►
From YouTube: Community Meeting, August 30, 2022
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everybody
Welcome.
This
is
the
kcp
community
meeting
August
30th
2022.
If
this
is
your
first
time
here,
we
are
using
a
GitHub
issue
for
our
meeting
agenda.
Let
me
paste
the
link
into
the
chat,
please
feel
free
to
add
items
as
comments
and
we
will
go
from
the
top.
So
Paul
you
were
asking
Adam
if
he
wanted
to
talk
about
this
issue
at
the
meeting,
so
I
see
Adam
you're
here
any
interest.
A
Yes,
absolutely
all
right.
So
why
don't
you
just
give
an
overview
of
what
you've
got
in
here
and
we
can
talk
about
it.
Sure.
B
So
my
team
is
building
basically
tecton
as
a
service
on
top
of
kcp
and
one
of
the
most
common
workloads
that
we'll
be
running
on
our
services.
Building
a
container
image
and
those
generally
require
some
level
of
elevated
pod
security.
Permissions
build
up,
for
example,
at
minimum.
B
It
needs
set
fcap
to
be
used
Upstream,
it's
even
more
egregious
I-
think
the
build
a
tecton
hub
task
right
now
like
ask
for
a
privileged
container,
which
we
probably
won't
want
to
allow,
but
that's
the
sort
of
the
kind
of
things
that
we're
trying
to
weigh,
and
so
our
challenge
is
twofold.
B
One
is
just
for
like
any
kubernetes
managing
and
providing
options
where
the
Pod
security
admission
namespace
labels
can
be
synced
in
some
capacity
or
controlled
by
something
and
setting
appropriate
safeguards
around
that
and
the
second
one-
and
this
is
probably
more
out
of
scope
for
for
kcp
in
because
it's
open
to
specific,
is
then
dealing
with
openshifts
security
context
constraints.
B
So
there's
been
a
little
bit
of
discussion.
That's
happened
since
I
filed
this
issue.
Sec
is
probably
going
to
be
out.
We
are
right
now
kind
of
are
working
around
it.
Just
because
of
the
nature
of
tecton,
in
order
to
run
our
service
like
we
have
to
deploy
specific
workload
clusters
that
are
configured
with
the
openshift
pipelines
operator
and
that
provides
us
with
secs
and
kind
of
like
default
service
accounts
that
make
it
easy
to
do
this.
B
But
at
the
same
time
those
are
giving
us
potential
security
attack
vectors
that
we
want
to
try
and
mitigate.
So
I.
Think.
The
main
one
here
for
us
that
we
want
to
try
and
deal
with
is
how
we
can
sort
of
or
drive
the
discussion
around
pod
security
admission
labels.
C
Okay,
this.
A
Is
not
something
I've
looked
at
before
I
know
it's
new
and
stuff
on
you
had
suggested
surges,
get
involved.
B
A
B
A
Feel
free
yeah,
so
I'm
not
going
to
be
the
one
to
schedule
that
meeting.
So
if
Adam,
if
you
would
mind
taking
ownership
on
that,
that'd
be
awesome.
A
A
A
So
it
sounds
like
we
need
sergius
around
anything
else
that
you
know
wanted
to
chat
about
on
this
one
before
we
move
on
to
the
next
topic.
A
Oh
okay,
cool!
Well
thanks
for
bringing
that.
Hopefully
we
can
get
to
some
direction
that
will
be
useful
for
you
and
not
make
things
harder
right,
all
righty.
So
that
was
the
first
item
next
up
and
then
we
have
a
couple
comments
on
this
one.
So
varsha.
Let
me
pull
this
one
open
and
let's
talk
about
the
client,
scoping
calls
and
I.
Think
Steve
probably
can
be
involved
here
as
well
so
Barsha
over
to
you.
E
Yeah
I
think
for
the
past
a
few
weeks
we
saw
that
a
bunch
of
refactoring
PRS
have
been
going
on.
Those
were
related
to
scoping
client
calls
in
kcp,
which
basically
removed
the
cluster
interface
and
the
cluster
column
kcp
and
Cube
types.
So
the
idea
which
we
initially
followed
was
either
scoping
the
context
or
passing
the
rest
config
with
a
modified
host.
Since
the
past
few
weeks,
we
had
refactored
a
bunch
of
packages
in
kcp,
but
unfortunately
we
still
need
cluster
interface
for
the
listers
and
the
informers.
E
So
it
didn't
make
sense
to
do
the
rework
of
keeping
on
modifying
and
refactoring
the
code
when
there
is
no
way
for
us
to
actually
stop
the
use
of
cluster
interface
right
away.
So,
based
on
a
discussion
with
Steve,
we
decided
that
it
would
be
nice
to
put
a
hard
stop
on
whatever
we
are
doing
on
client
scoping
right
signal
and
pick
this
up
when
the
Lister
and
Informer
gen
is
already
done.
So
that
will
make
us
easier.
E
A
little
bit
of
refactoring
is
needed
right
now,
but
it's
more
easier
to
do
it
at
once
when
we
remove
the
fourth
code,
generator
right
away,
and
then
we
can
refactor
it
at
once,
and
apart
from
that,
there
were
also
concerns
in
terms
of
this
not
being
pretty
clear
for
the
users,
because
cluster
scope
context
is
kind
of
a
convoluted
idea
which
the
operator
authors
may
not
be
much
aware
of.
So
Steve
was
also
working
on
another
PR,
which
created
which
had
a
modified
approach.
E
So
considering
all
those
cases
it
was
decided
to
put
a
hard
stop
with
the
client
scoping
modification,
at
least
for
0.8
Steve.
You
can
probably
add
more
context
if
you
need,
but
this
was
a
quick
update
on
this
particular
Epic.
A
So
Steve
you
have
a
Google
doc
that
might
be
worth
I've
got.
The
link
might
be
worth
at
least
commenting
in
this
issue.
That's
cool
with
you!
I
can
just
paste
it
in
yes,.
F
Yeah,
so
it's
definitely
still
work
in
progress.
We're
looking
for
feedback,
especially
if
you've
gone
through
the
process
of
taking
an
existing
controller,
that
is
single
cluster
scope
and
then
migrating
it
to
multi-cluster
scope
like
what
that
looked
like
did
you
expect
to
build
on
top
of
your
existing
one?
Are
you
trying
to
have
the
same
code
base
in
between
both
contacts?
F
It's
like
everything
around
ergonomics,
there
I
think
we'd
love
to
hear
feedback
and
then
there's
this
a
specific
prototype
in
API
Machinery
pool
where
okay
there's
a
couple
rough
edges
around
like
how
we
use
all
of
this
stuff
and
what
we
expose.
F
If
it's
a
it's
a
bit
dense,
do
you
think
we
should
run
through
it
in
here?
Should
we
just
like
ask
people
to
come?
Look.
A
I'm
happy
to
go
through
it
if
folks
are
interested,
but
you
are
right
there
there's
a
lot
here.
So
if
it's
easier
for
people
to
look
at
this
on
their
own
time
and
provide
some
feedback,
I
think
that
could
work
as
well.
I
would
encourage
you
all
if
you're
interested
to
to
look
at
the
files
that
have
been
changed
and
look
at
this
example
main
function.
A
That
is
in
here
for
what
it
looks
like
to
interact
with
things
that
are
both
cluster
scoped
and
namespace
scoped,
where
you
may
be
just
kind
of
doing
things,
the
old
way
where
you,
once
you
Scope
to
a
particular
logical
cluster
or
workspace,
then
everything
is
just
normal,
so
to
speak
or
deferring
scoping
until
later.
So
I
think
there's
good
examples
in
here
that
can
make
it
a
little
bit
more
I,
don't
know
digestible
than
this
big
lift
here.
Yeah.
F
That
was
more
for
more
for
us
and
I.
Think
one
of
the
big
questions
that
I
might
have
to
do
like
a
little
bit
of
a
existing
literature
review
to
see
how
often
people
use
the
like.
How
often
are
people
scoping
a
client
to
a
particular
namespace
and
then
using
that
are
there
controllers
that
always
expect
to
be
in
the
same
name
space
regardless
of
the
installation?
F
Does
that
even
make
any
sense,
because
it
I
think
the
biggest
tension
just
comes
between
existing
code
that
expects
to
be
within
a
particular
namespace
and
what
that
means
for
a
cross-cluster
context.
F
But
yeah
feedback
is
greatly
appreciated
and
even
if
this
has
been
ergonomics
of
things
that
you've
done
in
kcp
itself,
because
we're
using
both
approaches
now
with
Marsha's
work
and
so
yeah.
A
A
All
right
next
up,
we
have
Lou
about
the
catalog
design
overview.
G
Yes,
hi
everyone
I'm.
Sorry,
there's
also
a
duplicated
comment
for
me
on
that:
it's
okay,
that's
right!
It's
the
same
story,
so
yeah
I
did
want
to
give
just
a
quick
introduction
to
the
new
catalog
API
that
Russia
and
nice
have
been
working
on
for
the
past
couple
weeks
under
the
guidance
of
Andy
and
Stefan
here.
This
is
just
and
there's
obviously
a
new
report
that
you
can
see
here
the
catalog
people
that
we
currently
try
to
push.
G
So
it's
just
a
new
API
that
we
try
to
develop
that
kind
of
fuel
in
the
gap
between
the
API
export
and
API,
padding
that
we
could
only
have
it's
calculate
laying
on
top
of
the
API
export,
because
having
references
to
the
API
export
that
we
have
here
and
then
eventually
we'll
be
mechanism
to
biding
this
kind
of
information
to
create
API
biting
I'm
able
to
using
the
API
in
your
workspace-
and
this
is
pretty
much
just
the
concept.
Catalog
is
rather
applicable
formula
for
everyone
here.
G
I
guess
this
is
basically
a
collection
on
the
API
that
available
on
the
cluster
for
you
to
use.
G
If
you
ever
want
to
use
it
in
this
kept
facilitating
early
to,
you
know,
get
the
information
that
you
need
from
the
API
export
but
at
the
same
time
adding
some
additional
information
that
can
be
helpful
from
a
UI
console
perspective
that
you
can
see
a
lovely
UI
with
you
know,
information
that
you
need
about
the
API
that
you
want
to
use
and
eventually
binding
that
into
the
workspace
that
you
have
decided
using
it
in
and
at
the
moment
everything
still
pretty
pretty
early
stack
and
put
that
way.
G
There's
still
a
lot
of
changing
on
the
spec
that
happening
in
this
particular
PR
that
you
know
Andy
and
everyone
have
in
common
on
that
and
then
pretty
much
pushing
changes
pretty
much
daily,
hourly
to
some
extent
to
keep
everything
address
and
up
to
date
them
as
possible.
So
we're
just
having
a
few
current
tasks
here,
just
to
basically
sketch
out
API
and
get
the
feedback
on
that
and
see.
G
What
do
we
need
to
have
in
in
relation
to
apexport
and
also
iteration
with
the
API
biting
that
we
need
to
have
to
make
sure
that
the
user
can
see
the
information
that
they
need
to
to
have
to
make
a
informed
decision
if
you
want
to
use
it
or
not
kind
of
a
thing,
and
also
simple
workflow
from
the
cui
command
perspective,
to
just
basically
create
API
writing
basing
on
in
basing
on
the
information
on
the
catalog
entry
that
we
have
here
and
that
pretty
much
the
code
and
going
on
work
that
we
have
been
working
on
for
this.
G
But
this
specific
PR
and
hopefully
I,
have
to
accomplish
this
current
task.
We're
gonna
March
this
PR
for
the
first
step,
and
then
there
are
future
tense.
After
that,
we
try
to
expand
this
a
bit
further
with
a
certain
thing
that
you
know
having
more
domain
to
facilitate
more.
You
know
useful
feature
for
that,
and
also
having
kind
of
a
controller
to
adding
cell
and
Reconciliation
process
to
this
particular
API.
G
You
know,
validation
and
all
sort
of
you
know:
life
cycle
management
of
that
API
and
so
on,
and
also
to
okay
up
elevating
this
API
a
bit
further.
To
make
us
a
little
bit
having
certain
separation
from
the
API
export
as
well
at
the
moment,
is
relying
pretty
heavily
on
some
of
the
API
and
cap
references
on
the
API
export
itself
to
make
sure
that
we
can
cap
link
them
together
in
the
future.
G
We
probably
just
want
to
keep
it
Kappa,
a
separate
identifier
that
you
can
link
it
to
apexbox,
but
without
Expo
the
ABX
Xbox
too
much,
given
the
fact
that
the
user,
technically
speaking,
doesn't
need
to
know
about
export.
That's
something
that
the
Qatar
entry
can
find
the
references
to
without
need
to
export
a
bit
more
than
where
it
is
and
what
have
other
you
know,
sensitive
information
that
associated
with
Dave
export
that
we
do
not
wish
to
expose
too
much
and
licking
it
too
much.
G
But
at
the
moment
it's
just
pretty
much
about
the
device
back
in
the
initial
Cy
command
to
make
it
create
a
simple
workflow
out
that
and
that
pretty
much
what
and
I
have
been
working
on
and
I
just
want
to
make
an
introduction
here
for
everyone
if
they
interested
in
this
API,
if
you're
free
to
having
any
common
other
PR
any
cap,
you
know
passion
between
the
product
on
the
dance
lab
and
we
will
you
know,
guide
you
and
you
know
if
you
want
to
contribute,
that's
even
better
and
that
pretty
much
the
main
Taco
today.
A
Thanks
Foo
so
just
to
re-highlight
what
we
was
saying
at
the
end,
if
you're
not
familiar
with,
why
we're
doing
this?
A
It's
because
we
we
don't
want
users
to
necessarily
have
to
know
the
details
about
individual
API
exports
across
a
handful
or
dozens
or,
however,
many
workspaces
that
they
may
come
from,
and
so
this
offers
a
way
to
centralize
apis
and
services
that
are
available
on
kcp
as
a
platform
and
So
within
a
single
workspace
that
has
catalog
entries
or
you
know,
within
a
single
catalog,
so
to
speak,
it
can
have
pointers
to
exports
coming
from
lots
of
different
workspaces.
So
that's
the
motivation,
among
other
things,
Paul
go
ahead.
A
C
G
Yeah
I
did
mention
on
the
west
API
catalog
a
little
bit
the
fact
that
we
tried
using
workspace
concept
to
encapsulating
the
collection
of
you,
know,
collection
of
catalog
entry
and
if
you
want
a
catalog
with
the
setup
Capital
entry
and
they
basically
belong
to
one
single
catalog
and
if
you're
having
you
know
one
having
another
catalog,
you
can
having
another
workspace
and
you
know
adding
more
entry
into
it.
That's
currently
the
separation
of
what
it
means
to
be
your
catalog
at
the
moment.
So.
C
Since
we
will
probably
have
services
from
one
tenant
that
are
being
offered
to
users,
that
would
be
in
a
different
tenant.
Is
that
a
conversation
on
how
you
would
expose
catalog's
cross
workspace?
C
Has
that
already
been
captured
in
comments
somewhere?
I
can
just
go
and
read.
A
D
So,
basically,
the
excess
permissions
of
the
global
workspace
make
sure
that
not
everybody
can
blindly
submit
something.
So
it's
more
like
a
submission
order
for
Global
availability
and,
of
course,
every
every
tenant
can
have
their
own
workspace,
which
has
those
entries
and
can
use
that
easily
and
can
have
their
own
causes
of
submission
and
auditing
or
whatever
is
necessary,
but
basically
creating
a
network.
Entry
is
privileged,
there
might
be
imposes
on
top,
which
makes
it
available
for
everybody
to
submit
okay.
So
if
you.
C
D
D
System
to
bind
again,
this
is
based
on
exports,
so
everything
about
permissions
to
do
The,
Binding
actually
is
then
another
step
after
visibility
and
using
a
CLI.
So
this
is
most
remote
visibility.
If
we
talk
about
security
here,.
C
Go
ahead,
Joe
I
was
just
curious
if
there's
a
notion
of
and
I
know,
there's
like
mentions
of
the
word
grouping
here
but
like
in
terms
of
like
a
group
of
API
exports
that
someone
might
want
to
consume.
Some
monatomically
like,
for
example,
cert
manager
has
both
issuers
and
certificates
and
it
might
not
make
sense
to
import
a
certificate
without
an
issue
or
vice
versa.
So
it's
making
I
don't
know
if
this
is
a
good
question
for
this
topic.
A
A
The
the
next
level
up
is
well
what,
if
I
need
multiple
API
exports
together
to
consider
that,
like
a
logical
unit
or
service
and
there's
a
discussion
in
this
comment
about
export
name
as
to
whether
or
not
we
should
have
a
one-to-one
relationship
between
one
catalog
entry
and
one
API
export,
or
should
a
single
catalog
entry
support
multiple
API
exports?
A
All
right,
so,
if
you're
interested
in
in
this
topic
as
usual,
please
take
a
look
at
some
comments.
If
you
want
to
help
out
with
the
code,
that
would
be
awesome
as
well.
So
thank
you
boo.
D
So
this
topic
has
come
up
a
couple
of
times,
especially
when
you
people
join,
so
our
documentation
situation
is
not
good
and
we
have
lots
of
old
stuff.
In
the
repository
we
like
new
documentation
and
I
would
propose
an
experiment
which,
if
it
works,
we
can
repeat
it,
maybe
even
integrate
it
into
our
Sprint
process.
Every
month,
I
will
propose
to
add
two
days
of
Doc.
Only
work
talk
takes
basically
after
we
take
co8,
which
might
be
on
Friday
or
Monday,
or
something
like
that.
D
We
will
discuss
that
I
guess
at
some
point
and
on
those
two
days
which
follows
the
tagging.
Nobody
or
everybody
is,
of
course,
basically
not
to
do
any
coding,
like
only
talks,
writing
talks,
maybe
getting
YouTubes
anything
in
this
direction
as
well.
But
coding
is
basically
not
about
in
the
project
so
two
days
of
pure
dog
work,
and
if
we
decide
this
makes
sense,
maybe
we
can
start
a
Google
doc
with
issues
or
we
can
take
issues,
maybe
which
we
want
to
work
on,
that
everybody
has
something
I
would
at
maybe
one
additional
constraint.
D
Everything
people
work
on
should
be
finished
in
some
way,
and
this
depends
I
mean
PR
could
be
merged
or
mergeable,
at
least
at
the
end
of
the
two
days.
So
now
that
we
start
stuff-
and
it's
just
laying
there
like
our
readme
work,
we
have
written
API,
I
think
up
four
months
or
these
weeks
you
will
try
to
close
those
things
so
two
days
and
after
the
days
things
should
be
virtual
and
freshness
is
something
we
should
do.
A
I,
like
the
idea
I,
don't
think
we
can
do
it
without
at
least
a
little
bit
of
coordination.
So
I
like
your
idea
of
some
sort
of
document
or
some
way
to
organize
who's,
doing
what
we
could
do
that
we
could
have
a
GitHub
project
where
we
file
issues
and
order
them
in
different
columns.
If
that
makes
sense,
I
see
Paul
maybe
has
some
ideas
there
so
over
to
you,
Paul
yeah.
F
Good
documentation
will
take
review
and
so
I
just
want
to
make
sure
that
we're
putting
enough
time
in
there
so
that
there's
actually
like
back
and
forth
and
not
just
this-
is
a
document.
I
wrote
we
merged
it
I,
but
at
the
same
time,
I
get
that
you
know
asking
for
three
or
four
days
is:
is
harder
but
I,
don't
know
four
four
half
years
it.
F
A
All
right
so
I
think
if
we
proceed
with
this
before
so
like
we're,
gonna
tag
0.8
and
then
we're
going
to
start
a
couple
of
Doc
days
before
we
get
to
that
point.
We
should
have
a
list
of
topics
and
rough
assignees
so
that
it's
not
everybody
doing
the
same
thing
or
not
having
any
idea.
What
to
work
on
come
next
week.
A
Yeah,
so
how
do
you
all
want
to
track
topic,
ideas
and
organize
this?
Is
it
does
a
Google
doc
make
more
sense,
or
should
we
try
to
use
a
project
board
in
GitHub.
A
Okay,
so
I
can
set
up
a
board
for
this
or
a
portion
of
a
board.
F
A
Okay,
so
before
we
tag,
0.8
I
will
get
a
board
set
up
and
try
to
pull
issues
in
that
we
already
have
and
see
about
adding
some
more.
This
is
open
to
anybody,
so
you
don't
have
to
wait
for
me
to
do
that.
If
there's
a
specific
feature
or
part
of
kcp
that
you'd
like
to
see
documented
or
to
see
the
documentation
improved,
please
just
file
an
issue.
You
can
go
to
new
issue.
A
Will
I,
don't
know
you
could
pick
a
template
or
just
do
a
blank
issue.
I
mean
it's
not
really
like
a
bug
report
so
and
if
you
do
feature
requests,
yeah,
I,
don't
even
it's
not
this!
So
I
would
just
open
up
a
blank
issue
and
to
slash
kind
documentation
in
your
description
or
in
a
comment,
and
then
that
will
get
the
label
set
up
appropriately.
If
you
don't
have
labeling
permissions,
all
right.
A
Okay,
anything
else
on
Doc
days
before
we
move
on.
A
Okay,
so
we
talked
about
this
one
already
so
okay
to
skip
over
it,
Steve,
yep,
okay,
so
I
wanted
to.
Let
folks
know
that
a
pull
request
has
merged
to
to
Maine,
which
lets
you
do
quota
of
things
that
are
cluster
scoped
so
right
now
this
is
the
docs.
A
So
inside
a
workspace,
you
create
a
namespace
called
admin,
and
then
you
create
a
resource
quota
instance,
and
you
put
this
annotation
on
there
and
then
you
can
do
object,
count
quota
for
both
namespace
and
cluster
scope
resources,
if
you
do
it
on
a
namespace
scope
resource
like
a
config
map.
This
will
count
and
limit
instances
across
all
namespaces
in
that
workspace
and
if
it's
a
clusterscope
resource
it
will
just
limit
instances
at
the
cluster
level
or
at
the
workspace
level.
A
So
this
should
work
for
like
if
you
want
to
quota
how
many
namespaces
you
can
have
or
how
many
work,
how
many
child
workspaces
you
can
have.
This
should
do
that.
There
is
an
end-to-end
test
for
this
that
validates
that
it
works.
There
may
be
some
edge
cases
here
and
there.
So
if
you
try
this
out
and
you
run
into
any
problems-
please
let
us
know,
but
this
right
now
we
can
do
both
normal
namespace
scope
quota,
where
you
can
set
a
resource
quota
in
any
namespace,
that's
already
there.
A
The
new
feature
is
just
for
being
able
to
do
things
at
the
the
workspace
or
cluster
scope.
So
please
try
it
out.
Let
us
know
how
it
goes.
It
is
marked
experimental
and
The
annotation,
because
we're
not
certain
that
this
is
going
to
be
the
final
solution
so
rather
than
promising
that
it
is.
We
went
with
experimental
here,
but
it's
I'm
excited
that
it's
there.
So
please
try
it
out
foreign.
C
Yes,
hi
hi
everyone,
so
I'm
trying
to
install
Kennedy
on
top
of
kcp
and
one
other
thing
that
is
missing
currently
in
kcp
is
DNS
resolution,
so
connective
rely
on
a
lot
of
service
discovery,
and-
and
so
this
PR
is
really
about
adding.
You
know
DNS
resolution
in
physical
cluster
right
so
like
mapping,
workspace
newspapers
to
physical
and
spaces.
C
It
has
like
a
a
change
in
the
kind
of
user-facing
command,
like
it
adds
a
new
DNS
image
right.
So
you
have
like
a
new
argument
on
the
kcp
Sinker
I
think
yeah
this
one,
because
it's
so
basically
what
it
does
it
creates
so
before
you
had
to
create
only
a
sinker,
but
now
you
need
to
create
a
sinker
and
a
DNS
part
right.
E
A
Thanks
yeah,
this
has
been
on
my
to-do
list
to
take
a
look
at,
but
I
have
not
had
time
yet
so,
hopefully
I
can
get
there,
and
if
anybody
else
has
core
DNS
background
networking
background,
please
take
a
look.
We
will
do
our
best
to
get
some
more
eyes
on
this
as
soon
as
we
can
and
thank
you
for
putting
this
together,
you're
welcome
any
any
questions
or
comments
for
Lionel.
C
A
Thank
you
yeah,
so
the
I
had
filed
this
issue
back
in
February
about
if
you
have
a
pod
in
namespace
one
and
it's
referencing
a
service
in
some
other
namespace.
In
this
case
too,
because
we
changed
the
names
of
the
namespaces
When
We,
sync
things
down
to
a
physical
cluster.
How
would
that
work
so
that
answers
your
question
Paul,
that
this
is
doing
that
mapping
in
accord
DNS
right.
A
Yeah,
okay
and
then
we
have
a
related
issue
about
that.
You
had
filed
final
about
wanting
to
do
this
with
if.
A
The
same
namespace
so
yeah
this
is
cool,
I'm
glad
to
see
this
and
folks,
please
try
it
out
if
you
can
and
give
some
feedback
and,
like
I,
said,
we'll,
try
and
get
eyes
on
this
as
soon
as
we
can,
but
it
may
be
after
we
tag
0.8
at
the
end
of
the
week.
A
Great,
thank
you
all
right.
Any
other
topics
that
anybody
wants
to
chat
about
before
we
go,
take
a
look
and
just
do
issue
triage.
A
A
This
one
just
needs
to
be
looked
at:
fixed
I,
don't
know
the
priority
on
this
one,
so
the
the
controller,
that's
failing
is
one.
That's
creating
a
what
was
this
I
think
it
creates
a
config
map
that
folks
are
supposed
to
use
if
you're
doing
web
hooks
for
getting
the
ca.
A
So
we
probably
should
fix
this,
because
the
other
option
is
just
to
disable
this
controller,
but
I
I
think
it
sounds
like
we.
C
A
Yeah
yeah
all
right,
I'm
gonna,
put
TBD
and
when
we
do
zero,
nine
planning,
maybe
we'll
pull
it
in.
A
Priority
wise
Steve,
since
you
filed
this,
is
TBD
okay,
or
do
you
want
to
try
and
pull
this
into
zero
nine
preemptively.
F
C
A
Some
of
this
has
to
do
with
the
work
I
did
a
while
ago,
just
getting
crds
and
bindings
and
whatnot
working
and
I
think
I
might
have
left
it
to
do
somewhere
that
you
know
oops.
We,
we
don't
have
open
API
for
bound
crds,
I'm
gonna
put
this
on.
D
D
But
if
somebody
wants
to
look
into
that
I'm
happy
to
give
pointers.
C
F
I
also
I
think
obviously
having
this
dynamically
for
Bound
apis
in
a
workspace
would
be
awesome,
but
I
think
for
people
trying
to
wrap
their
brain
around
kcp
itself.
Having
this
even
in
a
semi-static
published
state
would
be
awesome
just
so
they
could
explore
the
API
visually
generate
clients
for
non-go
sdks,
just
for
our
built-in
type
stuff.
You
know.
A
C
A
C
Fun,
so
let
me.
C
A
The
if
you
all
disagree
or
have
comments
on
anything
here,
please
speak
up.
A
This
one,
oh
yeah,
so
this
is
one
where
you
have
an
API
binding.
It's
valid.
It's
all
good!
You
create
a
second
binding
that
conflicts
with
the
first,
so
the
second
one
is
not
valid
because
it
has
naming
conflicts.
You
delete
the
first
one.
A
The
second
one
in
theory
should
be
resolved
and
not
have
any
conflicts
anymore,
but
it's
not
processed.
Unless
you
wait
for
the
resync
to
come
in
or
you
label
The
Binding
or
do
something
to
get
it
updated
to
be
reprocessed.
So
this
is
just
about
being
a
little
bit
more
aggressive
with
processing
things.
A
C
A
That's
this
is
this
is
definitely
a
good
first
issue
if
folks
are
looking
for
starting
to
contribute.
A
So
we
have
the
ability
to
turn
on
or
off
the
built-in
go
P
Prof
profiler
for
the
kcp
binary
process,
but
we
don't
have
that
for
the
Standalone
virtual
workspaces
server
or
the
front
proxy
and
I've
I've
put
in
a
link
here.
I
guess
we
have.
We
do
have
somebody
who's
interested
in
working
on
this,
so
we'll
see
if,
if
it
doesn't
come
through,
it
could
be
available.
But
I
forgot
about
that
sorry,
All
Right,
Moving
On.
We
have
a
request
to
add
a
workspace
tree,
sub
command.
C
A
A
Oh,
this
was
one
of
my,
like
the
inverse
permission,
claim
thing
that
we
were
talking
about
stuff
on.
So
the
idea
here
is
that
I'm,
an
API
provider
I
own
an
API
export
I
own,
the
schemas.
A
You
are
a
consumer
of
my
API
and
when
you
consume
my
API
I
want
to
provision
and
manage
some
things,
maybe
their
resource
quotas
or
config
Maps
or
who
knows
what
and
I
want
to
create
those
things
in
your
workspace,
and
even
if
you
have
cluster
admin
in
your
workspace,
you
are
not
allowed
to
edit
these
things.
So
I
think
sergius
is
working
on
that.
C
A
Okay,
we
have
a
label
length
exceeded
yeah
if
anybody's
interested.
This
is
probably.
A
A
C
A
Let's
see
make
this
easier,
these
two
are
definitely
just
TD,
so
this
one
is
about
getting
rid
of
getting
rid
of
our
mappings
file
that
the
front
proxy
uses
and
instead
of
having
Flags
for
that,
and
then
this.
This
is
a
good
first
issue
as
well.
A
So
inside
of
this
file,
once
my
PR
emerges
because
it's
new
just
turning
the
log
here
saying
starting
virtual
workspaces
server
to
include
the
full
command
line
with
all
parameters
instead
of
just
this
one
index,
so
that
is
the
end
of
those
and
let's
look
at
the
Milestone
epics
priority.
In
fairness,
Mike
I,
see
you're
here.
Do
you
have
an
update
on
any
big
going
on
there?
Yeah.
C
Jamie's
been
looking
at
the
thing
that
emerged
for
the
quota
and
I.
Think
he's
got
enough
of
an
understanding
that
he's
ready
to
start
trying
it
for
the
analogous
thing
for
APF.
Okay,.
A
Awesome
so
we
have
that,
for
oh
I,
mean
I
realize
that's
now
scheduled
for
zero,
nine,
which
is
good
because
I
doubt
it'll
get
in
by
the
end
of
the
week
right,
but
thank
you
for
the
update.
I
do
really
appreciate
it
all
right
so
multi-release,
epic
sharding.
Where
are
we
with
0.8?
For
here?
It.
C
So
yeah
so
at
the
moment
I'm
working
on
the
cache
server.
So
you
know
the
server
will
host
resources
that
are
required
by
other
shards.
So
the
ADI
is
instead
of.
C
C
For
the
current
thinking,
not
really
some
some
thoughts,
but
nothing
really,
it
would
probably
be.
A
F
A
Export
permissions
on
finding
I
know
Sean
has
been
pulled
back
into
his
day
job,
so
to
speak.
So
we
did
this
one.
Thank
you
Sean
and
Nolan
on
that.
That's
awesome,
I
think
we
probably
need
to
come
back
here
and
decide
what
we
need
here.
I
mean
given
the
amount
of
time
that's
available,
I
think
Stefan.
We
might
want
to
just
move
this
to
after
0.8.
Oh.
D
A
All
right,
I'll
come
back
and
look
at
this
one,
maybe
Nolan.
We
can
talk
about
this
as
a
something
you
could
potentially
work
on
and
I
think
we're
we're
basically
good
for
permission.
Claims
for
0.8,
I'll
offline
come
back
and
clean
this
up
quota
support.
We
have
this.
A
And
this
is
not
specific
to
quota,
so
the
second
one
here
we
talked
about
for
the
inverse
permission
claims
this
one
is
just
being
a
controller
and
creating
things
so
I
think
we
can
call
quota
for
right
now
done
I'll,
move
these
things
out
and
make
it
clear
they're
not
for
quota,
and
then
the
next
epic
for
quota
will
be
distributed
or
aggregated
quota,
where
you
can
Define
limits
in
a
parent
workspace
and
have
that
in
some
shape
or
form
apply
to
all
of
the
ancestors
or
about
the
ancestors.
A
So
I
will
close
this
one
out
after
the
meeting
to
do
multi-workspace
controller
development,
I
think
the
the
big
theme
there
we've
already
touched
on
in
terms
of
what
we're
doing
with
scoping
and
cluster
aware
informers
and
listers
I'm
gonna
move
this
to
0.9.
Unless
anybody
feels
like
we're,
gonna,
try
and
rush
to
finish
this
by
the
end
of
the
week,
Steve
varsha,
yeah,
all
right
and
then
the
last
couple
here:
location,
work,
spaces
and
whatnot.
D
D
Yeah,
so
maybe
you
can
add
which
one
1828
is
the
one
which
has
to
merge.
Okay
and
1779
does
not.
A
Steve
pointed
out
varsha,
you
had
your
hand
up
earlier.
When
I
was
talking
about
permission,
claims
did
I
I'm.
Sorry,
if
I
missed
you
did.
You
have
something
you
wanted
to
say.
Oh.
E
D
A
All
right
and
then
the
last
one
here
is
on
first
tunneling
I
know:
Antonio
has
been
doing
a
lot
of
work
here
and
we
have
some
PRS
up.
D
So
I
think
it's
it's
not
complete,
but
I
think
it's
a
good
step
in
between
which
we
can
merge.
D
D
A
Yeah
the
the
hand
or
the
routes
yeah,
okay,
so
I've
got
some
cleanup
stuff
to
do.
That
is
the
last
of
the
epics
for
0.8,
so
I'd
say
we're
out
of
time
and
we'll
see
y'all
next
time.
Thank
you
have
a
good
rest
of
your
day.
Thanks.