►
From YouTube: Working Group: 2020-08-20
Description
* Stackpacks
A
A
B
B
C
C
B
C
A
A
B
I
think
some
of
the
things
we'll
talk
about
today,
the
the
challenges
that
this
for
me
just
I
don't
want
to
copy-paste
a
lot
of
code.
You
know
I
just
want
to
structure
it
so
that
it's
you
know
like
if
we're
reading
the
platform
directory
or
whatever
we're
doing
at
once,
the
same
way,
but
then
the
other
part
of,
and
that
part's
easy,
because
whatever
we'll
figure
that
out,
but
the
other
part
that
might
be
challenging
is,
I
think,
like
certainly
for
me
as
I'm
working
on
the
implementation
for
the
stackpacks.
B
B
A
A
A
A
B
Yeah,
so
the
first
one
is,
I
think,
stack
tamil,
it's
both
its
name
and
its
like
structure
or
if
it's
its
own
thing.
So
in
the
rfc
stack,
tumble
is
kind
of
like
an
analog
to
launch
tunnel,
and
it
does.
It
serves
two
purposes.
One
is
to
define
directories
and
files
that
are
always
restored,
even
if
the
base
image
changes.
B
C
B
B
Or
there
could
be
like,
I
don't
know
what
to
call
it
like,
like
two
binaries,
like
root
builder
plus
builder,
like
one
of
the
proposals
stephen
had,
was
the
phase
actually
executes
two
binaries,
which
feels
like
it's
kind
of
a
sucky
contract
between
the
platform
and
the
life
cycle,
but
I
mean
I
guess
it's
easy
to
opt
out
of
stack
packs.
That
way.
B
The
other
was
like
extender
calls
builder.
So
you
still
have
two
binaries.
One
is
like
like
root
builder,
but
it
like
it
handles
the
stack
packs,
but
then
it
actually
calls
out
to
another
binary,
which
would
be
just
builder,
and
so
the
way
you
would
opt
out
of
stack
packs
is
by
not
calling
the
extender
builder.
C
A
C
D
A
C
B
B
Yep
I
was
doing
slash
just
because
I
well
actually,
no
that's
not
true,
I
was
gonna
say
because
it
felt
like
that's
what
would
be
expected,
but
maybe
like
home
slash
root
or
something
is
more
like.
What's
expected,
I
don't
know,
I
really
don't
know,
can
they
modify
the
bomb?
Can
they
add
layers?
Can
they
make
slices.
B
A
B
A
B
Like
understanding,
if
we
want
to
go
that
direction
with
these
things,
I
think
relates
to
the
question
about
stack,
tommel
and
launch
toml
like
if
we
think
there's
a
future
where
they
can
create
slices
process
types
modify
the
bomb.
Well,
that's
all
that
one's
a
little
bit
different,
but
that
that
would
like
lead
lead
us
towards
a
single
tamil
file
that
comes
out
of
the
build
process,
whether
it's
a
stack
pack
or
regular,
build
pack.
B
B
C
C
I
also
had
one
more
question,
which
was
in
buildpack.tamel:
we
were
using
privileged
bullying
to
decide
whether
this
was
a
stack
pack
or
a
regular
bill
pack,
and
I
was
wondering
if,
instead
of
doing
that,
we
wanted
to
have
something
more
like.
I
think
the
fact
that
stack
packs
have
to
be
privileged
feels
more
like
a
requirement
or
implementation
detail.
Then
it
feels
like
it's
the
point
of
the
stackpacks
in
some
ways
the
point
of
the
stackpacks
is
that
it's
making
only
abi
compatible
changes.
C
C
B
C
A
A
D
C
A
A
C
B
So
the
stack
tunnel
in
my
poc,
which
I
think
you
saw,
does
two
things.
It
defines
the
files
and
directories
that
will
be
restored,
even
if
there's
a
new
base
image
so
like
app
package
indices,
and
then
it
also
defines
files
and
directories
that
will
be
excluded
from
the
launch
image
like
var
cash
or
whatever,
but
that
you
want
to
keep
for
performance
reasons,
so
stack
thomas,
probably
not
the
right
place
for
those.
I
just
did
that,
so
I
can
move
forward.
B
D
B
D
D
You
can
just
exclude
it
completely
because
it's
temp
files
or
you
can
make
sure
that
it
comes
back
on
the
next
you
know
like,
and
you
can
make
sure
that
it
comes
back
to
the
next
build
optionally,
right
and
so
for
app
packages.
You
say
I
don't
want
this
in
the
image,
because
you
don't
want
your
run
image
to
have
the
app
index
and
you
wanted
to
come
back
in
the
next
build.
So
you
do
exclude
paths
equals
var,
app,
something
and
then
cache
equals
true,
and
then
I
think
you're
golden
on
both
images.
C
In
some
ways,
what
we're
talking
about
is
kind
of
like
slices
right.
If
you
have
a
diff
that
your
bill
pack
created,
and
then
you
use
these
paths
to
slice
it,
then
you
have
multiple
layers
and
you
can
think
of
it
as
analogous
to
how
we
have
cache
launch
and
build
for
normal
errors,
except
the
build,
doesn't
make
sense
for
stack
packs
because
there's
no
explicit
exposing
and
whether
it's
launch,
true
or
false,
I
think,
isn't
something
the
build
pack
decides,
because
if
it
was
created
while
running
on
the
run
image
is
launched.
C
D
B
C
I
guess
whether
it's
launch
true
or
build
true,
which
are
exclusive,
mutually
exclusive
in
this
case,
and
the
build
pack
wouldn't
be
actively
deciding
what
to
do
with
those
based
on
that
context.
But
we
need
to
know
so.
We
know
which
image
to
restore
it
to
later.
Right,
like
you,
basically
need
to
restore
on
the
run.
C
C
D
On
the
looking
through
the
rfc,
where
I
see
the
very
bottom,
you
have
stack
tomlin,
build.restores
and
run.excludes,
and
I
think
it
looks
like
you.
The
idea
was
to
split
the
runtime
version
of
that
with
the
build
time
version.
But
then,
then,
a
while
ago
there
was
like,
like
three
or
four
working
group
meetings
ago
we
talked
about.
D
D
C
B
As
I
start
to
flesh
this
out
in
the
code,
there
will
be
some
unit
tests
that
help
illustrate
it.
I
don't
know
if
that's
real
enough,
but
I
think
they'll
be
pretty
contrived,
but
maybe
they
maybe
if
they,
if
we
replace
those
with
like
real
directories,
that
make
sense
in
the
context
of
like
apt
or
whatever.
C
We
think
because
this
one
feature
is
uniquely
complicated,
that
the
our
proof
of
concept
is
going
to
keep
feeding
back
on
the
rfc
for
changes.
I
guess
there's
like
a
meta
question
of
how
we
want
to
handle
that.
Do
we
just
want
to
keep
this
open
for
a
while
and
keep
working
on
it
and
edit
it
or
do
we
want
to
get
something
through
and
know
that
very
quickly,
we'll
have
another
rfc,
that's
like
superseding.
D
B
A
D
B
No,
we
can't
create
layers,
it
can't
create
layers,
but
we
will
pass
it
that
directory
to
which
it
can
write.
Files
like
like
one
of
the
cases
that
I
was
thinking
of-
and
this
is
because,
like
one
of
the
build
packs
I
was
using
did
this,
it
was
just
like
setting
up
some
files
and
directories
in
the
in
the
layers
directory
because
that's
just
what
it
did
and
then
my
builder
just
ignored
it,
because
it
was
a
stack
pack
and
I
feel,
like
that's,
actually
a
real
case.
B
We
should
consider
I'm
not
married
to
one
behavior
or
the
other,
but
I
I
kind
of
favor
like
yeah,
just
let
it
write
stuff
in
there
and
ignore
it
like,
if,
like
you,
can
imagine
if
you're
using
like
lib
build
pack
and
it
initializes
some
file
or
thing
like,
even
if
it's
just
like
it's
a
sandbox.
Just
let
it
do
that.
Don't
air.
D
B
Yeah,
well,
I
think
I
actually
think
layers
directory
is
a
misnomer,
like
the
layers
directory
is
actually
well.
It's
like
the
layers
directories,
which
are
probably
in
the
like,
build
packs,
sandbox
directory
or
whatever
we
call
it
like.
That's
where
it
launch
tunnel
goes.
That
is
it's
not
really
a
layers.
D
C
D
C
A
C
D
D
B
D
Each
of
the
build
packs
layers
directories
like
the
the
layer
for
each
the
directory
for
each
build
pack,
for
which
the
build
pack
puts
layers
in
contains
directories
that
could
turn
into
layers.
The
only
thing
that's
in
that
top
level,
slash
layers,
the
only
thing
that's
not
layers
is
some
configuration
files
that
sit
around
layers.
So
if
we
didn't
want
to
start,
oh
there's.
C
B
Let's
talk
about
the
life
cycle
phases,
because
I
think
this
is
important
to
my
poc
at
least
moving
it
forward.
The
way
I
the
way
I
have
it
structured
now
is
that
there's
one
builder
one
builder
binary
and
also
the
like
sort
of
the
library
part
of
it,
which
is
like
builder.go
at
the
top
level
and
they're
all
the
same
thing.
There's
the
same
entry
point.
B
D
A
C
Which
is,
I
think,
some
of
these
conversations
have
been
driven
by
not
wanting
to
repeat
a
lot
of
code,
but
I
think
there
are
many
ways
to
avoid
repeating
a
lot
of
code
and
I'd
like
to
start
just
by
framing
the
conversation
on
what
interface
we
want.
And
then
we
can
talk
about
how
to
not
repeat
code
while
doing
that.
D
I
agree
completely:
I'm
separate
not
related
to
repeating
code,
I'm
I'm
worried
about
having
the
builder
logic
right,
the
the
thing
that
runs
unprivileged
and
the
container
runs
through
normal,
build
packs
like
as
we
extend
that
I
worry
about
applying
the
same
logic
in
the
on
the
run
image
during
build
time
when
you're
extending
the
run
image
and
just
running
stack,
packs
or
like
in
all
these
other
cases.
I
feel
like
it's
a
it.
It's
sort
of
built
to
do
this.
You
know
running
normal,
build
packs
in
a
row
thing.
D
You
know,
you
know
against
that
contract
right
and
it's
it's
nice
that
you
can.
You
know
always
run
it
as
an
unprivileged
user
and
expect
it
to
you
know,
write
all
the
files
with
the
right
permissions.
You
know
all
that,
so
what
I
propose
is
have
it
another
binary.
That's
the
stackpack
binary
that
runs
privileged
right.
D
That,
in
the
during
the
build
phase,
runs
the
stackpacks
with
the
stackpack
contract
first,
and
then
it
actually
executes
the
unprivileged
builder
as
a
normal
user
and
does
the
rest
of
the
build
packs
using
the
normal
builder
logic.
If
a
platform
doesn't
want
to
support,
stack
packs
and
wants
to
do
a
maximally,
secure
configuration
or
the
build
image
always
runs
unprivileged
like
kpac.
D
It
could
just
execute
the
builder
and
not
execute
the
root
builder,
but
if
there
are
stack
packs,
the
platform
can
execute
the
route
builder,
which
executes
through
playbacks
and
then
executes
the
builder.
Then,
on
the
run
image
you
could
have
either
a
flag
to
that
privileged
binary
or
a
different
binary.
That
does
the
extension
of
the
run
image
running
the
stack
packs
on
the
run
image
and
that's
the
without
talking
about
the
code.
That's
the
high
level
kind
of
like
architecture
that
I
think
would
feels
most
secure
and
keeps
the
best
separation
between.
C
D
B
C
It
drops
the
privileges
just
like
we
do
when
we
run
creator,
so
you
could
either
run
builder
not
as
root,
in
which
case,
if
you
passed
it
stack,
build
packs
you'd,
be
like
no
sorry.
I
can't
do
that
or
you
run
it
as
root
and
it
does
the
stack
bill,
packs
and
drops
privileges
and
then
does
its
normal
thing.
D
D
D
C
D
It
feels
I'm
not
super
strongly
opinionated
if
there's
still
a
way
to
run
this
one
builder
right
as
a
normal
user
and
then
have
it,
skip
the
stack
packs
and
then
run
the
normal
builder
logic.
I
think
I'm
okay
with
that,
but
it
it
feels
simpler
if,
in
the
case,
where
you're
not
using
stack
packs,
the
platform
can
execute
something.
That's
just
the
normal,
build
pack
runner
and
not
have
to
worry
about
what
that
logic
looks
like.
C
B
D
Way,
I
don't
feel
super
strongly
about.
Well,
I
think
I
I
lean
towards
liking
the
process,
separation
right
and
keeping
keeping
the
whole
builder
binary.
As
you
know,
strictly
you
know,
even
just
for
internal
factoring
reasons.
You
know,
sort
of
strictly
separate
from
the
thing
that
runs
stack,
packs,
so
platforms
can
choose
to.
You
know,
never
have
to
deal
with
that
code
path
if
they
want
to,
but
I
could
like
I'm
not
going
to
block
the
pr
on
it
as
long
as
the
internal
factoring
of
the
builder
itself.
D
D
B
Oh,
the
yeah,
the
separate
phase
would
require
a
separate
container
and
then
you
would
lose.
There
would
be
no
way
to
carry
forward
the
changes
that
you
made
to
the
to
the
image
during
the
stackpacks
phase.
Unless
you
also
gave
privileges
to
the
next
phase,
so
you'd
be
you'd,
be
in
trouble
there.
You
know,
you
know
what
I'm
saying
like.
If
you.
A
B
C
B
C
B
That
was
more
like
it
was
just
really
easy
to
do
it.
That
way,
because
there's
like
two
lines,
different
and
or
maybe
maybe
a
little
bit
more
than
that,
but
like
how
it
loops
over
the
build
packs
and
how
it
sets
up
the
cmd
to
execute.
And
all
that
was
exactly
the
same.
So
yeah
like,
like
you,
said,
there's
other
ways
to
accomplish
what
I
don't
want
is.
A
C
D
I'm
yeah
I'm
worried
about,
like
we
put
some
logic
in
either
the
privilege
builder
or
the
unprivileged
builder,
and
just
just
just
purely
as
like
a
as
a
potential
for
introducing
bugs
it.
It
applies
in
you
know
one
case
in
other
case
without
us,
without
sort
of
clean
separation
between
the
two,
but
as
long
as
there's,
you
know
really
sufficient
separation
at
the
library
level,
then
I'm
not
going
to
block
if
emily.
D
If
you
feel
strongly
that
it
really
should
it's
too
complicated
to
have
an
interface
where
you
know
the
platform
decides
what
binary
to
invoke,
then
I
I
I
think
I'll.
I'm
I'm
definitely
willing
to
compromise
on
it
being
one
binary,
but
if
you
have
information
on
how
we're
we're
like,
I
know
we're
talking,
this
is
easier
for
the
privilege.
B
D
B
So,
let's
make
builder
exactly
like
creator
where
you
get
you
can
do
it
either
way
like
there's
a
builder,
you
know
like
a
top-level
builder
and
that's
sort
of
the
one.
That
is
the
default
that
you
go
to
and
it
just
does
everything,
but
we
can
generate
two
other
binaries
that
are
like
root
builder
and
or
like
privilege,
builder
and
unprivileged
builder,
or
something
like
that.
A
D
Make
it
have
have
always,
essentially
you
could
you
could
make
one
that
that
does
this
runs
this
yeah?
I
don't,
I
think,
that's
I
still,
although
not
very
strongly.
You
know
what
like
the
separate
binding
areas
that
do
one
feels
very
unixy.
I
guess
I
have
separate
binaries
that
just
do
exactly
one
thing,
but
that,
if
you
know
it
would
make
me
feel
better
if
there
was
a
binary
that
could
just
be
the
builder
and
then
a
binary
that
did
the
root
thing
and
then
without
having
to
invoke
the
other
binary.
D
It
could
also
execute
the
same
logic
as
in
that
builder,
that
that
feels
better
than
not
having
that
other
binary
that
doesn't
have
the
other
stuff
as
an
option
at
all.
Right,
but
again,
not
not
super
strongly
opinionated
at
this
point,
as
long
as
there's
really
clean
separation
at
the
library
level,.
C
D
I
think
there
are
some
usability
concerns
right
with
like
now.
You
can
write
everywhere,
but
if
you
ignore,
if
you
ignore
that
and
just
focus
on
the
security
thing,
there
are
some
in
container
exploits
that
are
easier
if
your
local
root
right,
especially
if
you
don't,
if
you're,
not
mapping,
I
mean,
if
you're
mapping
in
container
route
to
another
user,
then
it's
it's.
D
You
know
not
so
bad,
but
there
are
capabilities
that,
if
you
accidentally
grant
to
the
container,
you
can't
do
much
with
if
you're
a
normal
user,
but
you
can
do
you
know
if
you
have
net
admin
right,
you
can
do
some
pretty
crazy
things
with
this
route.
It's
it's.
Definitely
if
every
other,
you
know
thing
is
set
up
perfectly
great
right:
it's
not
a
problem
and
many
docker
file
builds.
D
You
know
conoco,
I
think,
executes
his
root
right
in
the
container,
so
we're
definitely
being
very
paranoid
about
it,
but
the
you
know
I
given
that
this
is
sort
of
a
thing
we're
designing
for
really
large
platforms
to
run
lots
of
untrusted
code.
Where
you
know
every
third
build
pack
is
a
cryptocurrency
miner
right.
The
I
want
to
be
very
careful
about
not
having
any
privileges
in
places
where
we
don't
need
them.
If
that
makes
sense,.
B
I'm
going
to
keep
doing
that
in
the
proof
of
concept,
and
then
I
think
we
can
dig
into
it
in
the
code.
You
know
like
take
a
look
at
like
once
like.
I
definitely
need
to
make
the
library
separation
and
then
take
a
look.
We'll
take
a
look
at
what
the
binary
looks
like
I'll.
I
might
actually
push
up
a
layer
from
where
it
is
so
that
it
is
very
much
like
creator
and
then
we'll
just
see
if
that
you
know
meets
your
expectations
or
your
makes.
You
happy.
D
A
D
D
C
The
delta
of
changes
on
the
run
image
should
be
exactly
the
same
as
if
just
mix
and
name
was
on
the
run
image.
I
think
we
use
it
to
sometimes
mean
a
slightly
different
set
of
changes
that
don't
correspond
to
a
paired
set
on
build,
or
something
like
that.
I
feel
like.
If
you
want
a
slightly
different
set
of
changes,
you
should
just
have
to
have
a
different
name
for
it
and
therefore
run
colon
name
should
describe
the
same
thing.
Name
does
in
the
context
of
a
single
image.
D
C
D
C
D
There
are
some
weird
cases
like
I'm
going
to
give
you
an
example,
but
I'm
not
pushing
back
on
that
change
like.
Let's
just
do
that,
because
I
think
in
the
case
of
ubuntu
packages,
it's
not
going
to
matter
that
much
because
a
package
name
literally
means
install
this
package,
but
there
are
some
cases
like
you
know
you
mentioned.
Well,
if
you
want
the
dev
package,
you
just
get
the
dev
package.
D
If
you
want
the
not
dev
package,
you
get
the
not
that
package,
but
the
dev
package
actually
installs
the
not
dev
package
right,
and
so
you
having
the
dev
packages
build
only
and
having
the
regular
packages
not
build.
Only
you
know,
you'd
see
those
on
the
images
and
the
regular
package
would
imply
the
contract
across
the
stack.
So
it's
not.
D
There
are
some
cases
where,
like
it's
convenient
to
be
able
to
say
you
know
this
mix
and
represents
the
run
portion
of
this,
with
no
expectation
that
it's
not
in
the
build
portion,
but
in
the
context
of
a
stack
pack
receiving
the
mix
in
names,
which
is
the
only
place
this
matters,
it's
it's
not
going
to
matter.
If
we're
going
to
package
this
because
in
the
end
stackpack
just
needs
to
it's
already
on
that
image,
it
just
needs
to
install
the
package
because
we
don't
have
a
wide
use
of
mix-ins
outside
of
packages.
C
What
you're
saying
about
certain
things
implying
requirements
of
the
other
image
is
still
true,
and
I'm
not
arguing
with
that.
I
just
don't
think
that
the
name
should
describe
a
different
set
of
changes
within
a
the
run
context
or
a
build
con
or
a
build
context.
It's
like
the
difference.
It
can
mean
different
things
in
build
than
it
means
in
run,
but
I
think
run
colon
on
a
run
image
shouldn't
mean
something
different
than
the
name
on
a
run
image.
D
Okay,
and
that
means
that
stackpacks
receive
unprefixed
information
and
okay,
I
will
make
the
change
to
the
rfc
this
week.
The
next
discussion
is
what
I
was
more
worried
about,
or
the
thread
under
that
we
had,
which
is
in
the
stack
definition.
We
still
need
the
prefixes
in
order
to
imply
the
contract
between
the
stacks,
and
I
thought
you
were
saying
you
wanted
to
drop
that
and
that's
that's
the
thing
I
was
most
worried
about,
because
that'd
be
a
really
big
breaking
change.
C
On
the
fence
about
dropping
that,
I
feel
like
yes,
if
a
certain
package
exists
on
the
build
image,
there
are
things
that
can
be
built
on
that
image
that
then
put
requirements
in
order
for
them
to
run
successfully.
On
the
run
image
like
I
agree
with
you
that
there
is
a
contract
between
the
between
the
images
when
you
have
a
particular
mix
in,
I
guess
my
question
was:
does
that
contract
matter?
If
none
of,
if
the
mix-in
isn't
used
by
any
build
packs
like?
C
In
the
case
you're
talking
about
where
an
app
needs
image
magic,
there's
a
mixing
requirement
that
nobody
has
expressed
right.
So
you
could
try
to
build
that
on
a
build
image
that
doesn't
have
image
magic
and
you
won't
find
out
until
it
fails.
But
what
you're
saying
is,
if
it
succeeds,
it
should
keep
succeeding.
D
The
user
has
the
user
has
decided
to
use
that
mix
in
by
selecting
a
stack
image
that
has
it
or
or
eventually
you
could
say,
the
user
could
just
put
something
in
project
tamil
that
gets
sent
to
the
mixon's
requirement
and
then
the
mixing
gets
installed
automatically
right.
But
I
don't
think
that's
always
the.