2023-01-24 Aries Cloud Agent - Python Users Group Community Meeting
Summary:
Topics:
- Update on BC Gov Code With Us – ACA-Py Indy-SDK to Askar conversion script - Indicio
- Ledger Agnostic AnonCreds – when do we start using anoncreds-rs in ACA-Py and how?
- Experience with using ACA-Py plugins
- ACA-Py Documentation site
- Open Discussion
Zoom Link: https://zoom.us/j/99220079317?pwd=OHk0U05ITnBkSmZ0aXlIQzFDYWg3UT09
Call Time: 8:00 Pacific / 17:00 Central Europe
Recordings From the Call: dummyfile.txt
- Full Meeting:
- Topics:
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
---|
Welcome, Introductions and Announcements
Attendees
- Stephen Curran (BC Gov/Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>,Announcements
- Wade Barnes (BC Gov / Neoteric Technologies Inc.) <wade@neoterictech.ca>
Agenda
- Update on BC Gov Code With Us – ACA-Py Indy-SDK to Askar conversion script - Indicio
- Status: Refactor and review, and then on to testing - creating test cases. Wrap up next week.
- Repo is: https://github.com/Indicio-tech/acapy-wallet-upgrade;
ACA-Py orexternal - Current branch: https://github.com/Indicio-tech/acapy-wallet-upgrade/tree/feature/psql-support
- Question from Kyle Robinson : How close is this conversion becoming like an export/import
- Response from Daniel Bluhm : There's definitely some similarities to export/import with the key difference that we're not doing a full dump/export followed by a full import. The migration script performs updates more or less in place so we don't have to worry about the size of the database being operated on
- From Timo Glastra – AFJ issue: https://github.com/Indicio-tech/acapy-wallet-upgrade/tree/feature/psql-support
- Experiences with the use of Plugins in ACA-Py – the BC Gov Traction Team – Jason Sherman
- Traction – enabling the use of multi-tenant ACA-Py for teams that want an agent within an organization
- Ease of use in standing up a new interface
- Simplifier API for issuers/verifiers
- List of existing plugins: https://hackmd.io/m2AZebwJRkm6sWgO64-5xQ
- Action – add the Traction plugins to it
- Action – add this as a document in the ACA-Py repo
- https://github.com/bcgov/traction
- https://github.com/bcgov/traction/tree/develop/plugins
- Getting started – look at the basicmessage-storage plugin – store the basic message text
- Need more docs on how to do it - basics plus best practices – see deployment comments below.
- Use it for testing new capabilities before putting into core ACA-Py
- Deployment – how do you get the plugin published, versioned and brought into images for deployment? No decisions yet?
- Managing the command line parameters, and the use of yaml files for the plugins
- Lots of logic is in ACA-Py's routes.py, which might need to be refactored – makes it harder.
- Big win in keeping the maintenance down vs. external code. Much easier to manage.
- Traction – enabling the use of multi-tenant ACA-Py for teams that want an agent within an organization
- Ledger-Agnostic AnonCreds Interface is ACA-Py: progress
- Status update
- When should we replace indy-shared-rs with anoncreds-rs? Issue #2044
- Adding a Documentation site for ACA-Py - as nice as the AFJ one - https://aries.js.org/
- PR: 2079
- Features wanted:
- a Version selector based on ACA-Py tags, so the entire site (navigation, search) is filtered to that version
- Only for versions going forward – not for past versions.
- multi-lingual support to allow for translations
- a Version selector based on ACA-Py tags, so the entire site (navigation, search) is filtered to that version
- Current PR will have the doc site within ACA-Py, but the need for multiple versions may cause us to use a separate repo for housing the generated documents.
- Question from Pradeep Kumar Prakasam : About automated container scanning.
- Hi. If there is time, I would like to know if Container vulnerability scanning is covered in the GitHub workflow. I can see SonarCloud Gate, but couldn't find any container scanning there. If anyone could give me more info where to look, it would be great, thanks.
- Notably – would it be possible to add qualys or an equivalent for container scanning?
- Wade Barnes created Issue #2087 for this, flagging Ry Jones of Hyperledger to see what tools the Foundation has for this.
- Hi. If there is time, I would like to know if Container vulnerability scanning is covered in the GitHub workflow. I can see SonarCloud Gate, but couldn't find any container scanning there. If anyone could give me more info where to look, it would be great, thanks.
Next Meeting
- Does anyone use/see a use case for Web Sockets and Return Route beyond ACA-Py as a mobile agent mediator?
- Issue 2029: Additional security controls for webhooks for multi-tenancy