►
From YouTube: Kurbernetes SIG CLI 20220824
Description
Kubernetes SIG CLI bi-weekly meeting on August 24th, 2022.
Agenda and Notes: https://docs.google.com/document/d/1r0YElcXt6G5mOWxwZiXgGu_X6he3F--wKwg-9UBc29I/edit#bookmark=kix.xpquezpen15w
A
A
So
let's
kick
off
with
the
announcements
and
let's
get
into
version.
125
combiner
is
the
name
of
the
release
so
that
release
went
live
yesterday
on
tuesday,
the
23rd
on
schedule,
which
is
nice,
there's
a
blog
post
which
I'll
show
here
is
that
visible
to
everybody,
the
the
blog
post?
Now,
okay,
great
yes,
it
is
okay,
so
kubernetes
version
125
combiner
we've
got
our
nice
little
logo
here
and
here
are
the
major
themes.
A
Which
would
avoid
the
the
network
traffic
to
go
to
the
validating
web
books?
So
please
link
into
this.
If
you
want
to
know
more
about
that,
and
so,
let's
get
back
to,
we
have
release
notes
if
you'd
like
to
click
through
those
those
we
have
here,
which
also
specify
some
of
the
major
themes
and
enhancements
features
deprecations,
and
so
so
mate
was
helping
us
us
out
about
the
the
code.
Freeze
would
match.
A
Okay,
so
on
to
our
next
announcement,
which
is
the
contributor
summit,
kubecon
registration
has
opened,
and
I
put
the
link
in
there.
So,
if
you're
interested
in,
if
you're
going
to
kubecon
in
detroit
and
october
24th
is
the
contributor
summit,
that's
on
a
monday
the
day
before
the
rest
of
the
kubecon
convention
and
if
you'd
like
to
attend
the
contributor
contributor
summit,
that's
the
link.
You'll
want
to
click
through.
A
A
A
A
Cool
okay,
so
why
don't
we
move
on
to
introductions
where
we
provide
some
space
and
time
for
those
who
are
new
or
haven't
been
around
for
a
while
or
anyone
who'd
like
to
get
to
know
their
colleagues
in
the
six
cli
better?
You
can
introduce
yourself
and
say
hi
and
of
course,
if
you
don't
want
to
that's,
not
necessary
either.
A
C
A
B
B
Concurrently
using
it
bad
things
happened,
and
so
there's
a
few
ways
to
fix
it.
The
the
implementation
was
already
fixed
by
cloning,
the
config,
but
it
seems
to
me
that
there
might
be
many
more
users
of
this
interface
and
we
should
either
document
the
the
good
way
to
do
it,
but
to
use
it
to
provide
such
implementation
of
the
best
client
center.
B
However,
this
will
likely
not
fix
any
of
the
implementations
which
are
already
written
because
if
they
work,
then
why?
Why
read
the
doctrine
right
of
something
you've
already
done?
So
maybe
we
should
consider
cloning,
the
rest
conflict
ourselves
or
doing
something
even
more
crazy,
like
invoking
it
and
making
sure
it
actually
returns
a
new,
a
new
instance.
Every
time
this
this
interface
seems
to
get
used
or
like
something
like
this
interface
seems
to
be
used
in
in
other
places
as
well.
So
I
just
wanted
to
hear
communities
and
ideas
about
organization.
A
C
C
In
parallel
with
that,
I
would
really
like
to
see
I'm
seeing
two
possible
ways
of
addressing
this
problem
and
I'm
not
sure
which
one
would
be
the
best,
because
I
haven't
looked
that
deeply
through
code
and
which
is
feasible
in
the
first
place.
So
the
the
things
that
I
was
thinking
of
is
either
creating
entirely
new
implementation.
C
That
will
be
threat
safe
and
the
downside
is
that
we
will
have
to
maintain
two
implementations
and
sadly,
the
the
new
implementation
would
not
be
primarily
used
in
cube
cuddle,
although
it
could
eventually
or
if
possible,
add
or
fix
the
current
code
such
that
it
it
is
thread
safe.
I'm
not
100
sure
if
fixing
the
current
implementation
is
possible.
C
C
I
don't
know
it
was
like
two
three
years
ago,
maybe
even
more
so
it's
about
time.
We
we
pick
it
up
and
address
the
problems.
There's
there's
been,
there's
been
a
couple
of
them
with
regards
to
the
structure
overall
and
the
ability
to
expand
it,
and
this
is
another
case
for
for
an
overhaul
for
cbt
right,
runtime,
not
sure
if
anyone
has
any
other
opinions
or
suggestions
they
want
to
share
with
the
group.
C
Unfortunately,
it
is,
I'm
not
sure
if
we
will
be
able
to
touch
the
conflict,
because
that
particular
bead
of
bit
of
code
is
owned
by
the
big
idea
and
missionary
and
we're
we're
we're
likely
not
going
to
touch
or
modify
this
particular
bit
and
yeah.
As
you
said,
there
is
some,
let's
just
just
organic,
we
grew
and
not
everything
we
can
do,
and
maybe
just
starting
with
the
fact
that
we
will
be
explicit
about
what
the
method
is
doing.
A
A
A
A
E
E
Themselves
right
so,
printing,
a
namespace
is
catastrophic
and
in
this
case
you've
got
the
dash
and
flag
surpr
specified.
So
people
find
that
super
surprising
and
dangerous,
which
I
tend
to
agree
with.
So
my
proposal
would
be
that
what
we
can
do
is
start
emitting,
a
warning
that
the
if
we
can
go
scroll
down
to
the
proposal
there,
one
more.
A
E
They
can
specify
the
pruned
white
list
flag
themselves
with
the
same
list
that
you
know
that
we're
using
internally
as
the
defaults,
if
that
is
actually
what
they
wanted
for
the
future.
So
if,
for
some
reason
they
are
managing
a
set
of
namespaces
and
volumes
and
of
some
specific
namespaces
all
in
one
group,
they
will
still
be
able
to
do
that.
E
Then,
after
the
deprecation
period
passes
just
change
the
default.
Allow
list
so
that
the
if
the
name
space
flag
is
specified,
you
get
a
default,
allow
list
that
doesn't
have
non-new
spaces
resources
in
it.
So
it
just
removes
percent
volume
and
name
space
from
the
defaults
so
again
like
if
they,
if
they
specify
the
print
whitelist
flag,
explicitly
to
give
us
that
list
of
kinds,
then
there
would
be
no
behavior
change
at
all,
so
this
just
makes
it
safer
in
the
case
where
they
pass
the
dash
and
flag
by
improving
the
defaults.
E
So
because
this
is
a
behavior
change
and
because
we
never
discussed
a
specific
proposal,
but
we
discussed
related
ones.
I
thought
we
couldn't
do
it.
I
wanted
to
bring
it
up
with
the
group
to
see
if
there's
a
grants
with
my
thinking
here
or
not,
and
whether
the
cadence
is
appropriate.
If
we,
if
we
do
want
to
make
this
change
over
what
period
we
can
do,
it.
E
Does
it
in
the
case
of
apply
like
if
you
think
of
the
scenario,
there
is
a
scenario
that
has
actually
been
discussed
in
this
issue,
where,
if
you
have
name
spaces
specified
in
in
line
in
your
config
files
and
it
conflicts
with
the
flag,
then
we
actually
error
out
and
refuse
to
apply
those
con
conflicting
spaces,
whereas
if
it
is
just
a
default
in
the
cubeconfig,
that
is
not
the
case.
The
namespaces
will
just
be
used
from
the
files
and
it
will
continue
on.
A
C
There's
one
tiny
lit
that
I,
that
I
notice
and
if
you
are
there's
a
hard-coded
list
of
resources
that
I
very
don't
like
I'll,
probably
instead
of
doing
this
hard
coding,
the
that
particular
list
to
read
that
if
that
particular
information
is
from
discovery,
we
have
that
information.
Whether
a
particular
resource
is
a
non-namespace
or
namespace
one,
because
it's
fine
for
the
built-ins,
but
as
soon
as
you
start
working
with
crd
and
even
if,
in
our
case,
moving
in
namespace,
as
you
said,
katrina
will
be
disastrous
in
a
similar
fashion.
E
Right
but
the
only
way
we
would
end
up
touching
a
third
party
because
of
the
way
this
feature
is
designed.
It's
not
designed
great
to
be
honest,
but
is
that
somebody
explicitly
told
us
they
used
the
pre-whiteless
flag
and
they
explicitly
told
us
to
prune
it.
So
at
that
point
we
don't
care
if
it's
name-spaced
or
not,
because
we
have
to
prune
it
because
they
told
us
to.
C
E
Yeah
and
and
this
one
is
it's
there's
a
lot
of
things
to
to
not
like
about
the
the
way
that
pruning
works.
That's
that's
one
of
them
for
sure,
there's
a
tool
that
I
that
I've
worked
on
open
source
for
my
company
that
uses
prune
under
the
hood,
but
to
make
it
safer
and
to
make
it
worth
with
custom
resources.
E
It
actually
uses
discovery,
just
like
you're,
saying
mache,
to
figure
out
what
namespace
and
non-namespace
resources
exist
and
then
based
on
whether
it's
doing
it
has
like
very
separate
namespace
and
non-namespaced
operations,
because
that's
its
opinion
like
you,
should
do
that.
That's
the
way
to
be
safe.
It's
so
it
constructs
dynamically.
The
appropriate
allow
list
to
use
with
the
commands
to
feed
in,
and
it
never
ever
ever
uses
these
defaults
that
I'm
that
I'm
proposing
to
change,
which
I
think
nobody
should
ever
use.
E
Right,
so
I
guess
that's
to
the
second
to
the
second
part
there.
If
we
agree
that
we
can
do
this,
do
we
need
a
deprecation
period?
Can
we
accept
the
pr
with
a
warning
that
this
has
changed?
That
would
be
the
most
aggressive
version
eddie
and
if
we
do
need
deprecation
period,
how
long
do
we
think
for
this
sort
of
change?
C
C
Yeah
yeah
I'll,
probably
a
little
bit
safer
on
that
one.
It
never
hurts.
I
I've
personally
went
through
a
ton
of
hoops
with
an
alpha
api
in
the
past,
just
because
people
started
using
it
and
it
was
barely
available
for
a
two
or
three
releases,
whereas
this
one
is,
as
you
mentioned,
for
more
than
20
releases,
so
yeah,
it's,
it
won't
hurt
and
it'll
be
on
the
safe.
E
There's
also
sort
of
a
tack-on
item,
because
I
was
looking
at
this.
I
noticed
that
the
flag's
name,
which
again
I'm
not
proposing
changing
anything
about
the
behavior
of
the
flag.
That's
going
to
be
that
that's
not
affected,
but
the
flag's
name
is
prune
whitelist,
which
is
not
using
inclusive
language,
and
I
was
wondering
if
we
had
buy-in
to
actually
just
sort
of
alias
that
and
then
follow
the
deprecation
period
to
get
rid
of
the
old
one.
A
E
Yeah
I
agree
and,
like
I
said
I,
I've
had
to
do
a
bunch
of
stuff
personally
to
work
around
this
in
the
past,
but
I
think
that,
given
that
there's
no
cap
even
existing,
like
that's
something
I'm
interested
in
working
on
personally
but
there's
not
even
a
cap,
yet
that's
partially
my
fault.
I
should
get
on
that,
but
I
think
getting
the
inclusive
language
in
in
something
that
we
can
definitely
do
in
the
next
release.
And
it's
so
easy
for
us
to
do
that.
And
I
think
it's
worthwhile.
A
So
I'll
I'll
ask
the
the
sig:
now
I
don't
I
mean
we
don't
have
to
go
into
a
rabbit,
hole
a
whole
tangent,
but
how
does
everybody
feel
about
a
significant
refactor
and
change?
We
we've
done
an
experiment
in
the
cli
utils,
using
an
inventory
object
to
keep
references
to
all
the
objects
that
have
been
applied.
A
That's
a
particular
way
to
to
solve
this
problem
instead
of
instead
of
trying
to
use
these
proven
white
lists,
and
instead
of
you
know,
trying
to,
we
can
actually
only
prune
now
in
name
spaces
that
are
in
the
current
apply.
So
if
you,
if
you
move
everything
to
a
new
name
space
and
apply,
it
won't
get
rid
of
any
of
the
previous,
it
won't
prune
any
of
the
previous
objects
in
the
previous
namespace,
because
it
doesn't
even
know
about
that
previous
namespace.
A
Then
you
specifically
know,
regardless
of
whether
it's
what
namespace
it's
in,
what
the
gdk
is.
You
know
whether
it's
a
crd,
we
we
keep
track
specifically
of
what's
been
applied
and
we
have.
We
look
at
that
inventory
object
and
the
references
within
it
in
order
to
determine
what
that
previous
set
of
applied
objects
is
so
this
this
would
be
a
major
undertaking
and
would
would
change,
could
could
end
up
changing
quite
a
few
things
and
would
almost
certainly
get
a
lot
of
pushback
from
other
parts
of
the
community.
A
If
we
wanted
to
go
down
that
particular
path
and
follow
the
same
mechanism,
that's
being
used
in
the
experiment,
cla
tills,
but
yeah-
I
don't.
I
don't
want
to
hijack
this
meeting
and
go
down
that
whole
rabbit
hole
of
that.
But
I
I
think
that
we
we
hopefully
we
can
come
to
some
consensus
as
a
sig
to
determine
whether
or
not
we
really
want
to
fix
prune
at
a
with
major
refactors
to
actually
solve
the
underlying
problem
of
how
we
specify
the
previous
set
of
applied
objects.
C
A
C
We,
when
phil
initially
kick-started
the
cli
utils
from
what
I
remember
that
was
one
of
the
goals
to
to
experiment,
see
what's
possible
how
far
we
can
improve
the
current
print
mechanism
and
my
expectation,
I
didn't
have
any
particular
dates
yet
for
that.
But
my
expectation
was
that
we
will
eventually
get
some
results
out
of
those
experiments
which
those
results
would
be
then
presented
in
the
60
li
as
a
set
of
options
of
oh.
We
did
these
this
and
that
experiment.
C
These
were
the
results
of
this
experiment
experiment.
This
is
how
we
can
improve
the
situation.
These
are
the
dangers,
and
these
are
the
potential
downsides
of
the
approaches
that
we
are
going
to
take
and
then
collectively
we
can
pick
which
pros
and
cons
we
can
accept
and
then
eventually
start
the
passwords
changing
the
print
mechanism.
C
A
A
E
E
E
The
other
thing
to
consider
is
that
the
current
implementation,
besides
having
a
allow
list,
which
is
not
a
great
approach,
it
also
is
based
on
looking
for
the
cube
control.
Client-Side
applies
annotation
on
objects,
so
if
we
eventually
completely
get
rid
of
client-side
apply
in
favor
of
server-side
apply
which
doesn't
have
that
annotation,
then
we're
going
to
have
a
serious
problem
where
it's
just
all
of
a
sudden
gonna
break.
A
That's
my
understanding,
and
so
actually
just
removing
it
to
accommodate
server
side,
apply
or
or
specifically
looking
for
not
just
the
last
supplied
configuration
annotation,
but
also
metadata
from
server
side.
Apply,
would
also
be
a
pretty
straightforward
way
to
make
pruning
work
with
server
side
apply.
I
think.
E
Yeah
there's
a
concept
of
ownership
like
did
apply
actually
own.
This
object
and
now
server
side
makes
that
concept
more
sophisticated
where
ownership
becomes
at
the
field
level
rather
than
the
object
level.
So
I
think
there's
a
question
there
like
how
like
what
should
we
look
at
to
determine
ownership
if
we
stick
more
or
less
with
the
current
approach
and
just
make
it
less
bad,
like?
I
think,
that's
that's
what
the
cap
needs
to
decide
like
did.
A
E
Experiments
yield
something
that
we
can
actually
move
towards,
or
do
we
need
to
graduate
the
current
approach
as
much
as
we
don't
love
it
like?
What's
the
best
that
we
could
do
with
this,
given
that
people
have
been
using
it
for,
for
you
know,
however,
many
years,
but
we
can't
just
remove
it
so
like
what?
What
can
we
do
to
make
it
stable.
A
To
be
honest,
I
think
that
there's
the
danger
that,
if
there's
so
much
pushback
in
the
community
and
even
pushback
within
the
sig,
I
wouldn't
be
in
that
camp.
But
if
there
is
then
you
know
you
can
put
a
lot
of
time
into
a
cap
that
goes
nowhere
and
it
may
be
there's
a
pre-step
to
determine
whether
or
not
that's
even
going
to
be
acceptable
to
the
community.
E
A
E
D
E
E
C
In
a
similar
fashion,
I
actually
thought
about
generalizing
the
idea
of
we
can't
just
leave
perma
beta
karma
alpha
black
and
what
sick
architecture
did,
and
that
was
implemented.
I
don't
know
it
might
have
been
two
years
ago.
I
remember
that
the
crunch
of
api
was
affected
by
it.
What
they
did
was
they
explicitly
said
and
put
a
timeline
on
every
api
that
you
have
literally
six
months
from
today
to
either
promote
the
api
or
it
will
be
deprecated
and
entirely
removed.
C
And
if,
if
there's
someone
interested
in
in
pushing
this
forward
good
push
this
forward,
if
not
we're
going
to
drop
it,
we
can't
fix
everything
everywhere
for
everyone.
So
that's
that's.
That
would
be
those
some
safeguards
for
us
as
a
stick
to
ensure
that
stuff
are
either
moving
forward
or
after
some
period
are
removed
from
testing,
and
we
don't
have
to
deal
with
them.
A
A
E
E
Yeah
I
don't
mind
championing
that
I
like,
like
I
said
I,
I
maintain
a
tool
that
that
relies
on
this
feature,
and
would
you
know
as
and
I'm
very
aware
of
the
ways
in
which
it
is
broken
and
not
aware,
but
also
and
sorry,
the
ways
it's
broken.
But
I'm
also
aware
of
how
valuable
it
can
be
and
would
rather
that
projects
like
mine
and
many
others
in
the
community
don't
have
to
figure
out
independent
implementations,
because
because
we
abandon
it
upstream.
A
Yeah,
I
think
it's
fundamentally
broken.
As
for
the
reason
I
mentioned
before,
of
the
limitations
on
how
to
specify
what
the
previous
applied
set
is,
and
I
think
that
you're
gonna
get
just
like,
so
I
think
that
you
and
mache
have
the
final
word
on
on
it,
because
you
guys
are
the
tls
for
six
eli
but
I'll.
A
I
you
know,
I
it's
been
my
experience
that
everybody
and
his
brother
has
a
different
opinion,
and
is
it
it's
going
to
be
a
yeah
it'll,
be
a
you
know,
quite
a
political
act
to
to
try
to
get
a
fundamental
change
that
really
fixes
this.
I
I'd
like
I'd,
love
to
see
it
happen
and,
and
you
know,
I
think
that
we
shouldn't
underestimate
the
power
that
that
we
have,
because
this
is,
you
know
what
what
we
own.
A
E
Hoping
that
framing
it
as
like,
we
need
to
do
something
here.
Are
our
options
instead
of
like
an
option,
is
to
leave
it
in
permanent
alpha
because
from
the
six
perspective
like,
I
think,
that's
unacceptable.
So
we
need
to.
We
need
to
to
pick
a
way
forward
explicitly,
instead
of
sort
of
leaving
it
in
limbo,
I'm
hoping
that
framing
would
help,
but
I
I
agree
with
you
sean
that
that's
been
controversial.
E
E
I've
been
talking
a
lot,
but
I
can
do
a
quicker
one
of
top
of
mind
for
for
customize.
There
is
an
issue
that
we
have
that's
sort
of
in
line
with
the
general
sig
and
even
actually
general
kubernetes
initiative
to
improve
code
quality
and
make
sure
that
we
have
adequate
testing
of
all
the
features.
We're
supporting
there's
one
particular
sort
of
group
of
features
that
are
under
tested
and
customized.
E
Where
basically
enables
you
to
specify
a
remote
customization
and
then
it
will
process
it.
So
the
standard
thing
is,
you
have
all
your
config
locally
reference
and
other
customization
of
your
tree,
but
it's
all
local.
But
yes,
this
feature
lets
you
like
point
to
github,
say
and
we'll
pull
down
a
repo
for
you
and
and
build
from
there,
so
that
whole
sort
of
area
is
under
tested.
E
E
The
github
actions
by
default
gives
you
a
token
that
you
can
use
that
allows
you
to
clone
a
repo,
a
public
repo
over
https,
but
it
doesn't
give
you
anything
to
be
able
to
to
do
a
clone
by
a
by
ssh,
which
we
need
to
do
to
be
able
to
test
this.
So
we
were
exploring
some
different
options,
and
here
we
go.
Let
me
see
if
I
can
pull
up
the
pr
real,
quick.
E
One
of
them
would
be
to
commit
an
ssh
key
into
the
test,
suite
which
seems
kind
of
sketchy,
because
that's
like
that's
an
identity,
so
if
you
it
might
be
attached
only
to
a
read-only
token
right
now,
but
there's
no
guarantee
that
that
will
continue
to
be
the
case.
So
from
that
perspective
I
don't
love
it.
Then.
E
E
Something
rings
a
bell
for.
You
please
reach
out
to
me
on
slack,
because
we're
trying
to
figure
this
out
and
I'll
drop
once
I
find
it
here,
a
link
to
the
discussion
on
the
customized
repo
for
anyone
interested
to
review.
If
there's
somebody
help
us
out
planning
on
posting
this
in
sync
testing
to
see
if
I
could
get
some
opinions
there,
any
suggestions
before
to
get
help
as
well
would
be
welcome.