[08:38:37] 10GitLab (CI & Job Runners), 10Release-Engineering-Team (Next), 10User-brennen: Provision untrusted instance-wide GitLab job runners to handle user-level projects and merge requests from forks - https://phabricator.wikimedia.org/T297426 (10Jelto) > We have a k8s cluster on Digital Ocean that we're using to p... [14:56:39] 10GitLab (Infrastructure), 10serviceops, 10Patch-For-Review: bring new gitlab hardware servers into production - https://phabricator.wikimedia.org/T307142 (10Jelto) p:05Triage→03High a:03Jelto I would suggest to treat gitlab-runner hosts a little different. For the Runner hosts we can basically can //... [15:05:40] 10GitLab (Infrastructure), 10serviceops: GitLab Security Release: 14.10.1, 14.9.4, and 14.8.6 - https://phabricator.wikimedia.org/T307471 (10MoritzMuehlenhoff) [15:06:47] 10GitLab (Infrastructure), 10serviceops, 10Patch-For-Review: bring new gitlab hardware servers into production - https://phabricator.wikimedia.org/T307142 (10Jelto) [16:21:28] 10GitLab (CI & Job Runners), 10Security-Team, 10Patch-For-Review, 10Release-Engineering-Team (GitLab-a-thon 🦊), and 2 others: Limit GitLab shared runners to images from Wikimedia Docker registry - https://phabricator.wikimedia.org/T291978 (10brennen) [16:59:12] 10GitLab (Administration, Settings & Policy), 10Release-Engineering-Team (GitLab-a-thon 🦊), 10cloud-services-team (Kanban): gitlab: consider enabling docker container registry - https://phabricator.wikimedia.org/T304845 (10brennen) Tagging for evaluation during #gitlabsperiment. [20:05:47] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Design and Build Application Security Pipeline Components for Gitlab - https://phabricator.wikimedia.org/T289290 (10sbassett) [20:06:23] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Support conda environments with a new gitlab appsec ci template - https://phabricator.wikimedia.org/T305732 (10sbassett) 05In progress→03Declined Declining this for now, as I don't think the OSSI TOS (mentioned above) wil... [20:06:32] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Support conda environments with a new gitlab appsec ci template - https://phabricator.wikimedia.org/T305732 (10sbassett) [20:06:51] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Design and Build Application Security Pipeline Components for Gitlab - https://phabricator.wikimedia.org/T289290 (10sbassett) [20:07:22] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Release-Engineering-Team (Radar), and 4 others: Evaluate and confirm potential licensing issues for gitlab appsec pipeline tools - https://phabricator.wikimedia.org/T304737 (10sbassett) 05Open→03In progress p:05Triage→03Medium [21:20:09] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Create osv.dev ci includes - https://phabricator.wikimedia.org/T307514 (10sbassett) [21:20:31] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Design and Build Application Security Pipeline Components for Gitlab - https://phabricator.wikimedia.org/T289290 (10sbassett) [21:20:39] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Create osv.dev ci includes - https://phabricator.wikimedia.org/T307514 (10sbassett) 05Open→03In progress p:05Triage→03Medium [21:24:13] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Write a phame / tech blog post detailing the appsec pipeline, as it currently exists - https://phabricator.wikimedia.org/T307517 (10sbassett) [21:24:24] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Write a phame / tech blog post detailing the appsec pipeline, as it currently exists - https://phabricator.wikimedia.org/T307517 (10sbassett) [21:33:07] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Investigate container scanning options within the context of the Gitlab appsec pipeline - https://phabricator.wikimedia.org/T307523 (10sbassett) [21:33:27] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Investigate container scanning options within the context of the Gitlab appsec pipeline - https://phabricator.wikimedia.org/T307523 (10sbassett)