[Geoserver-devel] GeoServer PSC meeting notes, March 29th 2022

GeoTools / GeoServer PMC meeting - 2022-03-29Attending

   -

   Andrea Aime
   -

   Jukka Rahkonnen
   -

   Torben Barsballe
   -

   Jody Garnett

Actions from prior meetings:

   -

   AA: ask Steve about joining security team [TODO]
   -

   JG: ask the PSC about Steve joining security team [DONE]

Agenda

   -

   Log4J2 update
   -

   Discuss admin access checks in processes
   -

   kml-ppio graduation

Actions

   -

Log4J2 update

   -

   Jody working on GWC
   -

      respond to feedback today, thanks for review Ian and Andrea
      -

   GS updates incoming
   -

      So far working with “no change” (ie just using reload4j for log4j 1.2
      API)
      -

   Performance of logging wrappers may be improved later
   -

   gt-metadata splitting? hard to do, maybe later

geoserver data directory:

   -

   data directory format, how does migration work?
   -

      test cases read legacy data directory, issue events, which are saved
      in format
      -

   do we need to look at this for logging config
   -

      PRODUCTION_LOGGING.properties → PRODUCTION_LOGGING.xml
      -

         discussion on handling customizations

Discuss admin access checks in processes

Reference PR: https://github.com/geoserver/geoserver/pull/5735

   -

   checks security during writing a process
   -

   shows a gap in our security model, and is extra work for process writers
   -

   REST API used to allow fine grain control with “ant process”?

Discussion

   -

   Direct admin checks in wicket admin? there is one in geoserver base
   page..
   -

      workspace admin, and base admin, ..
      -

   Q: Can we provide processes with a “SecureCatalogue” which performs
   security checks on data access?
   -

      May do more damage than good, …
      -

      Lots of danger of regressions, …
      -

   allowing admin access is “x” (not “r/w” granularity)
   -

   Go ahead with current approach, the “proper” way is not worth the
   side-effects

kml-ppio graduation

KML read/write for WPS :slight_smile:

   1.

   Alternative one, merge into wps-core → wps becomes dependent on wms,
   nope!
   2.

   Alternative two, merge into wps-downlaod → what if I just need kml
   though?
   3.

   Then upgrade as-is, even if small

Compromise (thanks Torben): graduate and package in the wps zip, but do not
make wps-core depend on it.
Chit Chat

   -

   Hey jody had a small documentation proposal here:
   -

      https://github.com/geotools/geotools/wiki/Change-tutorial-and-example-code-from-public-domain-to-CC0

      -

      https://github.com/geotools/geotools/pull/3823
      -

   Discussion on duplicating boilerplate QA profile code into many small
   tutorials
   -

      Also perhaps for integration tests (see log4j upgrade branch)
      -

      Updating pmd version number in many places etc…
      -

   Idea:
   -

      Can use dependency scope import to “include” some common QA stuff
      (rather than copy and paste).