2023-01-24 Aries Cloud Agent - Python Users Group Community Meeting

Summary:

Topics:

  • Update on BC Gov Code With Us – ACA-Py Indy-SDK to Askar conversion script - Indicio
  • Ledger Agnostic AnonCreds – when do we start using anoncreds-rs in ACA-Py and how?
  • Experience with using ACA-Py plugins
  • ACA-Py Documentation site
  • Open Discussion

Zoom Linkhttps://zoom.us/j/99220079317?pwd=OHk0U05ITnBkSmZ0aXlIQzFDYWg3UT09

Call Time: 8:00 Pacific / 17:00 Central Europe

Recordings From the Call: dummyfile.txt

  • Full Meeting:  
  • Topics:

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Welcome, Introductions and Announcements

Attendees

  • Stephen Curran (BC Gov/Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>,Announcements
  • Wade Barnes (BC Gov / Neoteric Technologies Inc.) <wade@neoterictech.ca>

Agenda

  • Update on BC Gov Code With Us – ACA-Py Indy-SDK to Askar conversion script - Indicio
  • Experiences with the use of Plugins in ACA-Py – the BC Gov Traction Team – Jason Sherman 
    • Traction – enabling the use of multi-tenant ACA-Py for teams that want an agent within an organization
      • Ease of use in standing up a new interface
      • Simplifier API for issuers/verifiers 
    • List of existing plugins: https://hackmd.io/m2AZebwJRkm6sWgO64-5xQ
      • Action – add the Traction plugins to it
      • Action – add this as a document in the ACA-Py repo
    • https://github.com/bcgov/traction
    • https://github.com/bcgov/traction/tree/develop/plugins
      • Getting started – look at the basicmessage-storage plugin – store the basic message text
      • Need more docs on how to do it - basics plus best practices – see deployment comments below.
      • Use it for testing new capabilities before putting into core ACA-Py
      • Deployment – how do you get the plugin published, versioned and brought into images for deployment? No decisions yet?
        • Managing the command line parameters, and the use of yaml files for the plugins
      • Lots of logic is in ACA-Py's routes.py, which might need to be refactored – makes it harder.
      • Big win in keeping the maintenance down vs. external code. Much easier to manage.
  • Ledger-Agnostic AnonCreds Interface is ACA-Py: progress
    • Status update
    • When should we replace indy-shared-rs with anoncreds-rs? Issue #2044
  • Adding a Documentation site for ACA-Py - as nice as the AFJ one - https://aries.js.org/
    • PR: 2079
    • Features wanted:
      • a Version selector based on ACA-Py tags, so the entire site (navigation, search) is filtered to that version
        • Only for versions going forward – not for past versions.
      • multi-lingual support to allow for translations
    • Current PR will have the doc site within ACA-Py, but the need for multiple versions may cause us to use a separate repo for housing the generated documents.
  • Question from Pradeep Kumar Prakasam : About automated container scanning.
    • Hi. If there is time, I would like to know if Container vulnerability scanning is covered in the GitHub workflow. I can see SonarCloud Gate, but couldn't find any container scanning there. If anyone could give me more info where to look, it would be great, thanks.
      • Notably – would it be possible to add qualys or an equivalent for container scanning?
    • Wade Barnes created Issue #2087 for this, flagging Ry Jones of Hyperledger to see what tools the Foundation has for this.

Next Meeting

  • Does anyone use/see a use case for Web Sockets and Return Route beyond ACA-Py as a mobile agent mediator?
  • Issue 2029: Additional security controls for webhooks for multi-tenancy

Future Topics

Action items