspect`. But again, we don't expect users to usually interact with them. * Params/Creds import (via `apply`). Can `show` params/creds and output yaml/json to then edit as needed and then re-`apply`. * reconcilation: Define the desired state of an installation, and Porter will handle comparing that desired state with the installation's current state, then run install, upgrade automatically based on if there are differences. * Sneak peak! (not in v1-alpha.3 but coming soon) * Example: show an installation, modify a parameter value, apply the updated installation -- Porter automatically detects a difference and runs upgrade. * This feature also sets things up for the Porter operator to transition from imperative to declarative. Coming within the next month or two. * Opens up GitOps scenarios and Flux integrations. Change a file in a git repo, Flux lets the Porter Operator know, Operator runs actions as needed. * Conclusion: Try v1 alpha!!! Let us know how it looks. Thank youuuu ## Aug 12, 2021 **Attendees** * Carolyn Van Slyck * Vaughn Dice * Add your Name **Agenda** * Introductions when we have new attendees * Is the approach for mixin schema support standardized? * In progress of switching to use goembed to embed schema in mixins * When developing a mixin, it isn't strictly necessary to embed schema, but recommended, especially with custom config, etc. * Show and Tell: Share how you are using bundles, show a new mixin, and other neat stuff. * Demo of new v1 features: * Namespaces * Very similar to namespaces in Kubernetes (but not exactly the same) * Can search all namespaces via `porter list --all-namespaces`, or specific via `porter list --namespace test` * In Porter's config, the default namespace can be set to a specific value * Goal is to allow multiple users to work with the same Porter install/env * Also supported for credential and parameter sets * To designate installations/cred/paramsets to the 'global' namespace, set namespace to the empty string (-n "") * This enables bundle installations in a certain namespace to use cred/paramsets in the global namespace * Porter will first check the certain namespace; if not found, will check the global * Labels * Another technique to group installations (and filter searches) * Also supported for credential and parameter sets * Q: Will bundle authors be able to add labels to the bundle itself? * A: Currently we have keywords; there are/will be CNAB Spec proposal(s) to transfer bundle label(s) to installation * MongoDB * In order to support the namespace and label queries, we had to overhaul Porter's underlying storage mechanism * New default storage plugin: mongodb-docker: MongoDB running in a local Docker container * No longer flatfile local filesystem storage * Storage plugins now speak mongodb * Another built-in storage option: mongodb: provide the conn URL to a MongoDB instance and Porter will connect to it * Check your Porter config to see if you have a hard-coded driver to the old/deprecated filesystem plugin and update * Note that Porter stores outputs in MongoDB, which *may* be an issue with large outputs. May revisit in future. * Handy GUI to explore Mongo data: MongoDB Compass (https://www.mongodb.com/products/compass) * Dev tool as well to be sure indices are being used where expected * Extended CNAB talk wrt storage * The CNAB Spec defines the data representation and runtime concerns * Other aspects, like param and cred sets, are non-normative, i.e. just suggestions * We discovered we had items defined in the Go CNAB library (cnab-go) that were non-normative/generic and not nec. strictly defined by the spec. So we've decided to remove these from cnab-go to make it clear that those concerns are entirely up to each implementation. * Porter ran into big performance issues when using these parts of cnab-go * Want to vet these changes in Porter first (using fork of cnab-go) for a bit before issuing PRs in cnab-go and cnab-spec * Try these changes out! * Next *alpha* v1 release should be due out soon. * Disclaimer! As these are *alpha* releases, there will be no offer of data migration between releases. * Repeat: not for use in production :) ## July 15, 2021 **Attendees** * Carolyn Van Slyck * Vaughn Dice **Agenda** * Introductions when we have new attendees * Show and Tell: Share how you are using bundles, show a new mixin, and other neat stuff. * Porter Operator - Desired State Commands * Carolyn working on Installation CR for configuring desired state of an istallation * `porter installation|credentials|parameters apply` * `porter installation|credentials|parameters show` * Store additional status information on the custom field * Talking about validation errors or mistyped fields (param/cred sets that don't exist, etc.) * Porter should return error and not persist the provided CR * With the kubernetes plugin, we might have the ability to use k8s secrets as store for values in Param and Cred sets (or we can/should add) * Have had requests to define/manage Param and Cred sets as CRs as well * But the weird part is currently 'path' is a way to define where a p/c value is from, which isn't applicable in K8s * So, could use 'configMap' or 'secret' in K8s * In general, working towards users of the Operator never having to use the Porter CLI...just Operator interactions in tandem with CRDs * Porter data storage * Currently use an ORM model (implemented in cnab-go); we'd like to get rid of this (very inefficient, esp. via plugins that store/retrieve from cloud providers) * Moving all data access from cnab-go into porter, e.g. credential store * Storage Plugins (mongo query api) * local mongo daemon to replace local filesystem * mongodb for remote storage * cosmosdb for azure * Redefine the storage plugin interface ## July 1, 2021 ⏰ **We have changed the meeting time to 3pm UTC** **Attendees** * Carolyn Van Slyck * Vaughn Dice * Ritesh Yadav **Agenda** * Introductions * Put questions or items on the agenda * [Helm -> Helm2 Mixin Rename](https://groups.io/g/porter/message/49) * Update the porter readme doc with the latest helm2/helm3 changes * Review [v1 progress](https://github.com/getporter/porter/milestone/16) * Backing out storage from the CNAB spec and cnab-go * Moving storate providers and drivers into Porter, and optimizing for reads/writes/queries. * Implications for storage plugin such as changing the interface or understanding domain more (i.e. knows how to read a set of related data for an installation). * Porter Operator status and roadmap * Work on operator starts back up in July * New direction: desired state management of installations * Need management of credential/parameter sets, porter config, etc. * Will devote an upcoming community meeting to design walkthrough * Take a look at FAB, https://fab.dev/ * Could we make a fab mixin? ## June 16, 2021 **Agenda** * We were featured on Go Time! πŸŽ‰ * Review our [roadmap](https://porter.sh/roadmap) * How are we doing on [v1](https://github.com/getporter/porter/milestone/16) progress? * Initial v1.0.0-alpha.2 release going out today * Does the website need versioning? * How is the operator coming along? * Swag! * Encrypt data at rest * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':''%7D,%7B'option':'Hex','string':''%7D,'CBC','Raw','Hex',%7B'option':'Hex','string':''%7D) - Try out different encryption algorithms * Here is the AES implementation https://golang.org/pkg/crypto/aes/ Action Items * make a v1 page that describes high level breaking changes and features to look forward to * Fix the permalink ## May 19, 2021 **Participants** * Jennifer Davis * Vaughn Dice * Carolyn Van Slyck **Agenda** * v1 milestone is set! https://github.com/getporter/porter/milestone/16 * What has gone into v1 and how to try it * Only install exec by default (#1588) * Add support for maintainers (#1572) * Add new build driver for buildkit (#1567) * Use Go 1.16 and change to go:embed * What has gone into main? * Everything merged into main, @carolynvs has been merging into v1 * Update the docker example (#1595) * Updated QuickStart (#1586) * Fixed blog CSS (#1593) * Split integration tests into separate build (#1564) * Porter Operator roadmap is being built out now * https://github.com/getporter/operator/milestone/1 * Infra as Code and Infra as Data (versus "or") * Signy Integration * Coming from security spec (not finalized) * Signing and verification experience needs to be designed * Implement using an experimental flag so we can start integrating now, before signy is done. * Want a PEP that describes how this should look when complete. * Documentation improvements! Overview of quickstart changes and upcoming updates. * Potential GitHub Action to merge main to v1 branch rather than manual process. ## May 5, 2021 **Participants** * Carolyn Van Slyck * Thorsten Hans * Vaughn Dice * Mohamed Chorfa * Carlos OKieffe **Agenda** * Reminder: We have an open agenda! So all contributions to the agenda are welcome here. * Speed up build times: https://github.com/getporter/porter/issues/1546 * Pull Request CI can take quite a bit of time (20-30mins) * Main culprit: integration tests that run real bundles against a real Docker daemon * Oftentimes, PRs introduce changes that don't actually affect the runtime * Moving forward, we can always kick the integration tests off manually, otherwise we'll be smarter about only running them if the runtime is affected. Then, the tests will always run on the merge to main event. * Docker app migration * Docker App has been deprecated and/or no longer supported * Carolyn has written a blog post on how to migrate your Docker App to Porter! (Will be live soon, check porter.sh/blog) * Surprise! Porter will honor the DOCKER_HOST/DOCKER_CONTEXT env vars when installing a bundle, so they can use a remote daemon/host. * Thorsten may have cycles to try with Azure/ACI :) * As a follow-up, could be nice to have a doc a la Compatible Registries for compatible Docker hosts * Update on hosting situation * Previous setup came with a lot of instability * We've migrated everything to Netlify + GitHub releases, e.g. https://github.com/getporter/porter/releases/tag/v0.38.1 * Mohamed concurs - he always publishes to GH as well * All of the mixins under the getporter org publish to GH releases as well * Experimental flag support * Porter implements the CNAB core spec (and others) but oftentimes pushes the spec along * There are features we on Porter would like to see in a spec and so we have a need to use feature flags to toggle major experimental features (which, when on, may not strictly comply with a given spec) * Thorsten: Have we considered the approach of a global 'this will break spec compliance' flag? * Thinking more toggle per feature... * Thorsten: Experience here with .NET. Need to be aware of messaging to the community * Some experimental features may not necessarily break a spec (adding Buildkit, for instance)... or they might break other versions of Porter itself * Mohamed: We could have two categories of features: Build vs Runtime. The latter is really where spec compliance comes in, not necessarily the former. * CNAB Security Spec * New spec around attestation/verification of CNAB bundles * POC implementation in signy: https://github.com/cnabio/signy * Momentum re-building for this spec * Augmented Mixins * Forum discussion: https://github.com/getporter/porter/discussions/1522 * Additional logic for a given mixin, like lint/scan of Helm charts for the helm mixin at build-time * Configuration would be specific to a given mixin; shouldn't need changes in Porter to support * Another approach, when talking about the Terraform mixin specifically. If the logic needs to occur at runtime, maybe a new command would be a better fit -- the ability to run arbitrary `terraform` cli commands as they are added in subsequent versions, etc. (Like `terraform validate ...` which needs to occur using the underlying cloud provider at runtime) * Vaughn/vdice can help ^^ ! ## April 21, 2021 Skipped, vacation! 🌴 ## April 7, 2021 **Participants** * Carolyn Van Slyck * Jennifer Davis * Vaughn Dice * Mohamed Chorfa **Agenda** * Update about hosting situation * Discuss remaining v1 milestone suggestions * Carolyn will update the v1 milestone to match the document https://hackmd.io/@porter/v1-planning ## March 24, 2021 **Participants** * Carolyn Van Slyck * Ralph Squillace (Microsoft) * Vaughn Dice * Joshua Bezaleel * Jennifer Davis (Google) * Simon Davies **Agenda** * What would a v1 look like https://hackmd.io/@porter/v1-planning * bar would be focusing on reliability and stability * track areas that need additional documentation * mixins by default not included by porter installation * exec mixin updating with porter install * * Proposals Repo: https://github.com/getporter/proposals ## March 10, 2021 **Participants** * Carolyn Van Slyck * Mohamed Chorfa * Vaughn Dice * Simon Davies **Agenda** * Continue discussing dependencies changes * Prevent reinstalling on top of an existing installation * Simon: Porter configuration allows for specifying different plugin config by namespace? * Mohamed: I have a dependency on foo@v1.0.0 and I get installed. Foo is then upgraded to v2.0.0. * I upgrade the main bundle: we have a lockfile of dependencies, we don't re-resolve dependencies. * What if I upgrade a bundle and that introduces a new dependency, we do resolve that and update the lockfile and then install the dependency. * Do we want to enforce another installation's dependency version range when upgrading a dependency. Soft warning. (need more scenarios to understand if we should ) * Document the dependencies and rely on the lockfile, make that visible. * Add to doc that ref and version need to match for existing installations * I had a dep on mysql v1, then I upgraded the bundle and bumped by dependency of mysql to v2. What happens? Do I upgrade mysql too? * We need to rely on the dependencylifecycle definition and always allow the user to override and tell porter what to do. * Add owner (installation) flag to resources so we know who installed it. * We want the other feature of tracking users to actions ## February 24, 2021 **Participants** * Carolyn Van Slyck * Vaughn Dice * Mohamed Chorfa **Agenda** * Walk through of Proposals * [Mixin Versioning](https://github.com/getporter/proposals/pull/7) * Ask Ralph about using helm3 mixin with arm https://github.com/MChorfa/porter-helm3/issues/15 * We should list the mixins used by the bundle in `porter inspect` not `porter explain` * We should verifiy the digest of the runtime mixin before executing the bundle steps * [Resolve Dependencies by Namespace and Labels](https://github.com/getporter/proposals/pull/8) * Split polymorphic dependencies into a separate proposal * Common github settings for getporter organization * We now have github.com/getporter/.github where we can put common settings such as labels and branch protection rules * We should add issue and PR templates to this repository * We should use the t-shirt size github app and label so PRs are automatically sized for us ## February 10, 2021 * Cancelled ## January 27, 2021 **Participants** * Carolyn Van Slyck * Simon Davies * Vaughn Dice **Agenda** * Making this a public meeting. * Porter Operator ## November 4, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice **Agenda** * magefile.org - Transition to mage from make. ## October 21, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice * Jennifer Davis * Simon Davies **Agenda** * Carolyn with get a CNCF zoom with a passcode, not waiting room * Supporting bundles with Windows container * Jennifer: Presenting on how to contribute to open source at user group presentation for powershell users using Porter as an example. Doing a hacktoberfest/open source stream on the Porter project (what is Porter, what does it solve, share the project, and talking through issues) * Vaughn: Wants to start on items from bundle versioning epic: https://github.com/getporter/porter/issues/1151 ## October 7, 2020 **Participants** * Carolyn Van Slyck * Jennifer Davis **Agenda** * Let's go over docs! * When we say get started, who is "getting started" ? Currently we intermix between authors of bundles and end consumers of bundles. We want to change over to focus on consumers of bundles to begin with. * Get Started -> "explain porter concepts" at the beginning. (Foundational concepts about Porter), credentials, parameters, dependencies (nearly all of the author bundles concepts) * Explain why porter in Get Started, what is bundle? * Link to carolyn's talk here * Links to other short videos/blog posts * Quickstart: * getporter/porter-hello instead of having folks create use image. * Key Concepts: Tags, Bundles are found in registries (like docker images), Registry * Install * Upgrade * Uninstall * List * Examine * (NOT how to find a bundle) * Landing page that Docs goes to "docs.md" * Welcome * How documentation is organized * Quickstart -> Tutorial style * Topic Guides "about specific topic" * Tutorial Progression * Using bundles * Quickstart - commands for managing bundles (explain/install/upgrade/invoke/uninstall/list/show) * Parameters `porter install --param color=blue` * Credentials * Outputs (looking at `porter installation output list/show`) * Authoring Bundles * Quickstart - create/build/install without tag * Mixins - declare mixins, define bundles actions (install/upgrade) * Declare Parameters/Credentials/Outputs in porter.yaml * Use Parameters/Credentials/Outputs in the template language * This is the existing page that does these two tasks https://porter.sh/wiring/ * Images, Custom * Dependencies * Required (Docker) * Vaughn/Carolyn main updates to documentation ideas * split out implementation (nitty/gritty) from how-to * remove some implementation details * We should go over the left hand nav at some point in the medium term future, we do want to migrate eventually to something more aggregated around specific topics versus having the specific porter functionality. * Ideas for raise.dev stream sharing porter project * FAQ page needs updating (Incredible high value) * Asking folks if can reuse content (don't need to ask Porter maintainer, assumed good) but can pulled from GitHub issues, or comments from Slack channel * update the FAQ page to actually refer to this, and update the community page to say this as well. * Blog * Anyone can submit content for inclusion on the porter blog. ## September 23, 2020 **Participants** * Reddy Prasad * Carolyn Van Slyck * Jennifer Davis * Simon Davies **Agenda** * Review [PR 922](https://github.com/getporter/porter/pull/922) with Reddy, associated [Issue 1080](https://github.com/getporter/porter/issues/1080) * Maybe using VS Code extensions to give a better experience for missing/broken configurations * CNCF transition * @getporter/porter-contributors who used to have triage. * Thank you to vdice for all the awesome work on the transistion to getporter organization! πŸŽ‰ * Dual Publish to GitHub Container Registry and Docker Hub * What happens with Docker Hub images that aren't pushed frequently? * It is possible and we are aware could get out of sync because of different ways of managing artifacts. * We want to dual publish to ensure we have a backup in case of any "issues" with a registry. * CNCF Zoom coming soon. * Groups * private mailing list for CNCF to Porter maintainers * porter mailing list - open mailing list that anyone can join * Maybe need a third mailing list for maintainers? * Trust/Credibility * balancing ease of use and availability of bundles with implied trust/credibility * Status (vdice; missing this week's meeting) * Helped w/ getporter org move, docs, license updates, etc. * Testing Porter + GitHub Container Registry (as is Squillace!) via personal [bundles repo](https://github.com/vdice/porter-bundles). * Gives me ideas to improve Porter's [GitHub Action](https://github.com/getporter/gh-action) -- most ideas already [tracked](https://github.com/getporter/gh-action/issues). * Ticket to start publishing Porter example bundles to ghcr: https://github.com/getporter/porter/issues/1280 ## September 9, 2020 **Participants** * Simon Davies * Carolyn Van Slyck * Vaughn Dice * Jennifer Davis **Agenda** * CNCF Transition https://github.com/deislabs/porter/milestone/17 * Demo: https://cnabtoarm.com/api/generate/cnabquickstarts.azurecr.io/porter/kubeflow/bundle:0.1.4 ## August 26, 2020 **Participants** * Carolyn Van Slyck **Agenda** * v0.28.0 release πŸŽ‰ * Meeting cancelled since no one showed ## August 10, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice * Gauri Madhok **Agenda** * Change meeting time to a mid-week day, 45 minutes long every other week * Scratch commands - https://hackmd.io/@porter/scratch-commands * (Add our agenda item here) ## August 3, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice * Gauri Madhok * Simon Davies **Agenda** * CNAB meeting prep * What are you working on? * Claims release update * Azure auth for the plugin * (Add your agenda item here) ## July 27, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice * Gauri Madhok * Jennifer Davis **Agenda** * Porter LB * [Claims Release](https://github.com/deislabs/porter/pull/1145) * https://sched.co/Zet9 - Chris Crone showing off CNAB with Docker App or Porter on August 19, 2020 at KubeCon Europe 2020 * GitHub Apps * https://github.com/deislabs/porter/pull/1168 * https://probot.github.io/apps/triage-new-issues/ * assign-myself https://github.com/carolynvs/assign-myself * Doc updates! * Docker for packaging vs manifest * Jennifer will meet with Carolyn tomorrow to work on quickstart * First release of Docker mixin!!! πŸŽ‰ Working on the blog post this week. https://github.com/deislabs/porter/pull/1145 * Blog posts **Action Items** * @carolynvs - Fix zoom permissions and co-hosting ## July 20, 2020 **Participants** * Carolyn Van Slyck * Vaughn Dice * Gauri Madhok **Agenda** * Bug review * This week's release ## July 13, 2020 **Participants** * Carolyn Van Slyck * Jennifer Davis * Gauri Madhok * Vaughn Dice **Agenda** * Keep meeting minutes for the weekly dev meeting (here) and archive to a github repository as the document gets too long. * Working on a new Porter logo design * Targeting a new release this week with bug fixes for --tag overrides and hopefully [#1130](https://github.com/deislabs/porter/issues/1130) * Discussed Gauri's docker mixin design. Looked at the Terraform mixin that used the arguments flag to define version and +1 Gauri's initial design. ###### tags: `Meeting`