devops-automation icon indicating copy to clipboard operation
devops-automation copied to clipboard

Published 20 hours ago verified publisher icon finos

DevOps Automation SIG Meeting - Feb 20 2025 #226

Open ashukla13 opened this issue 9 months ago • 8 comments

Date

Thursday, Feb 20 2025 - 12pm ET; 5pm UK

Untracked attendees

Name Firm Comment

Meeting notices

  • FINOS Project leads are responsible for observing the FINOS guidelines for running project meetings. Project maintainers can find additional resources in the FINOS Maintainers Cheatsheet.

  • All participants in FINOS project meetings are subject to the LF Antitrust Policy, the FINOS Community Code of Conduct and all other FINOS policies.

  • FINOS meetings involve participation by industry competitors, and it is the intention of FINOS and the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws. Please contact [email protected] with any questions.

  • FINOS project meetings may be recorded for use solely by the FINOS team for administration purposes. In very limited instances, and with explicit approval, recordings may be made more widely available.

Agenda

  • [x] Convene, roll call, welcome new people
  • [x] Approve previous meeting minutes
  • [x] Announcement - new working group for code evolution at scale led by @mgasca and @masterkhal. First meeting on Feb 26
  • [x] Standard approach to SDLC controls - @ashukla13 , Aaron Searle, @meekrosoft, James Logan
    • [ ] Defining standardized approaches for automated controls and change management automation
    • [ ] Shared specs for audit trails and compliance documentation
    • [ ] Potential reference implementations that illustrate best practices
  • [x] Introduction to using LLMs for OSS dependency cluster analysis
  • [ ] Working Group updates
  • [ ] AOB, Q&A & Adjourn (5mins)

Decisions Made

  • [ ] Decision 1
  • [ ] Decision 2
  • [ ] ...

Action Items

  • [ ] Action 1
  • [ ] Action 2
  • [ ] ...

Zoom info

Join Zoom Meeting

  • https://zoom.us/j/94904595244
  • Meeting ID: 949 0459 5244
  • Passcode: 545224
  • Find your local number: https://zoom.us/u/aesEqmNODb

Github Repo: https://github.com/finos/devops-automation/

Project Board: https://github.com/orgs/finos/projects/33

Mailing List: Email [email protected] to subscribe to our mailing list

ashukla13 avatar Feb 07 '25 23:02 ashukla13

Matthew Bain / Morgan Stanley

rocketstack-matt avatar Feb 20 '25 17:02 rocketstack-matt

amol shukla/morgan stanley

ashukla13 avatar Feb 20 '25 17:02 ashukla13

Miguel Gasca / Morgan Stanley

mgasca avatar Feb 20 '25 17:02 mgasca

Tabea Uthmann / Cyberfame

tabea0211 avatar Feb 20 '25 17:02 tabea0211

Edi Baker-Wells, NatWest

bakerwe avatar Feb 20 '25 17:02 bakerwe

Karl Moll / FINOS

karlmoll avatar Feb 20 '25 17:02 karlmoll

Tobias Heldt / Cyberfame

0xAverageUser avatar Feb 20 '25 17:02 0xAverageUser

Meeting Minutes

  • #230 discussed and approved as a working group; first meeting on Feb 26.
  • Discussion on SDLC automation; this is very different than cloud controls; discussion on FFIEC handbook; what may be more useful as a compliance as code language; Karl brought up the governance framework, which vendors can use (which AI readiness SIG); follow up discussion in March
  • Context on OSS cluster analysis from Tobias; discussion to be continued in March

ashukla13 avatar Feb 20 '25 17:02 ashukla13