►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
hello.
Everyone
today
is
tuesday
september
14th
2021.
This
is
a
meeting
of
the
sig
release,
release
engineering
subproject.
This
is
a
meeting
that
will
be
recorded
and
available
on
the
internet.
So
please
be
mindful
of
what
you
say
and
do
please
be
sure
to
adhere
to
the
kubernetes
code
of
conduct
and
in
general,
just
be
awesome
people.
A
So
today
I
decided
to
do
something
fun,
for
you
know,
varying
definitions
of
fun,
we're
gonna,
do
a
live
demo
of
the
release
process
for
the
image
promoter
and
kind
of
all
the
prs
that
are
required
for
that.
So
I
figured
you
know:
I've
been
working
on
some
promotion
tool
stuff
lately
and
what
better
way
to
show
it
off
than
than
to
just
do
it
live
right?
A
So
I
see
that
there
are
a
bunch
of,
or
maybe
a
few
new
faces
on,
the
call
before
we
get
started.
If
anyone
wants
to
say
hi
introduce
themselves,
you
know
mention
why
you're
here
and
then
we
can
get
rolling.
B
C
A
E
F
G
G
Hi
everyone,
my
name,
is
mustafa.
It's
also
my
third
week
here
I
applied
to
the
shadow
team,
the
release
team.
I
applied
to
ci
signal,
but
I
didn't
get
it
so
I'm
just
attending
this
round
to
know
to
watch
and
know
more
about
the
process
of
the
release,
and
hopefully
I
apply
next
time
too.
G
B
C
Hey
everyone:
my
name
is
shivam
tagi
and
I'm
from
india.
So
previously
I
have
contributed
to
the
kubernetes
in
the
localization
effort
and
by
then
my
interest.
Kinda
grew
and
a
few
friends
suggested
to
attend
these
meetings.
Zoom
calls
and
here
wishing
to
learn
some
new
stuff
welcome.
A
Thanks
alrighty
is
there
anyone
else.
A
All
right:
well,
I
am
going
to
get
rolling
on
this.
I'm
just
doing
some
setup
in
the
background
and
closing
some
sensitive
windows.
H
A
A
Awesome
great
so,
while
we're
waiting,
can
you
okay,
you've
already
you've
already
actually
approved
the
pr.
A
I
want
to
see
if
there
are
any
objections
on
the
v3
module
before
we
proceed.
I'd
sent
that
out
yesterday,
I
don't
I
don't
know,
but
carlos
your
plus
one
adolfo
I'd,
love,
love
to
get
adolfo
or
veronica
would
love
to
get
a
plus
one
from
you
before
we
roll.
I
No,
no,
but
not
not
emotionally,
but
like
for
the
robots
like
do
I
have.
I
feel
that
some
for
some
tasks
when
I
put
the
ldt
tag,
sometimes
it
doesn't
do
anything
with
mine.
A
A
Access
once,
okay,
once
the
consensus,
is
complete
for
the
the
proposal
to
present
you
as
a
release
manager,
fully
fledged
release
manager,
you
will
have
approved
access
in
several
areas,
so.
A
Okay,
all
right,
so
I
I'm
going
to
get
rolling,
but
I
want
to
get
consensus
on
this
because
it
will
take
some
time
for
the
test
to
run
and
we
should
not
release
without
it.
So
if
everyone
is
good,
please
take
a
moment
to
go
into
that
slack
thread
and
mark
that
you
are
happy
to
see
a
v3
module.
A
A
A
So
how
many
people
are
familiar
with
the
image
promoter?
While
I
do
some
things
in
the
background
or
artifact
promotion
in
general
for
the
kubernetes
project.
A
Okay
and
I'm
looking
in
the
chat
not
too
much
a
few,
not
so
much
as
okay
and
knows
all
right,
so
the
so
kind
of
the
purpose
behind
the
started
off
in
I
want
to
say
2019
or
so,
if
maybe
the
early
parts
of
2019,
we
we're
kind
of
on
a
on
a
journey
to
create
some
approval
process
between
the
way
that
we
basically
the
way
that
we
move
artifacts
from
staging
environments
to
production.
A
The
the
background
there
is
that,
if
you're
familiar
with
like
the
the
working
group,
kate,
tinfra
working
group,
kate's
infra
is
responsible
for
working
group
kids
and
is
responsible
for
essentially
all
of
the
kubernetes
community
infrastructure
and
the
the
the
larger
mandate,
or
at
least
the
initial
mandate
of
moving
our
infrastructure
from
google-owned
infrastructure
over
to
kubernetes
community-owned
infrastructure
right.
A
So
we
wanted
to
ensure
that
folks
would
have
the
opportunity
to
contribute
to
kubernetes
in
the
same
way
or
or
like
you
know,
in
in
an
equal
way
compared
to
you
know,
regardless
of
of
what
company
you're
from
right.
So
because
kubernetes
was
was
you
know,
its
genesis
was
in
google.
A
lot
of
our
infrastructure
is
still
is
still
owned
by
by
google.
A
That
is
quickly
moving
to
community
owned
infrastructure,
which
is
really
awesome
to
see
so
part
of
you
know,
part
of
this
process
is
one
of
the
fun
things
you'd
see.
Is
that
often
you
know
we
may
not
be
able
to
put
push
changes
to
base
images
or
we'd
have
to
like
ping,
a
googler
to
be
able
to
do
that
or
find
the
right
googler
that
had
access
to
push
for
that
specific
image
right?
That
is
a
lot
less
true
today
than
it
than
it
was
before.
A
One
of
the
you
know,
one
of
the
artifacts
of
this
that
you'll
still
see
in
the
release
process.
Today.
The
kubernetes
kubernetes
release
process
today
is
that
the
last
mile
of
the
release
process
for
generating
the
debs
and
rpms
for
the
release
publishing
those
those
are
still
done
by
googlers
right.
A
So
we
have
this
team
called
the
google
build
admins
with
a
bunch
of
folks
that
you
may,
you
may
know
already
so
ben
elder
aaron,
krickenberger
omwat,
and
I
think
I
think
maybe
two
other
folks
around
that
that
group,
but
suffice
it
to
say
that
is
not
an
ideal
state
for
any
of
our
artifacts.
We
want
to
make
sure
that
everyone
can
contribute
in
the
same
way.
So
one
of
the
the
means
of
of
kind
of
doing
this
is
creating
this.
A
This
container
image
promoter
process
to
ensure
that
we
we're
able
to
one
people
are
able
to
push
things
to
a
to
staging
bucket
and
then
two
they're
able
to
then
promote
those
artifacts
into
into
a
production
space
right.
So
our
production
space
is
named
spaced
as
at
least
for
container
image.
Container
images
kates.gcr
dot
io,
that
is,
that
is
essentially
a
a
window
into
a
window
into
us.gcr.io
asia.gcr.io
and
eu
dot,
gcr
dot,
io,
right
and
forwarder
to
to
the
relevant
region.
A
A
If
you're
interested
in
seeing
more
about
reading
more
about
the
container
image
promoter
and
how
it
works,
I
won't
be
doing
too
much
of
the
introductory
I'm
happy
to
go
back
with
questions
later.
Take
a
look
at
that
as
well
as
this
here
and
while
that
is
happening,
I'm
also
going
to
release.
A
While
before
I
paste
that
link,
I'm
also
going
to
release
the
the
other
pr
and
then
we
can
walk
through
what
those
pr's
are
doing.
I
just
want
to
make
sure
that
the
it's
doing
the
retest,
while,
while
I'm
talking
so
nice
all
right,
so
we
can
see
that
this
pr
was
approved.
A
Away
we
go,
I'm
also
noting
that
I
put
a
squash
on
this
one
so
that
it's
when
it
merges
it,
it
will
be
a
single
commit
instead
of
the
commit,
as
well
as
the
merge
commit
cool.
So
here
is
here,
are
the
docs
that
explain
a
little
bit
more
about
managing
kubernetes
registries
and
kind
of
the
background
on
the
process
and,
if
there's
anything,
that's
missing
anything
that
you'd
like
to
see.
Please
feel
free
to.
Let
us
know
we're
hanging
out
in
release
management.
A
Slack
channel
as
well
as
you
know,
as
well
sig
release
on
on
slack
release
managers
at
kubernetes.io,
and
you
can
also
file
issues
in
any
of
our
repos
to
discuss.
So
so
this
init
v3
module.
I
will
not
go
into
too
much
of
the
fun
that
was
involved
in
getting
us
to
this
point,
but
we
had
bazel
and
a
repo
we
no
longer
have
basal
and
repo.
It
was
causing
issues
with
and
knitting
v2
plus
modules
for
go.
A
So
there's
lots
of
back
and
forth
transiting
packages
between
both
the
image
promoter
repo,
as
well
as
the
the
release
repo
to
get
us
into
the
state
where
we
were
able
to
update
some
of
these
packages.
That
is
no
longer
true,
so
I
ran
a
tool
called
mod
from
marwin
at
work,
which
is
pretty
simple.
All
it
does.
Is
you
know
it
walks
through
the
repo
and
you
can
you
can
pass
it
a
a
tag
or
a
version
to
bump
to?
A
You
can
also
just
do
this
manually,
but
mod
upgrade,
and
I
want
to
upgrade
to
v3
right,
so
I
had
actually
walked
this
repo
backwards.
It's
part
of
the
reason
I
wanted
to
record
this
I'd
walk
this
repo
backward
because
it
was
not
an
official
v3
repo
and
we
can
see
lots
of
fun
tags.
This
was
the
walking
backwards.
A
I
chose
the
sleep
tag
to
let
you
know
that,
like
something
weird
is
going
on,
but
we're
at
the
place
now
that
bazel
has
gone
from
the
repo
that
we
have
been
able
to
migrate
all
the
packages
in
as
well
as
as
well
as
continue
to
cut
releases
and
and
now
we're
at
a
place
where
we
can
cut
that
that
v3
release.
A
So
that's
what
we're
doing
today
walking
through
this
pr
super
quickly,
we'll
see
two
things
happening,
and
I
just
you
know
I
just
committed
these
as
separate
separate
commits
for
readability.
The
first
one
is
very
simple:
we're
just
adding
that
slash
v3
to
the
gomod
file.
A
So
just
a
bunch
of
e3's
everywhere,
nothing
too
exciting
about
this
pr,
and
then
the
release
commit
one
that
was
that's
on
track
to
merge
is
yeah,
so
it's
in
retest
right
now,
so
I,
the
retest
that
I
was
talking
about
if
you're
not
familiar
with
the
kubernetes
infrastructure.
A
Basically,
what
happens
is
we
have
a
bot
called
or
ci
cd
solution
called
pro
prow
is
in
control
of
many
of
the
jobs
that
run
across
the
project,
including
the
pre-submits,
so
they
they
report
to
github
context
how
the
tests
are
doing
in
general.
So
we
have
this
cla
check.
A
A
So
looking
at
tide,
if
you
ever
wanted
to
look
at,
you
know
see,
what's
going
on
with
the
pr.
In
particular,
you
can
see
that
it's
in
the
pool,
it's
in
the
tide,
pool
right
and
the
test
is
pending.
If
we
look
at
tide
status
overall,
we'll
see
that
there
are
a
bunch
of
things
going
on
in
tide,
so
for
kubernetes
kubernetes,
which
is
a
busier
repo
you've
got
you've
got
it's
waiting,
it's
got
two
pr's
and
a
batch.
It's
got
one
passing.
It's
got
a
few
that
are
queued
for
retest.
A
What
it
wants
to
try
to
do
is
is
make
the
most
efficient
merge
right,
so
it'll
try
to
batch
a
bunch
of
pr's
together.
If
your
pr
is
not
in
that
batch,
it
will
wait
until
that
batch
is
complete.
If
a
pr
is
like
a
candidate
for
merge
before
that
batch
is
complete,
it
may
add
it
to
the
batch
and
start
a
re-test
right.
A
So
that's
that's
what
some
of
these
statuses
are
for,
but
here
we
can
see
that
for
the
container
image
promoter,
repo
and
the
master
branch
we're
in
a
wait
pattern
and
it's
getting
ready
to
merge
that
commit
it's
just
waiting
for
the
tests
to
complete
right.
So
last
one
or
actually
it
looks
like
all
of
them
have
it's
just
waiting
for
the
context
to
update,
and
then
it
will
merge
this
pr
right.
A
So
all
right,
so
a
few
of
the
things
that
we
have
to
do
when
we're
doing
a
release.
Three
of
the
things
that
we
have
to
consider.
We
have
to
consider
the
release
content
itself,
generating
release
notes.
What
are
the
artifacts
that
we
produce
as
a
result
of
this
release?
Where
do
they
need
to
go
and
what
is
actually
referencing
them
once
they
get
to
where
they
need
to
be
right?
A
A
A
Three:
two:
zero
right,
so
container
image,
promoter
version,
3.2.0.
A
A
Okay,
all
right,
so
I
know
that
the
previous
release
of
of
the
container
image
promoter
was
241
right
so
because
I
know
that
I
can
kind
of
just
quickly
search
for
the
references
to
241
and
we're
going
to
do
just
a
quick
replacement
on
this
right
search,
replace
so
I'm
going
to
go
from
241
over
to.
A
This
url,
so
this
should
be
so
that
that
kind
of
short
name
that
I
was
mentioning
before
kates.gcr.io
io,
your
images,
your
container
images
promotion
is
happening
as
expected
should
land
in
essentially
a
namespace
repo.
So
it
would
be.
You
know:
kate,
stott,
gcr,
dot.
Io
are
maps
to
will
map
to
us
asia,
eu
dot,
gcr,
dot,
io,
slash,
kate's,
artifacts,
prod,
slash
the
name
of
your
project,
slash
the
name
of
your
image,
colon,
your
tag
right.
So
I'm
just
updating
that
here
to
be.
A
So,
quick
and
painless
now
the
k,
the
there's
another
promotion
tool
for
file
promotion
that
is
called
k-promo,
basically,
okay,
promotion
tool
or
whatever,
whatever
you
want
to
kind
of
posit
that
the
the
name
is
is
cool
with
us.
A
So
I'm
also
what
I
did
in
that
merge,
commit
and
I'll
I'll
show
that
and
what
I
did
in
the
the
squash
commit
and
I'll
show
that
in
a
bit
was
that
I
just
wanted
to
get
these
versions
in
line,
because
the
the
end
state
for
these
images
then
say
for
all
of
the
tools
in
this
repos
that
it
will
be
one
tool
right:
one
tool
that
we
can
just
pick
up
and
go
and
do
file
promotion
or
image
promotion.
A
And
if
there
is
some
time
I
will
try
to
walk
through
quickly
some
of
the
file
promotion
stuff.
But
I'm
going
to
change
the
tag
here
for
the
for
the
promotion
for
the
k,
promo
tool
as
well
right.
So
that
has
been
changed.
I'm
gonna
just
do
a
git
diff
and
see
what
I
actually
changed
and
scrolling
down
just
spot
checking
and
that's
cool
awesome
all
right.
So
I'm
going
to
do
commit
to
that's
the
config
directory,
make
sure
I
sign
my
commits
I'm
going
to
say
this
is
relinch.
B
Bump
images
to
the
yeah
two
zero.
A
Cool
sweet.
So
please,
if
you
have
questions
okay,
cool
all
right,
but
please,
if
you
have
questions,
feel
free
to
shout
them
out,
because
I'm
showing
my
screen,
I'm
also
not
looking
at
the
chat.
A
A
I
was
trying
to
hit
escape
and
escape
was
jim,
whatever
push
all
right,
so
I'm
just
showing
you
know
that
those
are
my.
Those
are
my
remotes.
So
I'm
pushing
to
my
my
fork.
A
A
A
And
I'm
just
gonna
leave
some
breadcrumbs
here,
but
because
one
this
release
doesn't
exist
yet
and
the
images
do
not
exist
in
these
locations.
I
want
to
make
sure
I
hold
this
pr,
so
I
don't
cause
a
disruption
for
tests
that
are
actually
using
this
or
release
image
promotion
cool,
so
we've
got
another
pr
submitted
now.
Where
do
we
need
to
go
next?
Well,
honestly,
we
need
to
wait
for
this
image.
We
need
to
wait
for
this
release
commit
to
merge.
A
So
I
guess
in
the
meantime,
we
will
look
at
cip
mm,
which
is
container
image.
Promoter
merge
manifest
now.
This
is
a
really
fun
thing
that
all
right,
we'll
stay
on
vp,
actually
we'll
switch
over
to.
A
And
that's
gonna
land
in
my
my
binary
directory
for
go
and
my
computer
is
funky
with
the
gopath.
I
won't
try
to
fix
that
on
this
call,
but
suffice
it
to
say
I'll
use
the
full
path
for
the
next
operations.
A
So
I'm
going
to
go
over
here,
I'm
now
in
the
kate's
dot,
io
repo,
and
this
one
is
on
main
and
I'm
going
to
do
a
remote
update
right
and
just
to
to
to
take
a
look
at.
B
A
Actually,
cool
all
right,
so
this
won't
work
immediately,
but
I'll
show
you
so
you
know
say
if
we
look
at
crane
and
we
do
crane
digest,
say
gates,
dot,
gcr,
dot,
o
slash,
artifact
promoter,
slash,
cip,
come
on
e2
right.
We
should
see
something
there
right
get
to
digest.
A
So
that's
the
digest
as
well
as
if
you
want
to
see
the
manifest.
That's
manifest
right
now.
A
If
we
were
to
do
the
same
for
three
two
zero
again,
we
should
get
a
bad
response
right,
so
what's
happening
in
the
background.
Hopefully
this
thing
is.
A
Okay,
all
right,
it's
merged.
I
think
it's
merged.
A
It's
merged,
sweet
all
right.
We're
gonna
jump
back
into
that
repo
really
quickly
and
do
the
stuff
that
we
need
to
do
to
do
releases
all
right.
So
really
simple,
since
we've
got
that
merge,
commit
we've
got
a
squash
commit
so
on
the
top
of
this
repo
right
now
should
be
some
new
commits,
and
I'm
just
gonna
reset
again.
I
do
reset
because
I'm
paranoid,
that's
super
cool.
If
we
do
really
quick,
we
can
see
that
release
commit
has
popped
up.
A
If
we
want
to
see
extended
part
of
the
log,
you
can
see
that
right
see
these
are,
and
we
can
also
see
that
this
commit
is.
A
All
right,
I
forgot
the
flag
anyway,
not
super
important.
I'm
gonna
hit
that
tag
dash
s
all
right
so
what's
happening
here
is.
I
am
dash
s
for
signed
dash
m
for
the
message.
I
am
basically
I'm
creating
a
v320
tag
and
I'm
just
setting
the
message
to
the
version
number
right.
This
will
create
a
signed,
annotated
tag
for
git
to
use
that
we
can
release
off
of
and
now
right.
We
can
see
that
that
tag
is
there.
A
A
Instead
right
so
I
tend
to
use
git
for
personal
operations,
including,
and
then
my
origins
are
usually
set
to
https,
because
if
I
decide
that
I
will
want
to
go
through
the
the
fun
of
finding
my
token
and
putting
it
into
github
token
and
and
doing
the
authentication,
then
I'm
I
usually
don't
I
usually
don't
so.
I
tend
to
only
use
the
https
when
I
know
I'm
just
pulling
and
I'll
use
git.
If
I
know
I'm
doing
some
sort
of
potentially
destructive
operation
right.
A
So
now
I'm
going
to
do
a
potentially
destructive
operation,
which
is
to
push
up
the
tags.
J
A
Not
very
often,
but
on
the
on
the
off
chance
that
we
need
to
collaborate
on
a
pr
and
someone's
got
some
work
in
progress.
You
know
the
the
commits
by
default.
Will
the
branches
by
the
rather
the
prs
by
default
will
allow
edits
from
maintainers?
So
if
I
need
to
jump
in
and
do
something
to
one
of
those
branches
I
do
will
be
able
to.
A
I'm
not
going
to
show
off
the
release,
notes
tool,
because
again
I
would
have
to
go
find
my
find
my
token
and
accidentally
leak.
It
live
and
we're
just
not
going
to
do
that.
So
I'm
part
of
a
an
alpha
right
now
for
for
github's
auto-generated
release
notes.
So
I
have
access
to
do
what
I
just
did,
which
is
essentially
automatically
generate
some
release,
notes
right,
so
it's
pretty
sweet
and
then
you
know
it
also
gives
a
little
link
to
the
change
log,
which
you
can
thumb
through
at
your
leisure.
A
What's
interesting
is
that
it
okay
right
that
was
that
wasn't
even
last
release,
that's
interesting!
So
when
something
to
think
about
later.
So
when
the
versions
change
the
major
version
changes,
there
might
be
a
logic
issue.
Our
most
recent
release
was
one
three
three:
nine
dot
zero
and
the
most
recent
three
release
was
3.1.0.
A
Just
saying
that
for
context,
all
right
so
off
to
the
races
hit,
publish
on
this
release,
three
two
zero
is
live
all
right
and
we've
got
this
little.
You
can
see
the
contributors
and
you
know
if
we
poke
into
my
email.
We
can
see
that.
A
That's
the
first
time
I'm
seeing
it
so
interesting,
but
anyhow
like
if
you're
subscribed
to
the
repo
subscribe
to
the
releases,
you
would
have
just
gotten
an
email
but
hey
new
release,
sweet
all
right
cool,
so
now
what's
happening
in
the
background.
Is
there
is
an
image
build
happening
right?
So
I'm
going
to
jump
over
to.
A
Let's
do
that
nope
I'll,
see
you
post
right
host
image,
oh
cip,
push
image
cip
1103!
That
recently
ran,
which
means
we
are
almost
off
to
the
races
right.
So
within
each
repo.
That
kind
of
subscribes
or
repo
that
chooses
to
subscribe
to
the
image
promotion
process
and
kind
of
the
way
that
we
have
a
few
things
set
up.
They
will
have
a
cloud
build
file
cloud
build
file
will
eventually
at
the
end
of
it.
You
should
get.
Don't
worry
about
the
red.
A
You
should
get
a
few
images
spit
out
right.
We've
got
this
k
k-promo
one,
and
these
are
running
in
parallel.
The
way
this
cloud
build
is
configured
right
now.
I
will
show
that
very
quickly
right.
So
it's
you
know
running
with
a
reasonable
timeout.
It's
using
a
larger
machine.
It's
allowing
for
substitutions
to
be
missing
substitutions.
Is
the
cloud
build
verbiage
for
environment
variables,
essentially,
and
then
we
can
see.
We
have
some
substitutions
set
here.
A
Poll
base,
ref,
git
tag,
image
version
go
version
and
the
code
name
for
the
os,
which
is
currently
buster
right.
I've
tagged
this
as
both
cip,
as
well
as
k,
promo,
because
we're
producing
both
images
and
then
it's
going
to
expect,
there's
still
some
weirdness
to
work
out
with
the
cip
ones,
in
particular,
for
the
image
checks,
but
it's
going
to
expect
at
the
very
least
that
the
k-promo
images
for
amd64
are
released
with
these
versions,
image,
image
version,
image,
tag
and
latest
right.
A
So,
theoretically
you
could
use
the
gcr.io
slash,
kate's,
staging
artifacts
promoter,
slash
kpromo,
amd64
latest
in
your
jobs
and
as
long
as
you're,
okay
with
us
pushing
new
content
to
those
jobs,
you
you'll
be
able
to
implement
that
right.
So
two
steps
in
this
this
this
file,
one,
is
the
make
make
with
some
environment
variables
image
push
right.
That's
the
one
for
the
container
image
promoter.
The
second
one
is
bash.
A
Now
we're
doing
some
a
few
different
variables
dash
so
bash
dash
c
we're
doing
a
g
cloud
off
to
just
to
make
sure
docker
is
configured
and
then
we're
doing
a
make.
Dash
f
make
file
separate,
make
file,
but
a
make
manifest
right.
A
So
if
you
want
to
check
out,
you
know,
we've
got
them
split
since
we're
not
merging
those
two
code
streams
just
yet,
but
the
results
of
this
will
be
output
on
will
be
output
in
prowl
and
spyglass
more
specifically,
and
then,
if
you
wanted
to
see
the
logs
for
that
job,
I'm
just
gonna
point
out,
because
I'm
not
sure
a
lot
of
people
know
about
this,
but
this
wait
for
you
can
assign
ids
to
separate
steps
in
cloud
build
in
cloud
build
configs
and
by
default
this
by
default.
A
Every
step
will
wait
for
the
previous
step
to
have
completed
and
if
not
it
backs
out
right.
The
wait
for
is
basically
saying
I'm
not
waiting
for
anything
right,
so
these
steps
will
run
in
parallel
instead
of
instead
of
one
after
the
other
right,
which
is
kind
of
cool,
which
means
we
can.
You
know,
shave.
You
know
a
few
minutes
off
of
the
image
build
time
and
we
can
see
within
the
execution
details
what
what
some
of
these
variables
end
up
becoming.
A
We've
got
the
os
code
name,
buster,
still,
the
same
whole
bass,
ref
master,
the
get
tag
is
basically
it's
the
previous
tag
now
that
the
now
that
the
repo
is
at
a
new
version,
the
next
time
this
runs,
it
will
be
the
date
v,
the
date
dash
basically
giddish
shah,
which
is
the
the
tag
the
tag
dash.
A
The
last
commits
since
the
last
the
commits
since
the
last
tag,
so
the
40
commits
42
commits
ahead
of
the
v
v,
133
8.0
and
then
a
short
version
of
the
the
current
shot
right.
So
it's
build
id
the
go
version
and
some
other
details
right.
So
it's
expecting
that
I
would
have
produced
that
image
and
there's
a
link
to
that
image.
A
So
it
does
indeed
exist
on
the
registry
now,
which
means
I
can
go
back
over
to
the
case.io
repo
right
and
I
can
actually
instantiate
the
the
the
manifest
promotion
right
so
to
do
that,
I'm
going
to
hop
into
the
kates.gcr
dot
io
folder,
which
contains
all
the
image
manifests
and
then
I'm
going
to
run.
Hopefully
I
have
it
in
scroll
back
close
enough
great.
So
the
first
one
I'm
running
is
I'll:
do
the
I'll
do
the
promoter
I'll
do
the
file
promoter
too?
A
All
right,
so
I'm
telling
cipm
to
or
again
container
image
promoter
merge,
manifests
to
start
a
used
space
directory
as
the
director
that
contains
all
the
manifests.
I
want
you
to
jump
into
this
staging
repository,
which
is
staging
repository
that
we
just
pushed
you.
I
want
you
to
filter
by
images
named
kpromo.
This
is
not
a
greedy
search.
This
is
the
exact
name
of
the
image,
and
then
I
want
you
to
filter
by
the
tag
the
expected
tag
for
cake,
promo
right
drop
the
time
in
there.
A
It
should
be
quick
right,
so
it's
parsing
through
all
the
manifesto
in
that
directory.
It
is
rendering
an
update
to
the
images.yaml,
and
we
can
see
this
update
if
we
just
pop
in
to
code.
A
The
tools
later
all
right,
so
the
artifact
promoter-
you
can
see
that
it
now
has
updates
right.
What
are
these
lovely
updates?
We
can
see
that
it
has
added
something
to
the
digest
map
and
the
something
that
is
added
to
the
digest.
Map
is
the
digest
of
the
image
that
we
are
choosing
to
tag
as
three
two
zero
dash
one
for
cape
promo
right,
the
next
one
I
will
do
is
for
our
next
trick.
A
We
will
do
three
two
zero,
because
this
one
doesn't
have
a
revision
number
and
then
actually,
we
will
drop
the
filter
tag
because
we
want
to
catch
both.
The
auditor
image,
as
well
as
oh.
A
They
might
be
tagging
as
the
shaw
and
that
that
git
sha
that
we
showed
earlier
and
not
the
version
itself,
which
is
fixable
but
yes,
10
minutes
ago
we
dropped
this
2021
914
1338.042
ge,
and
if
you
recall
that
is
the
thing
that
we
looked
at
previously.
A
A
All
right
so
now
we've
got
some
fun
new
updates
here
right,
so
the
first
one,
the
two
that
we
care
about
are
here
here
and
here
and
then
we're
gonna
drop.
This
k,
promo
amd64
one
because
it's
actually
included.
This
is
a
a
single
image
digest
and
it's
actually
included
as
part
of
the
fat
manifest
for
k-promo
already
right,
it's
one
of
the
architectures
for
k-promo.
A
So
we
don't
need
to
include
both
for
the
promotion
right,
but
we
will
do
an
edit
here
for
three
two:
zero
note
that
that
shot
that
just
came
in
I'm
gonna
edit
this
so
that
for
production
we
want.
We
want
nice,
clean
tags
for
use,
so
we're
just
going
to
edit
those.
Now.
If
the
staging
repository
had
already
supported
that,
then
we
could
have
just.
We
could
have
just
pulled
and
used
cipm
to
pull
in
the
exact
tag,
but
we
will
fix
that
in
a
follow-up
all
right.
A
So
let's
look
at
the
diff
one
more
time:
okay,
right!
So
we're
only
promoting
these
three
images-
cip,
cip
auditor,
as
well
as
cape
promo
right-
and
I
am
going
to
commit
this
case-
all
right,
so
relax,
remo
tools.
A
So
basically,
the
the
to
minimize
the
meeting
controls
or
the
floating
meeting
controls
you
use
escape
and
I'm
also
using
escape
to
stop
doing
edits
or
get
out
of
insert
mode
in
bim,
which
is
why
it's
doing
that
fun
thing
all
right,
so,
cip,
it
promo
push
right.
We
are
jumping
into
the
repo
and
so
one
release
managers.
Please
take
a
look
at
this.
B
A
B
A
A
Right-
and
we
always
want
to
try
to
leave
these
breadcrumbs
around
so
that
you
know
if
it
comes
down
to
investigation
about
like
what
was
wrong
with
an
image
and
why
and
what
was
the
content
in
the
image
beforehand?
We
kind
of
can
retrace
our
steps
right,
so
I
try
to
always
do
this
and
then
we're
just
gonna
say
image.
Bump
vr
is
here.
A
A
We
will
I
was-
I
was
going
to
go
back
to
that,
but
I
wanted
to
get
the
the
thing
up
first.
So
if
we
do
it,
you
know
we
can
do
this
digest
again.
I
pop
the
pr
in
the
chat.
Please
release
managers.
A
Please
approve
that,
so
I
want
to
show
off
first,
you
know
within
so
I
mean
we
almost
don't
need
to
do
this
step,
because
the
fact
that
we
were
able
to
to
scrape
those
digests
and
see
in
the
cip
command
means
that
they're
available
our
this
one
will
not
be
available
because
we
remember
it
was
the
sha
and
not
a
tag
or
a
shop
or
tag
like
sha
or
shaw
like
tag
as
opposed
to
the
production
tag.
But
if
we
do
this
for
the
cape
primo,
one
foreign.
A
All
right,
so
that's
the
amd
64
manifest
that
I
was
talking
about
and
the
one
that
we
had
just
want
to
show.
I
just
I'll
show
quickly
that
like
if
I
was
to
run
cipm
again.
A
Right,
but
for
k-promo,
actually
not
for
k-prime
yeah,
4k
promo
well,
not
for
k-promo!
I
want
to.
I
want
to
pull
out
that
amd641
right,
so
it's
going
to
run
it
and
you'll
see
there's
a
diff
again.
I
just
want
to
show
that
the
k-promo
amd64
image
is
indeed
it
indeed
has
the
same
digest
as
what
we
just
grabbed
from
this
fat,
manifest
right
so
digest
for
the
amd
64672b
672b
right.
A
So
it's
doing
functionally
the
same
operation
and
it's
actually
using
some
of
the
using
some
of
the
ggcr
libraries
to
do
so
right.
So
roughly
the
same
flow
right,
so
we're
gonna
go
back
and
see.
A
Wow
that
was
really
great
and
quick.
Okay.
So
what
happens
after
one
of
these-
and
this
is
kind
of
you-
know
the
magic
of
the
image
promoter
and
why
we
kind
of
have
this
flow,
so
no
note
so
basically
walking
through
the
flow
of
what
I
did
right.
I
did
a
new
release
for
my
project.
Right
pretend
I
am
not
a
you
know
pretend
I'm
not
a
release
manager
for
the
project.
I
am
maybe
a
release
manager
for
a
a
sub
project
within
the
kubernetes
space
right.
I
did.
A
I
created
some
new
content
through
this
call
right
or
merged
some,
some,
some
newer
content
through
this
call,
I
created
a
commit.
I
wired
up
my
repo
with
a
cloud
build
file
and
you
know
the
respective
things
needed
to
to
to
make
it
work,
and
I
pushed
some
new
images.
I
grabbed
the
images
from
the
staging
repository.
A
I
ran
a
command
to
generate
a
manifest
or
update
a
gener,
a
pre-generated,
manifest
to
grab
the
digest
of
that
of
that
that
new
staging
image
and
then
I
issued
a
pr
right
and
the
pr
was
merged
by
people
who
were
on
you
know
who
are
on
my
team,
our
approvers
for
that
space.
A
The
changes
should
now
get
lifted
from
the
production
area
into
from
the
staging
area
into
production
right.
So
let's
see
if
that
actually
happened
right.
So
what
I
did
was
I
went
to
prow.
I
searched
promo,
because
promo
is
basically,
you
know,
is
the
the
suffix
for
most
of
these.
A
These
image
or
file
promotion
jobs
right
now,
I've
done
that
we
have
something
called
the
post,
case.io
image
promo
if
you're
familiar
with
kind
of
like
the
you
know,
the
the
the
structure
of
you
know
the
naming
at
least
the
nomenclature
for
our
our
tests.
What
we
usually
do
is
prefix
of
post
or
ci,
or
pull
right.
Pull
for
pre-submits
post
for
post
submits
ci
for
periodic
jobs
right.
So
what
just
happened
was
a
post
submit
ran
on
the
case.io
repo
for
image
promotion
right?
A
If
I
jump
into
that
post
submit
so
note
before
what
we
looked
at,
was
the
post
submit
for
the
cip
repo
to
push
the
image
for
cip
right,
so
that
was
the
previous
postmate
that
we
looked
at
the
new
post
event
that
we're
looking
at
is
very
long
log,
because
it's
basically
walking
through
all
of
the
image
digests
that
exists
in
the
kate,
sideio
repo
right.
A
So
looking
at
the
case.io
repo,
we
can
see
that
all
of
these
you
can
see
that
all
of
these
projects
right
all
these
projects,
add-on
manager,
api
snoop,
artifact
promoter
and
each
of
these
projects-
will
have
their
own
set
of
images
right
so
dropping
into
like
ci
images
is,
I
was
going
to
say
it's
a
great
example
dropping
into
like,
say:
relange
right.
We
have
a
decent.
You
know
we.
We
have
a
few,
a
few
different
images.
A
If
we
drop
into
you
know,
I
guess
what
would
be
the
canonical
example
for
kubernetes
the
project
overall
kubernetes
kubernetes,
we
can
see
we
have
a
bunch
of
like
for
performance
reasons.
Document
symbols
have
been
limited
to
5000
items
like
that's
how
many
digests
are
in
here,
because
we
are,
we
have
been
doing
the
image
promotion
for
a
while
now
for
the
kubernetes
kubernetes
repo.
But
again
you
see
conformance
you've
got
a
conformance
arm
for
all
the
architectures
conformance
api
server,
scheduler
controller
manager,
so
on
and
so
forth
right.
A
So
there
are
a
lot
of
images
to
scan,
which
means
we're
going
to
get
a
decent
amount
of
logs.
So
what
the
image
promoter
is
doing
is
it's
walking
through
it's
reading
all
the
stuff?
It's
like.
Hey
I've
read
this
registry.
I've
got
the
information
that
you
want.
It's
going
to
compare
it
to
these
manifests
and
see.
If
there's
a
diff,
is
there
if
there's
a
diff,
it's
it's
going
to
say
like
well.
A
These
are
the
ones
I
need
to
promote
and
you
can
see
that
happening
towards
the
bottom
of
these
logs,
eventually
we'll
make
them
more
human
readable.
But
that
will
not
happen
on
this
call.
A
But
pending
promotions
right,
we
get
down
to
this
inventory
2107
pending
promotions
here,
and
I
will
just
make
the
screen
that
was.
That
was
not
super
helpful,
actually.
A
A
See
if
this
is
okay
on
a
refresh
all
right-
and
we
can
see
this
this
job,
ultimately,
it
only
had
a
few
things
to
do.
It
took
a
minute
and
24
seconds
and
part
of
that
time
was
spent
in
like
provisioning
of
the
infrastructure
right
so
again
we're
loading
the
log-
and
hopefully
you
can
see
it
a
little
better
now
that
it's
magnified
but
towards
the
bottom,
we'll
see
that
that
2107
line
will
tell
you
about
the
pending
promotions
right,
pending
promotion
from
the
staging
artifact
promoter
repo.
A
I
want
to
take
the
cip
image
with
this
version
and
bring
it
up
here
and
here's
the
digest
that
I
should
be
looking
at
to
promote
same
is
true
for
the
auditor
and
k-promo
so
on
and
so
forth,
and
we
see
copies
of
these,
which
are
basically
saying
hey.
These
are
copies
for
each
of
the
registries
that
we're
pushing
to
right.
So
it's
it's
going
to
it's
going
to.
A
Eu
that's
and
then
that
backing
case.gcr.io
is
going
to
front
each
of
those
right
and
now
again
we
can
work
on
some
log
improvements,
but
this
is
the
actual
request.
A
It's
begun
the
promotion
and
it's
going
from
again
that
staging
up
into
production
and
it's
using
this
service
account
the
name
of
the
image,
the
sha,
the
tag.
Okay,
we
did
it
right
so
now,
let's
see,
did
we
do
it?
Did
we
actually
do
it.
A
All
right,
gotta
digest
and
note
the
url
or
the
fqin,
whatever
you
wanna
call
it
for
the
auditor
and
finally
for
k-promo.
A
A
B
Now
needs
the
other
product
right.
It
now
needs
the
new
flag.
A
Yeah,
so
what
we
should
have
done
was
support
both,
but
let's
go
fix
that.
A
Is
anybody
else
getting
dizzy
from
jumping
around
from
robot
reba?
No,
just
me
cool
all
right,
so
I
want
to
search
each
of
the.
A
D
A
A
A
A
And
I
know
I
know
that
we've
gone
quite
a
bit
over.
I
appreciate
everyone
hanging
out,
I
hope
you're
enjoying
yourself,
and
this
is
a
useful
spend
of
everyone's
time
all
right.
So
now
we're
also
going
to
search
for
this
see
if
there's
anything
happening
with
the
auditor
all
right.
So
we've
got
this
pole
auditor
e
to
e
all
right,
nothing
to
do
there
because
we're
not
actually
using
auditor
image,
but
one
more
time
here.
A
Manifests
confirm
so
these
are.
These
are
running
in
trusted
environments,
essentially
right.
So
this
these
have
special
credentials.
They
have
service
account
names
that
are
bound
their
kubernetes
service
accounts
for
gcp
bound
into
service
accounts
for
kubernetes
used
on
these
pro
clusters.
So
we
can
see
that
this
service
account
name
for
kate's
infra,
gcr
promoter.
A
And
same
is
true
here
right,
so
these
are
all
production
runs
these
ones
that
are
here.
You
can
see
that
there's
no
service
account
here.
It's
just
doing
a
dry
run
right,
so
we
want
to
make
sure
that
it
does
not
have.
We
do
not
have
access
to
do
destructive
actions
within
a
pre-submit,
because
that
means
that
literally
anyone
could
come
to
your
repo
generate
a
hostile,
manifest
and
issue
a
pr
that
would
automatically
run
the
pre-submits.
A
If
it's
running
in
a
trusted
environment,
it's
going
to
do
bad
things
if
that
is
actually
a
hostile
manifest.
So
you
want
to
prevent
that.
So
that's
why
those
don't
have
service
accounts
attached.
A
A
I'll
do
this
in
two
phases.
Actually,
I
will.
A
All
right,
some
some
get
trickery
I'll,
add
config
men's,
but
just
so
that
we
can
actually
see
this
move
forward
during
the
call
you'll
note
that
there
are
a
bunch
of
different
directories
here,
one
is
sig
release.
One
is
test
infra
one's
kate's
infra,
but
you
can
see
that
within
this
trusted,
there's
a
relinch
section
that
we
have
approval
to
relent
trusted
as
well
as
approval
for
the
pre-submits.
A
What
I'm
gonna
do
is
I'm
gonna
issue,
two
pr's
right,
the
first
pr
we'll
see
on
the
call
hopefully
see
merge
on
the
call
will
be
for
will
be
for
the
relinch
stuff
and
then
we'll
roll
forward
the
test
interest
stuff,
since
that
can
be
a
bit
no
easier.
A
Should
be,
but
now
I'm
going
to
grab
this
change
that
I
done
before.
Let's
look
at
pretty
right,
so
I'm
just
going
to
grab
what
happened
in
this
pr.
A
This
vr
and
make
sure
I
keep
that
somewhere
super
safe
scratch
pad
and
again
just
looking
at
this
file
that
we
changed
that
we
are
going
to
now
unchange
for
a
brief
portion
of
history
check
out
margin
faster,
just
that
file
right.
So
now
we
can
see
that
we
have.
A
Right
now,
if
I
just
do
again
for
super
paranoid
sake,
diff
head
on
name
status
and
we
can
see
that
just
those
two
files
have
changed
so
now
we're
going
to
push
that
up.
A
All
right,
so
that
is
happening,
and
I
will
say
this.
A
All
right
so,
whenever,
whenever
we
leave
these
breadcrumbs
or
we
do
holds
and
stuff
like
that,
you
should
you
should
also
try
to
come
back,
and
you
know
if
you
said
you
were
going
to
hold
something
for
a
reason,
and
the
reason
is
you
know
has
been.
The
condition
has
been
satisfied.
A
You
should
come
back
and
just
kind
of
you
know
say
this
was
done
right.
So
it's
really
it's
her
for
all
contributors,
but
in
particular
it
may
be
being
nice
to
your
future
self,
when
you're
trying
to
debug
something
that
went
weird.
B
A
So
we're
gonna
just
copy
what
dolphos
we're
gonna
say:
hold,
cancel.
A
All
right-
and
this
is
just
trying
to
be
like
good
hygiene,
especially
for
the
recording.
A
A
I
did
recap
right
before:
okay,
all
right
so
for
this
last
pr
we'll
do
reshare,
quick
all
right.
So
for
this
pr.
Basically,
what
we
did.
We
did
a
lot
of
search
and
replaces
right
and
again
walking
through
the
pr
step
by
step
the
first
part
of
the
search
and
replace
that
we
did
was.
We
did
it
prior
to
kind
of
put
this
pr
up
closer
to
the
beginning
of
the
call
we
did
it
to
kind
of
like
intuit
the
the
changes
that
we
were
gonna
make
right
and
kind
of.
A
Have
the
test
run
see
if
anything
was
going
to
to
to
get
mad
at
us,
so
to
speak
any
of
the
presidents
we're
gonna
yell
right,
but
we
also
put
this
pr
on
hold
right.
We
put
this
pr
on
hold
because
one,
the
the
the
release
itself
did
not
exist
and
the
image
promotion
pr
did
not
exist
either
right
the
image
promotion
pr
did
not
exist
because
the
release
didn't
exist,
release
and
the
and
the
staging
image
didn't
exist
right.
So
we
kind
of
like
walked
through
looking
at
that.
A
You
know
whether
or
not
the
digest
was
there.
We
looked
at
the
we
looked
at
the
the
logs
for
the
stage.
The
stage
image
builds
themselves.
We
looked
at
creating
the
digest
or
updating
the
manifests
to
include
the
digest
from
staging.
Once
those
jobs
had
completed,
we
issued
a
pr
to
kate's
dot
io
to
actually
initiate
the
promotion.
A
A
The
test
in
for
pr
is
meant
to
actually
flip
any
of
the
the
the
proud
jobs
that
are
using
the
older
images
to
use
the
new
images
right
so
again,
walking
through
this,
it's
a
bit
of
a
search
and
replace
one
we're
using
the
canonical
kates.gcr.io,
slash
name
of
your
project,
slash
image,
name,
colon,
your
tag
right
as
opposed
to
the
the
region,
specific
artifacts,
prod,
artifact
promoter,
so
on
and
so
forth.
Right,
so
we're
updating
from
the
241
image
up
to
the
three
to
zero
image
and
you'll.
A
See
again,
it's
mostly
search
and
replace
here,
but
as
adolfo
noted
on
the
on
the
pr
in
review,
some
of
the
flags
had
changed
between
the
241
version
and
the
three
two
zero
version.
So
you
want
to
always
make
sure
that
the
the
command
that
we're
passing
is
the
right
command,
or
else
the
test
will
fail
right.
So
we
went
from
cip,
just
cip
to
cip,
run
right
and
the
reason
that
we've
kind
of
like
ergonomically.
We
want
to
do
different
things.
A
We
may
want
to
do
an
audit
versus
a
run
or
we
might
want
to
generate
the
manifests
and
as
these
two
tools
merge
together,
we
want
to
make
sure
that
they
kind
of
fit
in
the
right
way
the
two
tools
being
the
file
promotion
process,
as
well
as
the
the
image
promotion
process.
I
wanted
to
cover
some
of
the
file
promotion
stuff
today,
but
we
can
do
that
in
another
demo,
no
biggie,
but
as
as
part
of
the
transition
from
241
into
three
to
zero.
There
was
a
pr
to
move
this
into.
A
Instead
of
using
the
flag
set
the
the
flag
package
within,
go,
we
moved
over
to
cobra
to
match,
essentially
the
the
ergonomics
of
all
the
other
release.
Engineering
tools
right
so
with
cobra.
You've
got
this
unless
I
believe,
unless
you're
doing
like
a
short
variable
declaration
or
something
you've
got,
these
you've
got
two
two
hyphens
for
the
flag:
instead
right,
so
we're
updating
the
hyphens,
we're
adding
that
run
and
then
and
then
that's
and
then
for
the
production
jobs.
A
We're
adding
this
confirm
flag,
we
flipped
from
dry
run,
equals
false
to
confirm
confirm,
is
a
bit
more
positive.
If
that
makes
sense,
essentially
what's
happening
with
dry,
one
run
equals
false.
There
was
a
logic
mismatch
at
some
point,
but
for
go
lang.
The
boolean
default
value
is
false
right.
So,
if
you
have
a
flag,
called
dry
run
and
you
don't
have
it
wired,
you
don't
have
it
wired
to
default
value
of
true.
A
If
the
flag
is
not
set,
its
default
value
will
be
false,
which
means
for
runs
that
don't
include
the
flag
explicitly,
they
will
be
production
runs,
so
we
wanted
to
invert
that
logic.
So
now
it's
confirmed.
I
really
do
want
a
production
run
of
this,
as
opposed
to
dry
run,
equals
false,
which
is
also
true
when
it
is
not
present
right,
very
bad.
So
those
are
all
the
changes
and
then
you
know.
A
I
also
went
to
my
local
and
I
said:
let
me
build
the
tool
and
just
look
through
the
flags
really
quickly
to
make
sure
that
I
am
choosing
the
right
flags
right,
so
that
confirm
flag,
that
we
talked
about
the
thin
manifest
directory
flag,
which
is
primarily
what
we
use
for
the
promotion
of
of
all
projects
and
then
and
then
for
a
few
of
the
jobs.
We
also
use
this
vulnerability
severity
threshold.
So
that
is
was
that
a
good
recap.