►
From YouTube: Kubernetes SIG Release for 20230516
Description
Kubernetes SIG Release for 20230516
A
Hey
everyone
and
Welcome
to
our
weekly
sick
release
meeting
and
this
meeting
at
ucdcncf
code
of
conduct,
which
basically
boils
down
to
be
mindful,
which
is
that
and
be
excellent
to
each
other
I
pasted
the
link
to
the
agenda
in
the
chat
and
I
also
shared
it
here
with
you
so
feel
free
to
add
yourself
to
the
list
of
attendees
and
Marco
will
take
notes
today.
So
thank
you
for
that.
It
looks
like
we
have
a
bunch
of
new
Forks
today
on
board.
B
A
D
Sorry,
can
you
hear
me
now:
yeah,
okay,
Scott
from
Red
Hat
I
was
just
curious
to
follow
along
the
meetings
and
see
how
this
go.
I'll
add
my
name
to
the
list.
E
E
F
Yeah,
so
for
the
folks
who
are
new
to
the
release
team,
it
can
be
confusing.
So
the
release
team
is
a
sub
project
of
Sig
release
and
we
will
have
our
first
meeting
on
Wednesday
depending
on
where
your
time
zone
is,
but
it
should
also
be
on
your
calendar.
A
G
Those
two
items
so
maybe
I
can
start
cumulative
Specialists
for
me
are
scheduled
for
tomorrow,
for
as
late
Veronica
will
take
care
of
them
and,
if
needed,
I
think
gym
will
help
in
the
U.S
time
zone.
If
you
need
a
hand
over
so
keep
an
eye
on
that,
we
have
some
failing
tests
on
informing
dashboard
for
124,
but
I
will
follow
up
with
folks
from
Sig
windows.
I
think
that
I
know
what
needs
to
be
fixed.
So,
let's
see
with
them
about
that.
G
Also.
Another
thing
that
I
wanted
to
mention
is
that
I
picked
up
the
OBS
deformation
again
and
I
added
an
item
with
a
little
bulletin
board,
because
this
is
the
first
time
we
have
at
least
that
I
know
the
first
time
that
we
have
per
cap
or
fair
project
board,
so
I'm
planning
that
I'll
show
how
I
organize
it
because
it
might
be
useful
for
other
boards
and
other
folks
and
I
think
this
is
mostly
E3,
at
least
from
my
side.
G
A
And
we
can
probably
mention
because
I
thought
right
now
that
we
close
most
of
our
project
boards,
like
the
release
team
project
board
and
the
release
engineering
project
boards
are
now
close
in
favor
of
more
Project
Specific
boards,
like
we
have
project
boards
for
our
initiatives,
and
we
are
working
on
right
now,
together
with
our
roadmap,
so
those
are
Obsolete
and
those
those
are
also
closed.
F
It
release
has
officially
started
we'll
have
our
first
meeting
in
a
little
bit
over
24
hours.
F
The
calendar
right
now
has
enhancement
freeze
for
six
weeks
or
enhancement
period
for
six
weeks
and
then
four
weeks
until
code,
freeze,
Leo
and
I
have
been
talking
about
making
it
five
five.
So
there's
enough
time
for
implementation,
and
we
generally
agree
on
this
and
would
love
to
hear
any
input
about
it
before
I
update
the
or
finalize
the
calendar.
F
Yeah,
that's
correct
and
we'll
make
it
five
five
yeah
and
then
timelines
will
be
updated.
H
Yeah,
maybe
also
some
contacts,
so
Jordan
also
pointed
this
out,
I
think
a
couple
of
weeks
ago
or
some
time
ago,
so
I
think
this
is
probably
better
to
switch
it
around
to
have
a
little
bit
more
time
for
code
freeze
than
for
enhancement,
freeze,
so
I
think
this
is
like
also
very
welcome
from
the
community
in
general.
F
A
A
A
Signing
so
I
was
investigating
what
we
can
do
on
from
deciding
to
have
better
support
for
for
the
verification
process,
and
one
thing
I
just
noticed
was
that
we
don't
sign
multi-arg
images
by
using
record
recursive
signing,
which
means
that
we
sign
the
multi-architecture
Manifest
list,
but
we
don't
sign
the
actual
image
and
we
have
architectural
images
and
the
Registries
which
we
push
dedicatedly
but
I'm,
just
speaking
about
the
multi-arc
image
list.
A
So
cosine
cosine
has
the
support
for
signing
recursively
and
doing
this
automatically
and
I
added
support
to
this
to
the
release
SDK,
and
we
probably
can
also
add
it
to
promo
tours.
I.
I
really
hope
that
we
don't
increase
the
signing
time
with
this
change,
but
it
will
make
a
verification
of
the
multi-arc
image
way
better
or
a
way
more
straightforward.
From
my
point
of
view,
and
the
other
enhancement
is
about
so
cosine
signatures
have
a
Docker
reference
in
their
chasing
manifest
so
and
they
point
right
now
to
the
actual
mirror.
A
So
we
are
using
regencykits.io.
But
if
we
use
cosine
verified-
and
we
point
the
docker
reference
to
to
any
of
those
mirrors
which
are
yeah
like
Europe
Southwest
from
my
location
is
the
resolution
for
this,
and
the
main
idea
is
to
be
able
to
override
the
Stocker
reference
and
point
it
to
registrykates.io,
and
this
would
require
a
changing
cosine,
but
will
would
also
make
a
image
verification
better
for
us,
because
then
users
can
rely
on
those
Docker
reference
for
actually
seeing
and
verific
verifying
the
images
directly
from
registry.ks.io.
A
So,
let's
see
how
this
turns
out.
If
the
change
lands
in
cosine,
then
we
can
also
add
it
to
our
release
tools
and
that's
all
just
to
yeah
two
small
enhancements
to
the
overall
signing
process.
So
it's
nothing
which
is
worth
changing.
Our
current
enhancement.
D
I
A
Yeah
so
I
propose
the
change
as
RC
and
directly
as
in
cosine,
and
we
need
somehow
agreement
if
we
can
do
it
like
this
or
not.
The
thing
is:
if,
if
we
can't
change,
for
example,
the
docker
reference,
then
I
don't
know
how
we
would
make
it
better
user
interface
wise
right,
because
if
verification
2
is
cosine
doesn't
do,
is
if
you're
on
cosine
verify
it
will
not
Arrow
out
if
there's
Europe,
Southwest
or
pikachu.def
in
the
in
the
image
URL
other
than
regular
street.kids.io.
A
G
Okay,
thank
you.
The
first
thing
that
I
want
to
mention
is
the
package
reported.
Howard
will
be
staying
with
the
packaging
work
Sasha.
Do
you
want
to
open
the
board
or.
J
G
Yeah,
thank
you.
As
Sasha
mentioned
at
the
beginning
of
the
meeting.
We
are
now
not
doing
the
casting
board
that
we
have
in
the
past
so
that
we
have
one
release,
engineering
and
One
releasing
board.
We
want
to
try
something
else.
This
was
discussed
and
the
seagull
is
meeting
that
we
had
in
person
in
on
kubecon.
The
idea
was,
we
started
with
two
words:
one
for
packaging,
one
for
salsa
work.
G
Those
are
two
major
topics
that
we
have
I
spent
some
time
yesterday,
trying
to
organize
the
board
to
see
how
it
can
apply,
and
this
is
what
they
came
up
with
so
I
created
multiple
columns.
One
is
to
keep
track
of
tracking
issues
slightly
cap
and
some
large
issues
that
are
used
as
a
placeholder
for
other
smaller
issues,
and
then
we
have
a
color
for
blood
pictures.
That's
something
that
we
need
to
work
on,
but
that
is
not
the
right
time,
because
we
are
waiting
on
some
other
stuff
to
be
implemented
and
fix
it.
G
And
then
we
have
backlog
in
progress
in
review
and
done
something
similar
that
we
had
in
past.
What
else
I
want
to
mention
is
that
I
added
on
board
a
field
for
each
issue
that
can
be
used
to
track
the
stage
that
issue
is
supposed
to
be
worked
in,
and
you
can
see
that
some
officials
have
Alpha
and
most
officiency
about
points.
Some
of
them
have
better,
we
don't
have
stable,
and
this
is
like
the
stage
when
we
are
planning
to
tackle
that
issue.
G
For
example,
we
have
a
progress
that
integrate
that
build,
and
this
is
Alpha
like
this
is
the
first
issue
that
we
have
to
take
care
of
actually
and
based
on
that
we
have
different
views,
so
you
can
use
a
switch,
for
example,
within
all
issues
between
stage
overview
alphabet
and
stable
and
see.
How
are
we
doing
so?
G
That's
how
it
is
organized
speaking
of
work,
and
what
are
we
going
to
do?
The
the
first
thing
is
actually
finishing
the
integrated
depth
field
so
to
remind
everyone-
and
if
someone
is
new
to
this
originally
we
have
packages
in.
We
have
RPM
specs
and
we
have
Debian
specs.
It
turns
out.
The
Debian
specs
can
be
very
easy
how
to
generate
it
from
RPM
specs,
especially
that
we
don't
have
any
building
that
we,
for
example,
take
kubernetes
sources,
build
binaries
and
then
do
something
with
those
binaries.
G
We
just
take
already
pre-build
binaries
and
put
them
in
the
package,
so
it
turns
out.
Auto
generation
is
easy
and
OBS
folks
proposed
that
as
a
way
forward,
so
we
attracted-
we
are
very
close
after
that.
I
will
work
with
some
minor
improvements
to
Krell
OBS
specs
command.
We
want
the
degenerated
files.
I
wanted
to
be
able
to
take
a
those
binaries
from
the
staging
bucket
so
that
we
can
actually
generate
terrific
staging
that
we
don't
have
to
do
it
very
late
in
the
release.
G
Maybe
we
can
even
trigger
the
building
processing
stage
and
then
just
release
in
the
trail
release
stage.
So
this
is
the
idea-
and
this
is
the
current
status
other
than
that
we
have
a
bunch
of
other
issues
to
solve.
So
this
is
what
we
will
take
care
of
how
we
proceed
and
my
idea
will
be
periodically-
maybe
not
every
week,
but
every
two
or
three
weeks
we
do
a
quick.
G
A
G
Right
now,
I
don't
need
any
help.
It
is
going
pretty
well
I'm,
considering
what
task
we
can
split,
and
there
is
that
issue
about.
Let
me
see
if
I
can
find
it
here
in
the
world,
but
it
is
3055.
The
last
one
is
blocked.
Column
create
all
to
manage
project
access
to
obs.
This
is
something
that
can
be
working.
Viral
I
wanted
to
wait
a
little
bit,
maybe
a
week
more,
to
make
sure
to
have
like
a
final
decision
that
everything
is
working
fine
with
OBS.
G
So
if
there's
someone
that
is
in
that
is
interesting
to
work
on
this
tooling.
So
this
is
going
to
be
a
little
bit
more
complex
because
we
will
need
to
integrate
with
OBS
apis
and
to
create
that
github's
workbook,
similar
to
what
we
have
for
a
managing
Google
Groups,
managing
slack
channels
and
many
other
things
that
we
have
in
the
kubernetes
community,
so
that
we
basically
have
a
yaml
file
that
we
can
put
kubernetes
projects
sub
projects
for
OBS
and
configuration
platforms
all
that
stuff
that
you
can
reconcile
it
automatically.
G
That
would
be
very
nice
to
have
because
we
would
have
to
fiddle
with
the
OBS
UI.
So
it
means
that
there's
less
chance
to
make
a
mistake
and
yeah.
This
is
something
that
I'm
looking
for
some
help.
If
anyone
is
wants
to
work
on
that,
but
it
is
not
a
priority
for
Alpha
I'm
marketing
is
better.
So
if
anyone
is
interested,
you
can
reach
out
to
me.
A
Awesome,
thank
you.
You
can
also
pin
this
issue
to
the
sick
release
channel.
So
maybe
there's
anyone
else
who
would
like
to
contribute.
K
If
it's
not
complex
that
much,
maybe
I
because
I'm
a
new
contributor,
if
it's
not
accomplished
that
much,
maybe
I
could
help
on
this.
G
Okay,
I
will
try
to
come
up
with
a
some
sort
of
proposal,
more
formable,
how
it
can
look
like
how
it's
what
it
should
do,
how
it
should
be
used
and
then,
based
on
that
we
can
see
who
is
interested
to
work
today.
Okay,
that
would
be
great.
Thank
you.
I
can
promise
it's
going
to
be
maybe
next
week,
but
I
will
shy
in
upcoming
things
to
take
care
of
it.
K
G
The
I'm
not
sure
I
wouldn't
call
it
Alpha
stage,
because
we
can
invoke
the
OIC
to
link
manually
and
we
can
set
up
the
projects
and
everything
on
our
own.
So
it's
not
necessary
Alpha,
but
I
think
it
is
must-have
as
we
graduate
to
better
and
stable.
A
A
G
G
Okay,
thank
you.
The
next
topic
is
the
status
of
one
PR
in
parameters
that
my
colleague
created
available.
So
I
first
want
to
check
about
it.
If
there's
anyone
on
call
who
might
have
idea,
how
do
we
want
to
proceed
with
it
because
I
think
I
think
Carlos
and
Muhammad
on
the
PR,
but
we
didn't
get
any
feedback
on
how
we
should
do
it.
I
know
it
was
once
discussed
on
singularis
meeting
I
think
maybe
before
kubecon,
but
I'm
not
sure
what
was
the
decision
on
it.
G
So
I
wanted
to
see,
maybe
if
anyone
Carlos
sorry
Carlos
and
Adolfo.
If
you
can
take
a
look
and
maybe
provide
us
some
feedback
about
what
should
we
do.
G
G
I
might
have
some
capacity,
and
that
is
also
the
case
for
some
folks
at
kubermatic
and
we
might
be
interested
to
help
out
if
there's
anything
needed
when
it
comes
to
promotion
tools,
especially
the
image
promotion
part
and
making
the
experience
better.
I.
Remember
that
I
have
heard
from
folks
that
there
are
some
ideas
from
chain
guard
folks
to
how
to
improve
it
like
to
reduce
the
problem
tools.
Code
base
significantly
make
it
easier
to
follow,
make
it
safer.
G
So
I
wanted
to
see
if
there's
any
update,
if
there's
anything
that
we
can
have
with
at
least
I,
don't
think
they're
nice
for
now,
but
I
just
wanted
to
bring
it
up.
So,
if
there's
anything
that
can
be
helped
with,
please
let
me
know
so.
I
personally,
as
I
said
earlier,
I'm
now
working
full-time
on
absolute
stuff
and
I
also
have
some
folks
who
are
interested
to
help.
L
Yeah
I
guess
so
the
that
period
of
instability
that
we
had
during
the
registry
migration
I
would
then
get
that
it's
now
not
under
control.
So
any
so
I
mean
there
are
issues
open,
but
the
Urgent
parts
are
over.
So
if
you
want
to
take
on
a
new
Improvement,
it's
fine
but
I'm
I'm,
feeling
that
right
now
we
I
mean
we
have.
L
We
have,
of
course,
issues
that,
where
we
need
to
add
some
resiliency,
for
example,
so
we
try
some
back
off,
but
I
feel
that
we're
now
kind
of
on
a
an
appeal
of
rest.
After
so
much
instability
for
it,
but
I
mean
if
you
have
any
ideas
or
you
want
to
take
on
on
some
on
some
of
the
open
issues.
It's
fine.
We
definitely
should
discuss
how
to
where
the
weak
points
are
especially
for
backing
off
and
retries,
and
we
don't
have
issues
open
for
that.
L
L
L
The
last
couple
of
you
know,
since
we
did
the
last
improvements
for
to
handle
the
the
registry
change,
so
I
don't
know,
maybe
we
should
get
together
or
put
put
it
on
the
agenda
for
in
in
discuss
in
one
of
our
meetings
how
we
want
to
where
we
want
to
take
it.
G
Okay,
maybe
that
was
maybe
that
would
be
a
good
idea
that
we
discussed
it
with
Secrets
infra
Fox
as
well
like.
Where
do
we
want
to
go
into
what
direction
and
yeah?
If
anything
is
forward,
then
I
can
be
of
some
help
there
and
maybe
try
to
get
some
Forks
as
well.
Who
could
work
on
it
so
yeah?
We
can
say
about
it.
Yeah.
G
Okay,
are
there
any
questions
for
this
topic
thanks
a
lot
Adolfo
by
the
way.
G
Okay,
then
I
will
go
to
the
next
stop.
If
that's
okay-
and
this
is
hopefully
a
relatively
short
question-
and
it
is,
should
we
considered
archiving
The
Signal
is
meeting
minutes
because
I
don't
know
for
other
folks,
but
personally
I
have
some
performance
issues
when
loading
this
talk-
and
this
is
like
when
I'm
on
zoom-
and
this
is
even
my
Mac
like
starts
freezing-
then
try
to
load
this
page
and
as
far
as
I
don't
see.
Contrabass,
for
example,
is
something
similar
every
year.
G
M
I
think
it's
a
great
idea:
let's
see
how
you
know
if
there
are
some
prior
art
and
how
like
access
doing
it,
maybe
we
do
it
by
ear?
Maybe
we
do
it
every
six
months,
Jim
got
your
hand
up
yeah.
I
Sigdax
also
does
this
and
if
you
go
into
the
same,
it's
basically
the
same
directory
tree
where
you
found
that
say:
contributor
experience
link
if
you
go
to
the
sigdax
folder,
there's
the
meeting,
notes
archive
and
there's
a
readme
in
there
about
just
chunking
out
year
by
year,
and
then
there's
like
a
it's
a
Google
Docs
plugin,
but
it
basically
takes
Google
docs
to
mark
down
it's
a
relatively
manual
process,
but
it's
also
relatively
pain-free.
I
So
just
if
you
wanted
to
walk
through
and
read
me
of
how
to
do
it
in
the
Sig
box,
there
is
a
kind
of
prior
art
there
to
Stevens
Point.
M
So
I
remember
in
the
past,
and
maybe
this
has
changed.
There
were
some
concerns
about
security
of
certain
Google
Docs
plugins.
What
we
could
do
if
we
wanted
to
not
go
the
plug-in
route
as
we
could
export
to,
we
could
export
to
to
docx
or
something
and
then
I'm
sure
pandok
can
configure
it
out,
maybe
and
check
it
out
that
way,
but
but
yeah
I'm
I'm
the
short
version
I'm
open
to
it.
G
Okay,
I,
don't
think
I
have
security
code
service
regarding
the
plugin,
if
almost
anyone
else
I
mean
if
it
works
for
C
contributes
the
same
box
I
think
it
should
be
fine
for
us
as
well.
If
folks
are
okay
with
that,
I
could
try
taking
care
of
that.
So.
M
M
All
right
at
the
Baseline,
let's
file
an
issue
for
it.
Jim
are
you
potentially
interested
in
this,
and
so
we've
got
some
overlap.
G
Thank
you
as
well,
and
one
final
topic
that
I
have.
If
there
are
no
questions
about
this
one.
G
Okay,
so
there's
one
thing
that
our
release
managers
mailing
list-
and
this
is
subscription
to
Debian
security-
please
and
I
wanted
it
now
that
we
are
subscribed
for
some
extended
time,
I
think
for
quite
a
while
I
wanted
to
see
like
how
useful
is
it
to
folks,
because
in
my
opinion,
we
are
receiving
a
lot
of
irrelevant
meals
and
they're
quite
frequent
like
they
tend
to
send
several
images
weekly
and
it's
rare
that
it
is
affecting
us
at
all
and
I
was
thinking
like.
Is
this
really
helpful
to
anyone?
G
If
that
we
should
show
you
unsubscribe
you'll
find
some
other
way
to
collect
those
emails
and
the
Lord's
relevant
to
us?
Are
there
any
opinions
of
this
topic
like.
M
So
if
I
can
reframe
the
what
we're
concerned
with
is
the
you
know,
security
updates
for
for
Devin
releases
as
it
pertains
to
building
base
images
right.
M
Do
we
have
do
we
have
a
process,
a
timeline
in
which
we
build
Debian
images
and
I.
Think
that
that's
still
not
true
today,
right
it's
it's
kind
of
a
oh
someone
mentions
a
vulnerability
so
that
you
know
the
whole
idea
for
signing
up
for
this
list
was
a
signal
that
hey.
Maybe
we
should.
We
should
look
at
look
at
rebuilding
our
images
right,
so
I
I
think
I.
I
would
flip
this
and
say
if
it's
not
providing
value
to
us.
Fine,
let's
unsubscribe,
but
also
as
we're
unsubscribing.
M
Let's
also
make
sure
that
we
have
a
process
for
when
we
build
new
images
for
Debbie
and
we're
also
starting
to
draw
down
on
the
amount
of
Debian
images
that
we
have
to
build
in
the
first
place.
G
M
Yeah,
what
if
we
made
this
part
of
the
prepping
for
patch
releases,.
G
M
Way,
the
images
also
have
soap
time
on
all
of
the
on
all
of
the
branches.
M
It
depends
it's
not
always
going
to
align
with
go
going,
updates
and
I
think
you
know
for
for
some
of
the
the
goaling
updates.
Will
you
know
we
can?
We
can
say
there
are
a
few
updates
that
will
pop
up
that.
Are
you
know
that
that
may
be
minor
updates
and,
or
you
know,
out
of
band
security
releases
for
go
Lang,
and
then
we
would
just
roll
the
images
anyway,
but
I
think
you
know
our
our
response.
Our
image
building
response
is
effectively
like.
M
Oh
someone
has
noticed
a
vulnerability
and,
and
something
upstream,
and
we
should
we
should
we
should
re-roll,
but
so
having
having
at
least
a
baseline
monthly
Cadence
would
be
good,
I
I
mentioned
doing
it
after
the
Patch
releases,
so
that
we're
not
we're
not
impacting
the
release
cycle
right.
M
So
if
we
do,
if
we
were
to
say,
let's,
let's
do
it
when
we,
when
we
do
the
patch
release
deadline,
that
means
we
have
to
roll
the
images,
get
them
out
in
time
for
the
patch
release
deadline
and
and
have
them
soak
on
the
branches
right.
We
are
potentially
introducing
risk
into
the
release
process.
By
doing
so
so
immediately
after
the
Patch
releases
gives
a
whole
month
of
of
a
window
to
to
catch
any
future
issues.
G
M
Yeah
yeah:
let's
get,
let's
get
an
issue
filed
I'm,
just
looking
at
the
attendees
list
right
now
Jim.
How
are
you
feeling
at
that
potentially
investigating
this
as
well.
I
M
Jim
and
Marco
figure
out
how
to
one
of
you
follow
file
an
issue
and
figure
out
how
to
chop
up
the
work.
I.
M
And
at
least
at
least
at
this
period
it's
not
you
know
it's
not
anything,
that's
on
fire
Matt.
Do
you
want
to
talk
to
your
comments
in
the
chat.
N
Hi
sorry
yeah,
it's
just
that
we
we
get
a
lot
of
like
concerns
about
like
CVS
and
things
that
maybe
are
not
like
they're
theoretically
possible,
but
not
practically
possible
and
oftentimes.
Our
compliance
concerns
are
not
our
compliance.
People
or
the
people
that
we
are
concerned
with
are
not
worried
about
whether
or
not
it's
possible
to
exploit
the
cdes.
N
So
much
is
that
the
cves
exist
and
they
don't
want
them
to
so
often
we
have
to
just
get
those
things
updated
as
fast
as
possible,
whether
or
not
we
can
prove
that
somebody
can
exploit
them
in
practice
on
our
systems.
I
just
was
wanting
to
point
that
out
because
oftentimes
we
get
cves
that
are
theoretically
possible,
that
we
still
have
to
address
those.
M
Absolutely
yeah
I
think
we
run
into
we
run
into
issues
here
where
it's
it's.
You
know
it's
it's
patching
to
status.
You
know.
Sometimes
it's
patching
to
satisfy
the
scanners
and
make
make
people
who
get
antsy
about
Bills,
going
off
la
Fancy.
N
Right
yeah,
we
have
a
lot
of
compliance
concerns
with
the
way
that,
when
I
say
I
mean
Rancher
I'm.
Speaking
from
the
Susan
Rancher
perspective,
we
have
a
lot
of
compliance
concerns
that
we
care
about.
G
Yeah
I
agree
with
that.
Thanks
for
the
feedback
on
that.
So
if
we
manage
to
get
like
at
least
TVs
as
possible,
then
it's
definitely
going
to
make
it
easier
for
everyone
because,
as
you
said,
some
co-pilot
students
just
don't
care
about.
If
it
is
exploitable
or
not,
but
we
are
going,
many
are
trying
to
go
for
zero
CVS,
so
yeah.
That's
definitely
that
would
be
a
great
help
from
doing
those
habits
regularly.