►
From YouTube: Kubernetes WG K8s Infra - 2019-06-12
Description
A
A
B
E
A
D
E
D
D
D
E
A
D
A
All
right
so
I
think
I'm
kind
of
getting
ahead
of
myself.
I
honestly,
don't
recall
looking
at
the
meeting
notes,
if
we
had
any
specific
ai's
for
this
it's
meeting
my
thought
was:
we
could
just
sort
of
walk
all
the
issues
that
are
in
the
milestones
and
see
what
we
get
as
a
result
of
that.
How
does
that
sound
everybody?
A
A
Okay,
so
right
I
like
dark
mode
the
world,
so
welcome
to
Dark
Void
github
to
refresh
everybody's
memory
on
the
milestones
we're
working
on
the
ready
to
migrate
milestone.
This
is
everything
that
we
have
to
get
done
before,
ready
to
start
like
migrating
things
over
wholesale
and
then
there's
like
low-risk
stuff
to
migrate
and
then
migrating
over
other
stuff,
like
kubernetes
tests.
A
A
D
E
A
Where'd
it
all
in
my
associate,
so
we
sort
of
had
the
same
question
from
a
storage
perspective
for
billing.
If
we
start
to
enter
brave
new
world
where
arbitrary,
sub
projects
and
SIG's
get
to
create
arbitrary
artifacts
everywhere,
are
we
going
to
understand
like
which
of
them
are
costing
us
the
most
money
in
terms
of
storage
and
transfer?
Things
of
that
nature?.
D
E
A
E
G
A
E
There
is
good
question:
I
will
it's
in
a
report
in
the
Google
products
known
as
data
studio
I,
don't
know
how
we
can
export
that
like
to
get
I'm
afraid,
but
that's
primarily
it
I
think.
There's
one
supporting
query
but
I
think
it's
actually
better
than
a
report.
I
think
I
can
share
it
with
people.
I
don't
know
if
I
can
export
it
and
get
it
ordered.
It
is.
A
E
D
A
A
A
Okay,
I
probably
need
to
update
what
the
umbrella
issue
says.
Let's
look
at
some
of
the
other
issues,
so
I
think
the
the
one
were
sort
of
most
interested
in
is
burning
down
and
recreating
the
cluster.
The
scripts
and
mukham
had
has
been
working
on
this
and
iterating
on
this
and
him
I
think
I
saw
a
PR
containing
a
lot
of
fash
from
you
as
well,
so.
D
A
But
my
bandwidth
is
not
super
great
but,
like
all
right,
I
have
concerns
that
maybe
we're
holding
ourselves
to
too
high
a
bar
here
and
we're
not
just
merging
and
iterating,
or
maybe
it's
that
we're
like
two
bottle
necked
on
on
high-traffic
individuals
or
something
but
I
feel
like
we've
been
waiting
to
go
on
this
for
a
while.
Well.
D
That's
certainly
true,
but
this
is
not
an
incremental
thing.
This
is
like
if
you
bring
up
the
cluster
and
you
have
it
configured
fundamentally
wrong,
like
the
whole
things
wrong
and
like
we
looked
at
it,
we
sat
down
with
if
hippy
and
an
hour
know
in
Spain,
and
we
looked
at
it
and
there
was
a
bunch
of
comments
and
I'm
sure
that
he
has
addressed
those
comments
since
then.
But
it's
it's
not
a
like.
Just
do
one
little
thing:
it's
it's
actually
a
fairly
involved
script,
so
I'm
happy
to
have
other
people.
D
D
A
D
G
H
G
H
G
G
F
D
D
Just
errand
to
your
concern,
that's
very
high.
My
priority
list
I'd
be
happy
to
have
other
people,
take
a
look
at
it
from
a
fashion
correctness,
point
of
view:
I
make
a
few
hours
at
least
every
week
to
look
at
these
sorts
of
issues,
and
now
that
most
of
the
queue
con
backlog
is
burned
off.
This
is
the
top
of
my
heap
like.
A
All
done
super
manually
right,
but
I
feel
like
we
had
talked
in
the
past
about
how
the
objective
here
is
to
migrate
everything
over
and
then
to
start
iterating
on
it
to
make
it
this
more
ideal.
Get
ops,
driven,
stuff
and
I
have
concerns
that
were
holding
ourselves
to
the
higher
bar
that
we
were
not
even
following
right
now,
with
all
of
our
existing
infrastructure,
like
I
I
agree
with
the
ideal,
but
I'm
I
am
hearing
pressure
from
others
that,
like
what's
the
holdup,
can't
we
just
do
what
we've
always
been
doing.
D
Big
deal
is
that
we
have
like
before
we
had
infinite
funds
which,
because
Google
was
just
paying
for
it
silently
and
now
we
no
longer
have
infinite
funds
and
we
were
actually
beholden
to
people
to
answer
how
we're
spending
it
so
I'm
not
comfortable.
Just
saying
yeah,
it's
fine,
you
get
a
project,
go,
do
whatever
the
hell
you
want.
So
the
counter-argument.
A
Is
we've
only
been
spending
like
a
couple
hundred
dollars
and
we
have
a
ceiling
of
a
couple
million
dollars
and
it's
unclear
to
me
whether
those
millions
of
dollars
were
doled
out
as
a
lump
sum
of
dollars
or
as
a
lump
sum
of
credits
or
in
terms
of
credits
that
expire
on
some
kind
of
annual
basis.
They.
D
G
Christophe
yeah
so
Tim
one
of
the
reasons
why
I
don't
end
up
looking
at
the
thing
is
like
typically,
what
I
do
is
I
try
something
out
and
see
if
some
it
works,
fine
and
then
go
poke
at
you
know
the
cluster,
for
example
right,
but
I,
don't
have
an
account.
So
I
can
try
the
PR
out.
You
see
what
I'm
saying.
G
D
Right
well
so
I'm
happy
to
give
you
know,
individuals
who
are
steering
this
whole
thing,
broader
access,
I'm,
not
comfortable
at
this
point-
and
you
know
maybe
I
can
be
talked
back
off
this
ledge,
but
I'm
not
comfortable.
Just
saying,
like
hey,
Singh
testing,
here's
a
project
with
all
the
API
is
enabled
go
crazy,
because
I
think
testing
is
where
the
lion's
share
the
money
is
gonna
go
all.
G
D
I
have
no
problem;
I
have
no
problem
with
that,
and
in
fact,
we've
done
this,
for
you
know,
like
our
Noah's,
got
a
project
that
he
has
full
access
to
for
the
development
of
this
turn
up.
Script
I'm
happy
to
give
individuals
access
to
do
the
development
of
these
things.
That's
no
problem!
Okay.
So
if
you
want
something
like
that,
like
ping
me,
offline
and
I
would
be
happy
to
give
you
that,
so
you
should
already
have
it
like.
Why
are
you
not
like
almost
heart
or
demon
I.
G
I
Saying
here's
a
project
go,
do
whatever
you
want
with
us,
spend
as
much
money
as
you
want
just
go
ahead
and
setting
up
some
like
policies
like
written
down,
Paul,
please
for
what
what
is
acceptable
and
what's
not,
but
not
necessarily
going
as
far
as
get
off
striven
scripts
from
what
I
understand
is
the
like:
the
current
sprawl
of
test
improv
projects
and
clusters
that
we
have
it
is
there.
It
exists.
I
It's
not
super
well
documented
and
it's
changing
and
we
recently
needed
to
like
go
in
and
completely
rebuild
all
of
the
discs
on
one
of
the
clusters
to
get
them
up
to
500
gigs
for
the
main
disc,
so
that
it
increased
the
AI
ops
of
the
of
the
instances,
because
we
were
hitting
AI
off
limits.
It's
like
there's.
There's
these
clusters
will
be
living.
They
will
be
changing.
I
Having
I
think
hamstrung
us
to
say,
like
we
need
everything
to
be
good.
Obstreperous,
Creek
I,
don't
know
that
that
is
is
absolutely
necessary
for
us
to
still
like
the
billing
is
important.
The
I
am
is
important,
understanding,
who's
doing
what
understanding,
where
the
money's
going,
having
regular
checkpoints
to
make
sure
that
things
like
worst-case
scenario,
things
go
haywire
for
two
weeks
and
we
spend
a
whole
bunch
of
money
for
two
weeks
and
then
we
were
visited
or
like
whoa.
I
What
the
heck
happened
here,
we're
hopefully
even
sooner,
if
we're
getting
email
reports
but
I,
don't
necessarily
know
that
we
need
to
go
as
far
as
like
scripts
for
everything,
because
getting
a
script
and
tuning
a
script
and
debugging
a
script.
While
you
can
document
everything
through
script,
it
may
just
be
easier
to
be
like
oh
we're.
Just
gonna
have
like
a
Google
Doc
or
a
github
issue,
and,
like
oh
I,
went
and
I
changed
all
the
discs
on
here
to
500
gig
discs,
because
the
SIOP
thing
we
documented
it
it's
we
understand.
D
I
understand
what
you're
saying
in
and
I'm
actually
really
sympathetic
to
it,
because
you
know
having
written
these
scripts.
They
are
not
always
easy
or
obvious,
and
and
I
and
I
want
to
be
clear.
I'd
like
I'm,
not
holding
everybody
to
this
line
of
this
sort
of
mythos
of
get-ups
that,
like
actually
hasn't
been
proven
out,
I'm
saying
I,
really
just
want
the
ability
to
recreate
something
if
it
goes
sideways
and
the
ability
to
know
by
looking
at
a
script
or
something
what
it's
supposed
to
have
right
like
very
concretely,
hippy
was
working
on.
D
This
I
am
awed.
It
thing
which
I
don't
know
if
it's
done
or
not,
I
need
to
go
back
and
look
at
his
PR,
but
like
when
you
run
that
you
will
get
a
list
of
individuals
who
have
I
am
access
to
things
and
the
last
time
I
ran
it.
I
was
surprised
there
were
people
on
there.
I
was
like.
Why
does
this
person
have
access
to
that
thing
by
name
instead
of
by
group
right?
D
And
that
was
worrisome
to
me
and
that's
that's
the
sort
of
stuff
that
I
don't
want
just
sort
of
propagating
around
with
with
know
like
check-ins
on
it
and
so
I'm,
trying
to
figure
out
how
to
strike
the
balance
here.
I
know
like
Eric's,
really
frustrated
with
my
pushback
on
this
I
I've
heard
so
I
try
to
figure
out
how
to
just
make
sure
we
don't
get
into
a
Wild
West
situation
where
nobody
knows
what
the
heck's
going
on,
because
that's
where
we
are
now.
D
I
But
I
would
suggest
we
could
we
be
as
just
as
effective
by
setting
written
policies
and
enforcing
them
and
having
like
if
we
have
enforcement,
if
we
have
auditing
so
we
know
who's.
Turning
on
what
so
like,
if
somebody
turns
on
an
API
and
we
have
an
audit
trail
of
that
and
then
it
doesn't
get
documented,
we
know
who
to
go
to
and
say.
Why
are
you
doing
this?
That's
not
in
policy.
I
You
should
be
documented
us
and
potentially
err
on
the
side
of
like
document
documentation
to
get
to
that
goal
of
like
knowing
what
things
should
look
like,
as
opposed
to
doing
everything
through
scripting
I
know,
like
I,
know
we're
software
and
chairs.
We
kind
of
have
that
mindset
of
like
everything
could
be
solved
through
software,
but
is
that
necessarily
the
best
solution
to
this
problem
is
actually
to
get
us
like.
Let
me
get
us
the
Minimum
Viable
Product.
Now.
E
It's
just
one
one
issue
it
that
is
that
we
have
to
give
permissions
to
people
to
do
those
things
and
we
probably
wouldn't
give
it
to
the
whole
community,
but
we
would,
in
theory,
like
the
whole
community,
be
able
to
say.
Oh
you
know
you
should
actually
change
this
instance
type.
It's
better
disks
or
whatever,
like
we're,
I,
think
we're
also
trying
to
get
away
from
gatekeeping,
both
from
a
the
gatekeepers
are
busy
and
from
a
we
want
to
be
a
OpenType
community.
E
I
did
see
a
comment
which
I
don't
think
we've
addressed,
which
was
yours,
Christoph
about
terraform
I,
don't
know
whether
I
am
NOT
the
biggest
fan
of
terraform,
but
I,
don't
know
whether
terraform
might
accelerate
some
of
these
efforts.
I,
don't
know
whether
the
bottleneck
is
PR
review
on
the
bash
and
development,
the
bash
or
whether
it's
like
the
actual
development
of
the
scripts
themselves.
I
I
I
If
we
could
be
the
idea,
the
idea
that
I
would
maybe
propose
is
something
along
the
lines
of
like
for
something
like
our
basic,
like
our
certain
like
services
clusters,
so
things
that
are
going
to
host
like
redirector
things
that
are
gonna
host
the
publishing
bot
things
like
that
they're,
like
just
general
services,
that
it's
like,
we
just
need
a
kubernetes
cluster
to
dick
this
on.
That's
pretty
easy
like
having
a
script
to
stand
it
up.
It's
probably
not
going
to
change
a
whole
heck
of
a
lot.
I
That's
a
whole
lot
easier
and
simpler
to
to
get
move
forward.
Then
the
thing
that
I'm
most
interested
in,
which
is
our
test
infrastructure
and
getting
prowl
to
build
clusters,
the
boss,
ghost
clusters,
the
no
build
execution
like
all
of
those
big
tests
in
four
components
over
into
the
public
sphere,
because
as
soon
as
we
get
them
into
the
public
sphere
and
into
these
projects,
other
people
can
help.
I
Yeah
I
I
don't
want
to
if
I'm,
if
I'm,
the
only
one
that
feels
this
way,
I'm
totally
fine
with
just
like
backing
off
and
we
proceed
as
we've
been
proceeding,
but
the
not
yet
the
idea.
The
idea
that
I'm
just
pushing
forward
is
the
is
the
concept
of
like.
Could
we
get
away
with
policies
and
documentation
as
opposed
to
code
and
then
maybe
like
stretch
goal
one
day,
we've
reverse
engineer
it
back
into
code
back
into
terraform
once
it's
all
in
the
public
sphere,.
B
D
I'm
not
sure
that
that
is
the
problem
at
hand.
The
the
problem
at
hand
is
more
like
what
we've
done
in
the
past
is
here's.
The
GCP
project
go
spin
up
a
cluster,
go
configure,
it
by
hand,
go
change.
Things
willy-nilly
and
you
know,
turn
on.
Api
is
and
create
service,
buckets,
storage,
buckets
and
add.
D
I
am
accounts
and
role
bindings
and
those
sorts
of
things,
and
it
was
relatively
safe
because
it
was
only
Google
who
could
do
it
and
so
like
by
policy,
were
not
allowed
to
add
non-googlers
to
these
things,
and
so,
like
I,
can't
leak
as
easily
once
we
move
beyond
that,
the
the
question
is
well.
Can
we
just
do
that
again,
but
now
under
the
kubernetes,
I/o
domain
and
I'm,
anxious
I
would
rather
do
what
we're
trying
to
do
with
the
storage
stuff,
which
is
figure
out.
What
is
the
bare
minimum?
D
I
am
account
that
I
need
to
grant
to
a
particular
Google
group
so
that
that
some
members
of
that
Google
group
can
do
the
one
specific
thing
that
that
group
is
assigned
to
the
cluster
turn-up
is
but
a
drop
in
that
the
harder
part
is
actually,
in
my
experience,
finding
the
right
set
of
I
am
permissions
to
manage
the
the
permission
that
we
need
to
grant
right.
I,
don't
know
if
anybody
else
Justin,
you've
written
a
bunch
of
the
script
stuff
like
I,
feel
like
that's,
where
I
spend
most
of
my
time,
you
know,
go.
D
Try
it
now.
I
added
this
new
permission
to
you.
Oh
that
didn't
work,
go,
try
it
now,
I
added
this
other
permission
to
you,
which
you
know,
I
won't
comment
on
the
state
of
documentation,
but
it
there's
a
there's,
a
remark
in
there
somewhere
and
so
I'm,
not
sure
that
cluster
API
has
a
material
impact
on
that
or
if
it
does,
it's
not.
The
lion's
share.
The
lion's
share
here
is
and
kristoff
I'm
super
sensitive
to
what
you're
saying
and
I
am
listening.
D
G
Dance
so
can
we
have
like
a
middle
ground
somewhere
where
clusters
are
brought
up
to
a
specific
stage,
and
then
people
make
changes,
and
then
the
policy
kicks
in
saying
when
you're,
making
changes
to
a
live
cluster
then
make
sure
that
there
is
corresponding
pr's
file
for
the
actual
changes
in
the
scripts
also,
and
then
so
we
can
kind
of
like
bootstrap
ourselves
out
of
this
situation.
That's
really
all
I
want.
I
The
the
concern
like
the
concern
that
I
would
have
there
is
like
the
time
to
go
and
update
a
technical
script
and
debug
it
as
opposed
to
just
like
writing
an
issue
or
writing
a
Google
Doc
or
something
to
record
I
made
this
change
as
opposed
to
like
solving
it
necessarily
through
software.
If
we're,
especially,
if
we're
not
even
going
to
drive
the
change
through
the
software,
so.
G
A
My
my
okay
to
me
my
feeling
is
this-
is
why
I
play
such
an
emphasis
on?
Are
we
getting
our
billing
report
so
that
we
all
have
this
ability
on
what
we're
spending
our
money
on
and
we're
and
I
think
Tim
you
raised.
Hippies
I
am
hot
at
script.
I
that
has
not
brought
and
been
brought
to
completion.
I
think
it
should
because
I
sort
of
favor
the
model
where
we
we
audit
the
things,
rather
than
forcing
that
we
drive
everything
through
automation,
because
your
concerns
seem
to
be
mostly
about.
A
Do
we
know
what
we're
doing
which
to
me
sounds
an
awful
lot
like
audit.
The
is
it
all
driven
by
a
script,
seems
to
answer
the
like
sort
of
a
dr
scenario
a
lot
more,
and
I
am
comfortable
if
there
is
a
team
that
is
willing
to
support
a
piece
of
infrastructure
and
there
dr
story
is.
We
follow
this
step-by-step
document.
Instead
of
writing
a
script,
I'm
happy,
I
don't
want
to
get
keep
that
team.
D
So
I'm
I'm
very
much
listening
and
I
and
I'm
trying
to
reconcile
all
that.
It's
not
I'm,
not
purely
concerned
about
billing
and
I'm,
not
purely
concerned
about
audit
in
the
I
am
sense,
which
is
what
hippies
scrips
put
do
I'm
concerned
with,
not
knowing
how
things
are
supposed
to
be
right
when
I
poke
around
at
the
existing
Google
infrastructure.
D
I
can
look
at
two
different
projects
with
two
different
settings
and
I,
don't
know
which
one's
right
right
when
you
look
at
things
like
various
bits
of
policy
that
have
been
applied
to
I'll
pick
on
the
storage
stuff,
because
we've
actually
scripted
it
now,
but
like
there's
life
cycle
and
retention,
policies
on
storage
or
all
the
staging
repo
is
supposed
to
have
a
very
short
retention
policy.
Well
now
they
are
because
we've
decided
that
that's
a
good
thing,
but
in
the
legacy
world
there's
no
way
to
enforce
that.
D
A
D
F
So
the
problem
I
see
with
the
old
way
and
basically
just
moving
to
auditing
and
things
like
that
and
not
going
with
everything
is
written
in
code.
Even
so
everything
might
be
just
a
probabilistic.
Bad
thing
is
that
with
open-source
contributors
coming
in
and
they
might
be
leaving
the
knowledge
madelief
like
an
issue
is
just
easier.
Written
and
policy
might
be
easier
written.
So
there
might
just
be
more
knowledge.
Leaving
ban
is
possible
with
scripted
scripts.
F
Basically,
so
I
feel
encoding
the
infrastructure,
especially
being
an
open
project
and
having
contributors
willingly
come
in
because
they
can
find
it
and
actually
change
something
and
test
it.
It's
a
much
or
better
or
open
type
thing,
especially
on
where
we
want
to
go
with
kubernetes
in
general,
and
also
that
might
scale
better
than
like
a
five
to
ten
people
team
that
burns
themselves
out
by
auditing
and
going
through
hundreds,
maybe
even
thousands
of
projects
down
the
road.
G
E
We
are
all
agreed
in
a
dream
world.
We
would
have
it's
a
clarity
of
configuration,
I
think
I
think
we're
debating
whether
the
cost
is
worth
it
at.
The
time
is
worth
it
and
I
do
appreciate
the
like
suggestions
on
other
ways.
I
think
they're,
good
suggestions,
but
I.
That's
why
I
sort
of
suggested
like
terraform
might
be
another
short
concerts
like
anyway.
E
A
Also
tariffs
or
whatever
it's
we're
dealing
with
bash
yeah
yeah.
My
last
word
is
perfect:
is
the
enemy
of
good
I
think
we're
all
super
well
aware
of
this
I
wasn't
trying
to
drive
a
decision
here,
but
I
think
is
a
conversation
we
need
to
have
and
consider,
as
we
look
to
add
more
things,
because
I
really
want
us
to
stop.
Gatekeeping
I
really
want
to
make
it
easier
for
new
contributors
to
help
out
okay.
A
A
B
D
B
B
I
was
hoping
to
be
able
to
get
a
whole
get
a
hold
of
folks
during
this
meeting,
but
when,
like
it's,
it
seems
like
like
he
was
working
on
something
I'm,
not
really
sure
what
the
state
is
I
just
sort
of
picked
up
something
that
was
that
said,
it
was
a
good
first
issue.
Okay,
so
that's
where
I
am
cool.
E
A
D
As
far
as
we
believe
that
promoter
works,
right,
Linus
has
done
tests
and
demonstrations
of
it
and
it
works,
and
there
are
a
very
small
number
like
I,
think
four
set
up
already
and
we
can
do
sort
of
proof
of
proof
of
ability
between
those
repos.
What
we
don't
have
is
any
sort
of
automated
way
of
knowing
that,
when
the
promoter
changes
that
it
doesn't
accidentally
wipe
out
the
whole
repo.
B
E
D
Historically,
we've
never
deleted
anything
right
and
so,
like
maybe
that's
an
okay
policy.
I
mean
you
know,
even
though
we
have
images
out
there
that
have
that
are
full
of
CVEs
that
are
rotten
to
their
core.
Somebody
somewhere
is
probably
still
using
it
in
a
script,
and
we
don't
want
to
break
them.
So
I
don't
actually
know
the
state
I
wish
Linus
were
here,
I,
don't
know
if
he
added
the
deletion
support
the
internal
promoter
that
we're
using
against
the
the
Google
version
of
this
doesn't
even
have
delete
support.
A
D
We
have
we
have
this
one.
We
have
this
one
special
repo,
kate's
GC
r
dot
io,
which
has
some
auto
globalization
stuff
turned
on.
So
if
you
access
it
from
Asia,
you
get
the
Asia
mirror
and
if
you
access
it
from
the
US
you
at
the
US
mirror.
That
is
not
generally
true
of
GC
our
registries.
That
was
done
for
us
special.
E
Think
the
underlying
suggestion
is
like
doing
it,
for
a
sake
is
lower,
is
an
easier
first
step.
It's
basically
a
thing
that
doesn't
yet
have
a
repo
that
we
need
to
maintain
and
it
does
seem
like
with
the
promoter
we
could
promote
to
a
particular
name
and
then
later
on,
make
an
artifact,
sorry,
an
alias
to
kid
statue.
Cra,
oh
I,
don't
understand
what
you
mean
by
alias
a
cname,
for
example.
Would
that
work?
E
So
in
other
words,
if
we
did
something
temporary
like
images
da
quesadilla
and
then
we
later
say,
okay,
everything
now
goes
to
okay,
remember
the
names
anymore,
okay,
7e
c
REO.
Could
we
could
we
see
named
images
decades
that
I
owe
to
K
sub
C
cRIO
so
that
the
names
don't
break
him
after
we
have
promoted
it?
The.
D
You
I,
yes,
that
was
one
of
the
original
considerations.
Was
we
just
alias
a
GCF
Kate's
name
to
the
Google
cloud
repo,
but
that
doesn't
work
so
more
or
less?
If
we
want
to
do
more
sooner,
we
can.
We
can
pick
another
name
and
it
won't
be
a
GC.
Our
name
it'll
be
a
like
a
GC
r
dot,
io
/,
something
right,
the
standard
name,
I
guess.
D
A
Guess
I
I,
don't
know
you
know,
I
always
want
to
try
and
like
move
us
forward
and
not
geeky,
but
I
feel
like
I
would
like
to
better
understand
or
quantify
our
paranoia
over
this
accidentally.
The
repo
like
I
I,
think
just
in
the
suggestion
of
maybe
we
we
never
trust
our
automation
to
delete
things
could
be
a
wise
one
and
I
think
understanding
what
level
of
e
2e
testing
exists,
and
we
would
want
to
make
us
sufficiently
comfortable
that
when
the
image
promoter
code
changes,
it
will
do.
A
The
right
thing
would
be
a
useful
thing
for
us
to
understand
because
I
don't,
like
maybe
Amy,
looked
through
the
issues
in
the
in
the
container
image
promoter,
repo
more
than
I.
Have
maybe
you
have
Justin
I,
don't
know.
If
there's
like
an
end-to-end
test
plan,
that's
spelled
out
there
that
we
all
agree
is
like
yep.
That's
enough!
That's.
E
D
D
Assessment
so
Amy,
if
you're,
if
you're
volunteering
and
bless
you
for
that,
maybe
the
right
thing
to
do
is
to
have
a
slack
or
something
with
Linus
and
just
build
a
comprehension
of
what
he
and
you
think
is
adequate.
Été,
testing
and
I.
Think
more
or
less
we're
gonna
go
with.
Whatever
you
guys
say
is
is
enough,
as
long
as
we
are
collectively
confident
cool
sounds
good
to
me.
I.
A
Will
just
randomly
throw
out
there
not
to
like
DC
focus
or
D
scope
or
anything,
but
I
do
have
a
request
out
to
get
up
to
use
their
wonderful
package
registry
as
well,
where
potentially,
we
could
use
that
as
a
different
staging
repository
for
the
image
promoter
and
I
feel
like
that
might
be
a
little
less
gatekeeping,
because
it
would
be
tied
to
github
credentials
as
far
as
I
know,
whereas
I
think
right
now,
people
need
to
remind
me
what's
the
process
to
get
access
to
a
staging
repo?
Is
it
buck
Justin
to.
D
Going
join
me,
the
mailing
lists
going
to
the
mailing
lists,
okay
or
though
the
group's
rather
that's
it,
and-
and
this
is
this-
goes
back
to
the
whole
scripting
thing
of
like
now
that
we
have
scripted
this
all
out.
It's
really
trivial.
If
you
want
to
create
a
new
staging
repo,
you
submit
a
PR
that
creates
a
new
group
and
you
submit
a
PR
that
adds
one
line
to
a
script
and
then
the
people
who
are
administering
it
run
the
script
and
now
you're
staging
repo
is
done
and
the
bots.
D
Now
you
can
just
go
and
make
PRS
against
the
the
manifest
and
it
moves
them
willy-nilly.
I
love
the
idea
of
using
github
credentials
to
gate
the
staging
stuff.
I,
don't
know
how
well
the
staging
bought
or
the
promotion
bots
would
handle
pulling
across
different
registry
providers.
Maybe
it
would
work
yeah,
that's
a
good
question.
I
think
you
request.
I
I.
I
Am
I
actually
had
the
exact
same
thought?
I
was
talking
with
github
about
it
about
doing
that
exact
thing
and
they
I
just
kind
of
dropped
on
my
priority
list,
but
it
is
something
that
I
was
thinking
about
as
well.
I
did
look
into
it
in
the
promoter
right
now.
Our
promoter
and
I
add
I'd,
asked
Linus
about
it
as
well.
I
Our
promoter
is
very
opinionated
to
GCR
and
it
doesn't
actually
do
any
like
pulling
or
pushing
of
images
it's
just
doing
like
retag
and
calls
directly
to
GC
ARDS
like
do
specific
things
so
because
it's
so
highly
opinionated
to
JCR.
There
would
definitely
need
to
be
some
changes.
That
said,
there's
like
libraries
and
tools
that
that
would
potentially
make
that
very
easy
to
like
and
hence
at
a
later
date,
and
make
the
promoter
like
able
to
handle
any
docker
v2
registry,
as
opposed
to
like
just
GTR
yeah.
D
That
that
is
mostly
what
I
would
have
expected.
So
thank
you
for
looking
into
that.
I
think
if
we
can
get
over
the
first
hurdle,
having
it
promote
from
anywhere
would
be
wonderful
and
I'm
open
to
hearing
people
disagree
with
the
goal
of
having
a
single
target
for
all
of
this
stuff
it.
You
know
if
that
seems
like
a
bad
idea
for
reasons,
then
I
would
love
to
hear
it.
A
E
A
D
A
E
About
I
think
there
was
a
roster
I
think
for
maybe
Clint
getting
my
sister
API
or
something
like
cluster
8.
That
I
released
requires
someone
with
permission
to
a
particular
bucket,
which
I
is
a
Googler,
have
I,
don't
know?
Who
else
has
it
it's?
Not?
It's
I
am
happy
to
do
that.
It'll
acts
as
a
great
motivator
to
gift
move
this
forwards.
Yes,.
E
Yes,
I
think
the
the
thing
which
I
think
is
interesting,
which
is
not
clear,
is
the
process,
will
be
a
proud
jump,
for
example,
will
push
a
pressure
container?
A
someone
will
produce
a
PR
to
edit
the
manifest
someone
has
to
approve
that
PR
now
I,
don't
know
how
someone
approves
that
PR
like
what?
How
do
I
know
that
that
sha
is
what
I
I
think
it
is
that
to
me
is
that
they
got
no,
but
I
presume.
We
just
heard
untrusted
sort
of
thing.
I
did
every
piece
of
builds,
but.
D
Yeah
well
in
an
ideal
world,
no
human
actually
does
any
of
this
stuff.
Right,
like
it
comes
straight
out
of
some
automated
build
system
with
some
verifiable
trace
and
and
itself
approves
the
PR.
No,
no
a
human
can
approve
the
PR,
but
a
human
can
go
look
and
say,
like
click
here
and
say
that
the
build
system
produced
hash,
XYZ.