►
From YouTube: OCI Weekly Discussion - 2023-07-13
B
A
B
Although
it
looks
like
Josh
had
some
issues
on
the
merge.
B
So
we
don't
actually
have
an
agenda
today.
Nothing's
on
the
list,
I
will
say
a
a
big
thank
you
to
Josh
for
getting
the
release
out
distribution
spec,
no
their
RC
out.
There
looks
like
chaos
on
that
merge.
B
C
B
B
B
B
B
Yeah,
no
new
items,
that's
that's
a
good
plan.
I!
Don't
have
a
new
item
for
coming
out
with
the
ga
release
or
anything
like
that.
But
I
was
kind
of
playing
with
this
last
week
or
so,
which
is
that
I
am
not
a
fan,
maybe
some
things
out
of
the
way,
because
this
is
all
kinds
of
confusing
for
me:
I'm,
not
a
fan
of
the
distribution
spec
itself,
just
the
layout
of
it
and
trying
to
follow
stuff.
B
B
I
was
wondering
if
it
made
sense
to
just
make
the
whole
API
endpoint
section
more
of
first
class
citizen,
saying
here's
the
endpoint
four
pole
and
we
have
to
like
categorize
all
of
our
stuff,
because
we
have
certain
things
that
say
this
is
a
poll
type
request
for
push
type
request
for
conformance
and
whatnot
method.
Is
get
the
path
is
this?
We
got
headers
on
this
thing
and
then
kind
of
go
through
some
bullets
under
that
saying,
here's
kind
of
part
of
our
spec
of
what
a.
B
I
was
thinking
schweiger
too.
The
challenge
for
me
with
swagger
I
think
was
I.
Wasn't
sure
a
lot
of
it
kind
of
depends
on
some
code
that
you're
importing
in
from,
if
you're
loading
that
in
and
so
that
wouldn't
quite
work,
because
we
don't
have
code
so
much
words
right
in
the
spec,
but
the
other
half
is.
Does
that?
Give
us
a
good
way
to
put
all
these
shoulds
and
must
and
whatnot
for
all
the
fields
in
there.
D
They
are
getting
the
Swagger
or
that
was
not
straightforward,
but
doable.
Honestly
speaking,
the
docker
talks
for
the
sctp
registry
spec
is.
This
is
really
good.
B
B
Yeah
I
also
went
thought
that
examples
are
good
too
so
kind
of
put
something
in
there
says:
here's
the
request,
here's,
the
response:
what
you're
expecting
to
see
is
just
like
an
example
for
any
users
to
look
at.
D
Actually,
my
word
was
for
maybe
Loop
like
could
realign,
or
could
we
kind
of
learn
something
from
the
docker
docs
to
take
it
over
to
the
distribution
locks?
Do
we
want
to
again?
This
is
the
tough
one,
because
you'll
have
to
rewrite
and
read
review
the
whole
thing
so
it'll
take
time,
yeah.
B
As
bad
as
that
sounds,
though,
give
you
an
idea
of
my
view
here,
let
me
stop
sharing
for
a
second,
so
I
can
pull
another
window
up.
B
B
E
B
F
Also
trying
to
make
it
look
good
in
a
PDF
that
might
have
required
certain
lenty
things
right.
B
B
D
D
D
B
We
have
the
authority
group,
we
have
stuff
happening
for
artifacts
and
the
artifact
working
group
over
in
cncf
not
sure
where
they're
going
to
go
with
some
of
their
suggestions.
But
it
would
be
good
for
us
to
think
about
how
you
want
to
do
some
of
that
stuff
over
here
as
well
to
incorporate
what
they're
doing
to
have
whatever
those
CI
take
on.
It
is
to
get
something
out
with
that.
C
C
Yes,
okay,
so
GitHub
actions
I've
learned
a
lot
in
the
past
few
years,
but
basically
this
file
is
like
I,
don't
even
know
if
things
really
work.
Our
advertising
work
like
this
anymore,
but
it
basically
runs
this
image
and
it
passes
you're
allowed
to
pass
it
environment
variables,
but
what's
the
problem
is,
if
you
try
to
run
this
action
which
zot
is
doing
at
Main,
it
will
always
be
tied
to
the
1.0.0
spec.
C
C
We
could
make
an
argument
to
pass
in
like
a
spec
version
that
you
want
to
test
against,
but
I
just
don't
want
to
like
change
this.
If
there's
people
out
there
relying
on
it,
I
don't
know
if
anyone
besides
that
that's
using
this
right
now,
but
does
it
make
sense
that,
like
what's
that
head
will
run
what's
that
head,
though.
E
B
The
way
I've
done
this
is
stealing
a
bunch
of
code
from
like
pretty
sure
it
was
chain
guard
or
they've,
got
an
action,
and
it
just
has
a
release.
Variable
version
variable
whatever
you
want
to
call
it
and
a
default
value
for
that
which
the
default
might
be
whatever
the
latest
GA
releases,
or
something
along
those
lines.
B
C
Thank
you.
I
can
go
ahead
and
do
this
if,
if
there's
no
other
thoughts
on
it
but
yeah
taking
like
a
commit
or
a
reference,
and
you
could
just
pin
to
a
specific
thing.
D
I
mean
what
you
said:
make
sense
to
me
like
head
running
with
head
is
probably
what
we
want
right,
like
we've
moved
everything
in
main
already
up,
so
why
is
the
action
still
pinned
to
1.0
I?
Think
in
1.0
Branch?
The
action
should
be
1.0,
but
on
Main
it
makes
sense
to
kind
of
move
it
with
whatever
we
have
checked
in.
C
Kind
of
yeah
there's
kind
of
a
weird
thing,
because
actions,
let
you
actually
pin
to
tags
so
like
how
could
I
run.
B
Unless
this
is
a
tag,
you
can't
because
the
Digest
at
the
end
of
line
11
comes
as
the
output
from
this
tag,
and
so
you
can't
have
this
action
enamel
on
the
tag
with
the
digest.
That's
the
output
of
the
tag.
B
I
would
I
would
go
with
a
I,
don't
know
if
I'll
pin
to
a
digest
unless
someone
specifically
asked
for
it,
and
then
we
can
go
with
tags
and
the
default
tag
will
just
be
the
latest
run.
Whatever
the
current
conformance
is
that
we
have
released
as
a
ga
and
the
other
tags,
you
can
explicitly
Say
Hey
I
want
to
run
the
v1.0.0
rc2
and
it
would
pull
that
image
if
you
asked
for
it
specifically.
C
F
B
So
far
on
the
request
for
comments,
I'm,
looking
at
other
Milestone
issue
there,
we
got
the
request
sitting
out.
I've
had
a
few
people
come
back
and
say
on
some
of
the
issues
out
there
that
they've
seen
it
no
big
concerns
from
their
side.
They'll
get
working
out
once
we
GA
other
people
are
saying
they'll
get
around
to
it
when
they
get
a
chance
everybody's
busy,
as
always
nobody's
saying
no
wait
hold
up,
don't
do
it,
but
it
might
just
be
lack
of
time
from
people
to
actually
dig
through
what
we
changed.
B
Do
we
need
to
have
someone
throw
out
a
doodle
poll
to
have
a
weekly
meeting,
probably
get
some
space
for
GitHub
repo
to
put
some
content
in
there.
D
The
reason
is
to
get
things
like
redirects
and
all
sorted
out
in
the
specification.
I
think
we
wanted
to
clarify
the
authentication
part.
Also,
that's
what
I
remember
Mike
Brown
was
asking
before
to
me.
I
just
wanted.
My
goal
was
to
kind
of
clarify
that
thing
as
well,
but
is
this
more
like?
Have
you
thought
about
what
what
it
means
is
more
about
documenting
the
the
the
implementation
or
where
what
do
we
have
an
outline
of
what
we
plan
to
do
with
that.
B
When
I've
done
authentication
on
my
side,
I
was
trying,
as
best
I
can
to
stick
to
http
specs
themselves,
go
a
little
bit
more
upstream
and
say:
hey
I've
got
a
www
authenticate
header.
Let
me
follow
that
and
do
exactly
you
would
normally
do
so.
I
I
skipped
the
Ping
of
the
V2
API
and
I.
Just
went
straight
to
the
resource.
I
was
trying
to
query
I've
tried
to
a
manifest
poll
or
something
like
that,
and
then
the
registry
will
tell
me
no
wait.
You.
B
Here
and
so
then
I'll
go
over
and
do
the
Authentication
that's
sort
of
shortcutting
and
fall
in
the
specs
works
sometimes
and
then.
E
F
F
B
Yeah
some
of
the
CH
another
one
of
the
challenges
I
ran
into
in
addition
to
some
Registries,
not
giving
me
a
proper
request.
That
I
just
did
like
the
shortcut
and
just
try
to
request
directly,
is
if
you're,
trying
to
copy
between
your
repos
you're
doing
a
cross
repo
blob,
Mount.
F
H
B
H
H
Yeah
I
I
feel
like
no
one
really
follows
any
of
the
specs
and
so
they're
kind
of
useless,
like
for
at
least
for
Dockers
authentication
doctor
supposed
to
return
the
permitted
subset
of
requested
scopes,
but
they'll
fail
if
you
request
an
invalid
scope
and
then
on
the
cross
group
amount
they're
supposed
to
not
or
should
return
a
certain
error
code
and
not
fail,
but
they
were
or
are
or
May
in
the
future
return
to
failing.
If
you
don't
have
authentication
to
mount
from
a
place,
so
I've
written
a
bunch
of
code.
B
Yeah
I've
got
multiple
Paths
of
my
own,
where
I
say
assuming
a
registry
is
implemented,
specs
nicely
I
can
just
go
through
and
do
the
lazy,
but
then
there's
this
extra
field.
That
said
as
well,
some
Registries
don't
like
it
when
you
authenticate
into
multiple
repos
simultaneously,
so
do
treat
each
individual
repos
a
separate
authentication
space,
even
though
I'm
talking
to
the
exact
same
server
keep
their
individual
scope
separate
for
each
repo
yeah.
It's
a
mess.
H
H
B
F
A
B
Not
just
catalog,
but
as
we
start
to
incorporate
different
extensions,
maybe
an
extension
to
do
a
search.
Query
wants
a
different
kind
of
authentication
than
a
polar
put,
and
so
now
you've
got
to
have
three
four
five
different
kinds
of
authentication
types
in
there.
Depending
on
what
the
registry
wants.
B
I
want
to
I
want
to
try
to
be
compatible
with
what
most
people
have
out
there,
while
leaning
towards
Pierce
The
Vision
the
goal
where
we
want
to
try
to
get
to
some
kind
of
path
there,
but
I
don't
want
to
instantly
say
if
you
go
with
the
oci
alt
you're
going
to
break
75
of
the
Registries.
Don't.
F
Don't
give
that
a
name
I
we
we
haven't
started
the
work
group
yet,
but
I
think
it's
more
of
a.
It
should
be
pluggable,
and
here
are
the
features,
and
here
are
the
scenarios
and
here's
some
suggestive
patterns
that
we
need
to
solve
in
an
oci
around
auth,
including
that
off
for
push
versus
offer,
pull
should
be
an
option
available.
You
know,
and
then
there
should
be
some
configuration
such
that
the
client
you
know
can
find
out
what's
available
by
the
registry
and
or
the
other
way
around
right.
F
There
probably
needs
to
be
a
header
negotiation
and
that
we
could
specify
right
some
kind
of
negotiation
between
the
registry
and
client.
So
we
can
find
out
the
auth
capabilities
are
available
and
can
be
used
by
right
usefully
functional
by
the
underlying
code,
so
that
we
can
then
expose
that
as
an
API
through
cry
to
kubernetes,
so
they
can
put
it
in
a
pause
back,
I,
suppose
yay.
D
Okay
I'm
at
this
point,
I'm
just
paper
pushing
I'm
just
going
to
send
her
a
doodle
poll
get
that
started.
It
looks
like
there's
a
lot
to
discuss.
Getting
a
brain
dump
from
John,
Johnson
and
fox
is
going
to
be
an
interesting
effort
here.
Yeah.
F
D
Right
so
I'll
send
out
a
durable
at
least
share
it
on
slack
and
maybe
email.
The
distribution
list
also
put
it
on
the
issue
right.
That
was
a
working
group
issue
or
thanks.
B
F
F
B
Kind
of
throwing
out
my
little
spitballing
for
what
the
spec
change
could
look
like
on
distribution.
Spec
I
was
specifically
keeping
a
whole
section
there
saying
hey
here,
are
all
the
common
things
we're
doing
and
hear
all
the
Ayana
pointers
to
all
the
different
places
where
it's
already
been
done.
Just
follow
their
specs.
D
Just
wanted
to
check
in
on
the
people
who
haven't
spoken,
yet
any
other
topics
that
others
wanted
to
discuss.
I
think
we
can
ramble
on
for
a
long
time,
but
just
checking
in.
G
I'll
just
introduce
myself
quickly.
My
name
is
Greg
and
I
I'm
fairly
new
to
the
FreeBSD
foundation
and
so
I'm
just
trying
to
learn
so
I
I
appreciate
this
call
being
open,
so
yeah
I
am
I
learned
a
little
bit
about.
Oh,
so
I
used
to
work
at
the
Linux
foundation,
so
I
knew
of
oci
and
the
people
that
I
used
to
work
with
have
long
since
stopped
working
on
on
this
project.
But
I
remember
hearing
about
it
when
I
was
there.
G
I
was
more
like
on
the
node.js
side
of
things
was
more
my
thing,
but
anyway,
I
heard
about
run,
Jay
and
just
some
interesting
things
happening,
and
so
I'm
just
here
to
sort
of
learn
right
now,
but
my
goal
longer
term
is
to
try
to
find
resources
within
the
FreeBSD
Community
who
can
help
with
y'all
Upstream
right.
So
you
know
that
that's
my
interest
right
is
to
to.
G
G
Right,
like
so
I'm
I'm
sort
of
like
actively
working,
you
know
the
community
to
find
people
who
want
to
pitch
in
right,
so
so
so,
but
I'll
I'll
be
better
at
doing
that.
The
more
I
know
about
oci.
So
that's
that's.
My
purpose
of
being
here
is
really
just
to
learn.
So
thank
you
for
for
having
this
call
and
allowing
me
to
to
just
listen
in
and
yeah.
That's
that's
pretty
much.
It.
E
F
So
yeah
we
we
definitely
would
like
to
have
FreeBSD
step
in
more.
You
know
for
platforms,
security
issues,
you
know
container
issues
and
that's
going
to
require
your
help.
Yeah
the
FreeBSD
user
helps
I've
got
a
few
instances
of
FreeBSD
servers
on
my
boxes.
Right
over
there,
nice.
G
I
mean
I
mentioned
it
on
our
yeah
I
mentioned
it
on
our
Discord
Channel
and
some
some
folks
chimed
in
with
some
thinking
around
you
know,
bringing
up
or
enabling
oci
support
in
beehive.
Beehive
is
sort
of
the
FreeBSD
version
of
KVM,
but,
like
you
know
so
so
the
more
I
know
the
better
I'll
be
able
to
sort
of
pull
in
the
right
people
so
anyway
that
that's
pretty
much
it.
So
thanks
again
appreciate
you
allowing
me
to
be
here.
J
Greg
I'm
also
just
going
to
chime
in
so
this
is
a
little
past.
The
scope
of
oci,
but
just
also
mentioning
that
I
mean
me
personally,
as
well
as
I
think
a
lot
of
us
who
work
on
Moby.
The
thing
you
probably
know
is
Docker.
A
white
whale
is
running
FreeBSD
containers
on
FreeBSD
or
Linux
containers
on
FreeBSD,
which
is
what's
possible
with
the
horrible
9000
line
out
of
tree
patch,
set
that
bit
rotted
somewhere
in
2016.,
but.
J
At
one
point,
but
but
anyway
would
love
to
also
just
mention
like
come
join
the
darker
Community
slack
too.
If
you
want
to
give
you
know
if
I,
presumably
you
know
at
some
point,
people
will
want
to
run
Docker
on
FreeBSD
and
especially
I
would
love
to
to
chat
with
the
people
who
are
interested
in
doing
that,
as
somebody
who's
personally
interested,
but
has
a
hard
time
finding
the
time
at
least
being
able
to
help
interested
contributors
would
be
would
be
great
if
they
do
if
they
do
manifest.
G
Cool
thanks,
I
I,
appreciate
that
and
I'll,
and
is
that
the
link
that
I'm
sorry
I
was
looking
at
the
chat
I'm
a
terrible,
multitasker
I
know
I'm
like
a
dying
breed.
Is
that
one
of
the
links
that
was
in
the
chat
or
is
that
it
should
there
we
go?
Thank
you.
F
B
F
B
Worked
I'm
curious
if
your
goal
is
strictly
to
run
containers
on
FreeBSD
or,
if
you're,
also
looking
at
packaging,
other
FreeBSD
artifacts
in
a
registry.
The
reason
I
ask
is
cncf
has
an
artifact
working
group
that
is
talking
about
how
to
package.
Okay,
all
kinds
of
things.
G
Yeah
I
mean
you
know
I'm,
so
I
like
to
say
that,
like
I'm
I'm,
much
more
technical
than
most
sort
of
partnership
and
marketing
people,
but
not
nearly
technical
enough
to
really
be
able
to
answer
at
that
level
of
specificity.
One
of
the
things
that
that
I
am
presently
focused
on
so
I've,
been
you
know,
reaching
out
to
various
users
of
FreeBSD,
one
of
which
is
like
somebody
who's
using
it
in
an
Enterprise
environment.
And
you
know.
E
G
Cloud
native
support
on
FreeBSD
is
of
High
interest
to
them,
and
so
you
know
I'm
trying
to
put
together
a
a
FreeBSD,
Enterprise
working
group.
One
of
the
things
would
be
you
know
some
of
the
things
are
Microsoft
related
like
active
directory
and
Samba
and
stuff
like
that.
So
those
are
some
threads
we'll
be
pulling
on.
G
But
another
is
this
question
of
cloud
native
and
how
do
we
make
that
better
for
people
who
want
to
have
at
least
some
of
their
server
infrastructure,
running
FreeBSD
so
but
but
I'm
I'm
really
kind
of
at
this
point
I'm
a
pretty
early
in
this
process
and
be
really
trying
to
facilitate
bringing
people
together,
but
I've
I've
taken
a
note
and
as
we
start
to
get
this
working,
what
I'm
expecting
is
there's
going
to
be
like
little
sub
teams
within
the
Enterprise
working
group
and
and
some
folks
working
on
cloud
native,
and
so
this
would
be
the
kind
of
thing
that
I
would
love
to
point
them
at
and
kind
of
get
them
looking
at.
B
Know
to
throw
a
little
context
on
that.
It's
think
along
the
lines
of
Helm
charts
when
you're
deploying
to
other
things,
we
can
put
those
in
container
Registries.
Other
people
are
looking
at
this
as
saying
hey:
npm
has
their
own
packet
repo.
Can
that
exist
over
in
or
CR,
or
something
like
that
so
they're
they're.
H
B
J
Yep,
and
also
to
kind
of
like
put
it
in
concrete
terms
for
you
too,
like
so
running
freebies
Dean
containers
would
be
neat
to
like
use
all
this
tooling
that
we
have,
but
even
past
that
I
think
a
big
pain
point
for
a
lot
of
us
as
a
freebies
to
user.
Myself
is
jail,
management.
J
A
whole
bunch
of
pet
jails
so,
for
example,
like
on
the
distribution
site
kind
of
what
Brandon's
referring
to
like
in
it.
Even
if
there's
a
way
to
distribute
you
know,
FreeBSD
artifacts,
like
a
like
a
rudafest
to
build
a
jail
from
and
template
a
jail
from
those
that
could
be
a
big
word
for
improvement
for
a
lot
of
people,
especially
in
Cloud
environments,
because.
B
J
You
know
you're,
probably
using
ansible
or
something
to
automate
it,
but,
for
example
like
like
again
to
give
you
analogies
from
the
Linux
world,
so
like
system
D
and
spawn
I
think
it's
actually
system
D
machine
yeah.
C
J
Well,
as
lxc
Now
understand
how
to
take
an
oci
tarball
and
turn
that
into
a
root
Fest,
you
can
take
these
container
images
that
people
have
built
or
this
distribution
mechanism
that
people
have
and
use
that
to
trivially,
create
your
pet
VMS
or
your.
You
know
your
your
like
ansible
managed
jails
or
whatnot.
J
Well,
it
would
be
lxc
containers
here
so
being
able
to
do
that,
for
jails,
for
example,
would
be
really
nice
if,
like
Bastille
learned
how
to
use
an
oci
layout
that
defined
a
FreeBSD
root,
Fest
like
even
that
kind
of
thing,
even
outside
of
you
know,
running
FreeBSD
contain
would
would
be
quite
quite
productive.
Yeah.
G
Thanks
for
that
context,
I
appreciate
it
and
you
know-
and
that
is
in
fact
one
of
the
other
things
that
we
have
heard
from
some
Enterprise
users
is
boy.
It
would
be
great
if
there
was
like
a
like
a
a
more
consistent,
more
complete
way
to
do
jail
and
and
beehive
management,
so
yeah,
I
love.
All
of
this
and
I'm
really
I
really
appreciate
the
warm
welcome.
So
thank
you
all
very
much
and
I'm
excited
to
keep
the
conversation
going.
B
I
actually
have
been
coming
back
and
saying
things,
but
a
lot
of
them
just
haven't
had
time
to
really
absorb
all
the
changes
we've
made,
because
when
you
go
look
at
the
diff
since
the
one
that
I
released
there
have
been
a
lot
of
changes
made
to
our
specs.
B
C
I
I
did
get
a
comment
from
someone
at
my
company.
That
diagram
would
help
so
Brandon
I,
don't
know
if
you
wanna,
donate
a
diagram
to
that
post.
C
B
I
B
So
to
your
request,
there
Josh
yeah,
if
you
grab
that
picture
from
my
slides
I,
think
the
slides
are
all
either
patch
your
MIT.
Take
it
cheers.