GitHub user DaanHoogland added a comment to the discussion: doc for hackathon 2024
<h2 dir="ltr" style="line-height:1.38;margin-top:18pt;margin-bottom:6pt;" id="docs-internal-guid-1789f6a5-7fff-1e60-2265-dd11e9a11e2a"><span style="font-size:16pt;font-family:Arial,sans-serif;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Ideas:</span></h2><br /><div dir="ltr" style="margin-left:0pt;" align="left"> Idea | Proposed By | Description | Comments -- | -- | -- | -- CloudStack Extensions | Rohit Yadav | Given simple interfaces (input/output expectations) ACS extensions are any script (Python, Shell), or binary (Go, Rust, etc.) which allow sysadmins/sre/ops admins to write them. The aim of this idea is to discuss and gather list of what kind of extension and type are possible. For example, authentication, 2FA validation etc. | To discuss & discover simpler feature interfaces and hack some extensions.Largely an idea and design topic. Build Cloudstack Packages for Arch linux | Kiran chavala | Check the feasibility of cloudstack support for archlinuxhttps://archlinux.org/Since archlinux is quite popular among self hosted community and other open source enthusiast | https://ipv6.rs/tutorial/Arch_Linux/CloudStack/https://github.com/Fincer/cloudstack_archlinux/tree/main Explore out of the box RPC implementations | Daan Hoogland | Use an RPC mechanism that is not maintained (and outdated) just for ACS but that has more users and thus a broader set of maintainers. | Goto after a quick search is https://thrift.apache.org/ but surely there are more possibilities.Part of the goal is to have a usinifed mech of communications between all parts of the system. And external part/3rd party plugins could leverage the services in a more standard way, instead of the old API. Priority-based security issues management | Boris Stoyanov | With the increased interest in the project, we’re seeing a rise in security issues being reported—an encouraging sign of the community’s engagement and commitment to improvement. Over the past summer, we addressed all reported issues and issued security releases, which has been greatly beneficial to both the community and the project as a whole. However, this process has been quite demanding on the team, requiring significant time and effort.To make this process more efficient and sustainable, we could consider implementing a system that prioritizes issues based on severity. For example, if a low-severity issue with a viable workaround is reported, we could bundle several such issues into a single release and provide public guidance on the workaround. This would allow users to remain protected while reducing the immediate pressure on PMC members, enabling them to prioritize their efforts more effectively.This approach would not only streamline the response to security issues but also sustain a balanced workload, ensuring that the team can focus on high-impact vulnerabilities without the strain of addressing all issues with the same urgency. | The idea of the session is to gain support and build the idea, then post it on the mailing list for discussion. CloudStack installer | Rohit Yadav | Discuss, review and continue WIP ACS script installer c8k.in/stall.shAlso explore container based installer. | | | | </div><br /><br /><h2 dir="ltr" style="line-height:1.38;margin-top:18pt;margin-bottom:6pt;"><span style="font-size:16pt;font-family:Arial,sans-serif;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Hackathon Agenda:</span></h2><br /><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size:11pt;font-family:Arial,sans-serif;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Start: 12:30 GMT+2</span></p><br /><br /><br /><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size:11pt;font-family:Arial,sans-serif;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white -space:pre;white-space:pre-wrap;">Presentation of the ideas and developments: 16:30 GMT+2</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size:11pt;font-family:Arial,sans-serif;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Finish: 18:00 GMT+2</span></p>Ideas: Idea Proposed By Description Comments CloudStack Extensions Rohit Yadav Given simple interfaces (input/output expectations) ACS extensions are any script (Python, Shell), or binary (Go, Rust, etc.) which allow sysadmins/sre/ops admins to write them. The aim of this idea is to discuss and gather list of what kind of extension and type are possible. For example, authentication, 2FA validation etc. To discuss & discover simpler feature interfaces and hack some extensions. Largely an idea and design topic. Build Cloudstack Packages for Arch linux Kiran chavala Check the feasibility of cloudstack support for archlinux https://archlinux.org// Since archlinux is quite popular among self hosted community and other open source enthusiast https://ipv6.rs/tutorial/Arch_Linux/CloudStack/ https://github.com/Fincer/cloudstack_archlinux/tree/main Explore out of the box RPC implementations Daan Hoogland Use an RPC mechanism that is not maintained (and outdated) just for ACS but that has more users and thus a broader set of maintainers. Goto after a quick search is https://thrift.apache.org/ but surely there are more possibilities. Part of the goal is to have a usinifed mech of communications between all parts of the system. And external part/3rd party plugins could leverage the services in a more standard way, instead of the old API. Priority-based security issues management Boris Stoyanov With the increased interest in the project, we’re seeing a rise in security issues being reported—an encouraging sign of the community’s engagement and commitment to improvement. Over the past summer, we addressed all reported issues and issued security releases, which has been greatly beneficial to both the community and the project as a whole. However, this process has been quite demanding on the team, requiring significant time and effort. To make this process more efficient and sustainable, we could consider implementing a system that prioritizes issues based on severity. For example, if a low-severity issue with a viable workaround is reported, we could bundle several such issues into a single release and provide public guidance on the workaround. This would allow users to remain protected while reducing the immediate pressure on PMC members, enabling them to prioritize their efforts more effectively. This approach would not only streamline the response to security issues but also sustain a balanced workload, ensuring that the team can focus on high-impact vulnerabilities without the strain of addressing all issues with the same urgency. The idea of the session is to gain support and build the idea, then post it on the mailing list for discussion. CloudStack installer Rohit Yadav Discuss, review and continue WIP ACS script installer c8k.in/stall.sh Also explore container based installer. Hackathon Agenda: Start: 12:30 GMT+2 Presentation of the ideas and developments: 16:30 GMT+2 Finish: 18:00 GMT+2 GitHub link: https://github.com/apache/cloudstack/discussions/9951#discussioncomment-11321298 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
