►
From YouTube: OCI Weekly Discussion - 2022-02-17
A
C
Thanks
chair
doesn't
really
do
a
ton
about.
The
only
thing
that
I
have
power
for
in
the
charter
is
to
call
tob
meetings,
but
otherwise
everyone
in
the
tob
is
roughly
equal.
So.
A
And
I
don't
see
any
other
dis,
spec
maintainers,
so
I
had
offered
to
do
a
triage
of
distribution
spec.
But
if
no
one
else
shows
up,
then
I
think
that's
probably
not
worth
it
so
does
anyone
else
have
topics.
E
A
I
don't
have
any
pr's,
so
can
you
see.
A
Great
all
right,
so
I
brought
this
up
last
week,
but
vince's
like
two-year
three-year-old
extensions
thing,
was
merged,
so
I
think
we
ought
to
talk
about
releasing
1.1,
because
this
is
not.
This
is
just
on
main
right
now
so
and
I
know
brandon,
you
had
a
few
opinions
on
this,
but
we
can
just
pull
up
the
milestone
here.
A
A
All
right
actually
here
so
there
was
an
issue
a
while
ago,
where.
B
A
I
see
okay,
yeah
does
junior.
A
I
I
mean
I'm
I'm
in
favor
of
just
throwing
it
against
ci
and
seeing
what
happens
but
yeah
jimmy.
If
you
want
to
like
click
the
button
once
you
look
at
it,
that'd
be
cool.
A
It's
a
lot
of
words.
Was
there
a
pr
against
us.
B
A
I
think
similarly,
though,
to
the
auth
thing:
oh
here
we
go,
I
was
gonna
say
there's
no
pr.
I
don't
know
that.
A
F
F
Yeah
I
mean
legitimately
my
only
concern
was
about
like
bit
rot,
basically
like
us,
just
not
being
able
to
maintain
stuff.
Let
me
like
look
back
over
it.
I
I
don't
think
I
was
being
unreasonable,
then,
especially
since,
like
I
feel
like
there
hasn't
been
much
much
like
updates
on
this
pr
generally,
which
kind
of
supports
my
argument
that,
like
if
it
gets
married,
it
would
equally
rot.
F
Yeah,
I
think
that,
like
I
mean
everything
documented
here,
is
just
basically
http
like
it
even
references
the
rfc
at
the
top.
This
is
just
like
how
http
servers
like
work.
The
question
of
whether
people
implement
it
or
not,
I
feel
like
is
fine
like
we
can
reach
out
to
that,
but
like
reach
out
to
people
and
see
how
they
feel
about
it.
F
H
The
I
I'm
early
on
in
the
specs,
I
made
the
assumption
that
people
would
follow
http,
but
they
don't
so
having
some
explicit
guidance
about
how
to
follow.
The
http
is
probably
good.
We
don't.
I
F
J
F
A
No,
there
is
there's
a
few
places.
I
think.
A
F
A
Okay,
I
put
this
link
in
zoom
if,
if
some,
if
people
want
to
make
more
comments,
but
I
think
we're
we're
still
waiting
on
john
to
react
to
your
invince's
comments.
F
Yeah
the
only
real
feedback
I
have
for
that.
The
ci
one
is,
I
think,
literally,
that
first
step
where
you
run
a
whole
bunch
of
bash
to
get
the
step
like
the
step
output.
Docker
has
their
own
action
called
like
meta
or
something
like
that.
It's
like
docker,
meta
action
or
action
meta
and
it
just
extracts
a
whole
bunch
of
generic
like
github,
refs
and
stuff
and
then
exports
them
that
you
can
then
reference
later.
So
it
might
just
save
you
from
like
writing
a
little
on
a
bash
like,
but
you've
already
done.
F
A
I
would
suggest,
can
we
like
open
up?
Can
we
get
this
in
and
then
open
up,
because.
F
A
Do
a
pr
issue:
that's
like
replace
this
with
that
yep.
A
H
A
Okay,
I
think
then
I
I
think,
then
there
was
some
discussion
in
here.
A
Like
I
guess,
maybe
what?
What
are
your
thoughts
on
to
me?
I
think
the
only
thing
we
have
left
to
do
is
add
some
conformance
around
extensions
that
we
discussed
this
last
week,
where,
if
you
do
expose
extensions,
then
like
it's
optional,
to
expose
them.
If
you
do
expose
them,
then
the
response
should
be
in
the
right
format,
and
I
think
I
can
hopefully
help
add
tests
for
that.
A
B
Up
to
your
comment
at
the
top-
and
I
think
I
think
the
big
thing
I
was
saying
in
here
was
just
that
you
know
we
we
wanted
to
highlight
the
extension
api.
I
was
just
giving
you
a
couple
other
things
of
saying:
here's
some
other
things
to
highlight
in
the
release
they
weren't
issues.
It
was
just
here.
You
know
more
things
to
talk
about.
A
A
B
A
All
right,
okay,.
A
B
B
Is
that
related
test
for
it's
not
related
to
any
of
this
stuff,
and
that's
that's
why
I'm
bringing
it
up
is
because
we
won't
catch
it
any
other
way.
Unless
I
open
up
another
pr.
F
B
F
B
It
looked
like
such
a
great
spec
too,
but
yeah,
since
no
one
is
doing
it.
It's
not
really
tested
very
much,
and
so
I've
hit
some
of
those
edge
cases.
F
Yeah,
it
would
be
nice
to
have
it
in
the
conformance
just
to
try
to
like
nudge
everyone
towards
doing
the
right
thing.
A
F
F
F
I
don't
know
if
we
want
to
try
to
squeeze
it
into
a
1.1.
I
believe
this
behavior
that,
like
the
docker
registries,
already
support
right
like
the
official
docker
ones,
I
don't
think
so.
It's
kind
of
like
the
behavior
of
like
the
docker
or
like
the
by,
like
the
distribution
open
source
registry,
didn't
really
have
this
functionality,
because
this
was
missing.
F
Like
you
end
up
with
this,
like
weird
configuration
where
you
try
to
overwrite
the
namespaces
yourself
and
like
static
configuration,
so
this
just
allows
like
registry
proxies
to
be
more
dynamic
rather
than
trying
to
like
use
like
custom
domains
or
something
to
like
map
like
this
domain
should
go
to
this
domain,
and
this
domain
should
go
to
this
domain
yeah
I
mean,
I
guess,
that's
what
I
was
getting
at.
F
J
There's
also
been
a
shift
a
little
bit
around
mirroring
versus
the
caching
features,
because
murray
carries
all
the
problems
as
the
and
the
benefits
so.
F
Yeah
that
that's
why
I
was
super
hesitant
on
this
initially
and
then,
like
the
scope
of
this
one,
was
kind
of
like
reduced
a
little
bit
to
not
cover
like
coat
like
end
to
end.
How
mirroring
should
work
and,
like
I
think
initially,
that
was
my
hesitation
to
this,
because
it
used
a
lot
of
the
terminology
around
mirroring
implying
that
like
this
is
how
registry
should
implement,
mirroring
and
considering,
like,
like
quay,
for
example,
already
implements
mirroring
in
a
completely
different
way
like
in
my
mind,
I
was
like.
F
I
don't
want
to
like
prescribe
a
way
to
mirror,
but
this
is
instead
kind
of
more
about
like
the
proxying
aspect,
which
I
can
see
a
completely
orthogonal
argument
for
which
was
what
eventually
turned
me
to
like
approve
this.
G
F
The
like
what
what
it
actually
is,
so
I
mean
at
the
crux
of
it.
What
we're
just
trying
to
do
is
make
sure
that
we're
passing
the
registry,
all
the
information
that
the
client
has,
because
today
we
don't
necessarily
have
that
information
if
you're,
using
like
a
mirror
or
a
proxy
like
the
you,
just
change
the
url
to
where
you're
going
and
you
don't
know
what
the
client
was
actually
requesting.
So
that's
like
kind
of
like
the
crux
of
it,
but
like
the
relevant
feature,
is
like
proxime.
I
guess
so.
F
It's
not
really
like
trying
to
prescribe
proxy,
but
it's
like
really
hard
to
enable
an
actual
proxy
without
this
because
yeah
the
information's
just
lost
like
if
it
were
like
doing
a
normal
hp
proxy.
That
information
would
be
held
in
like
the
proxy
hosts
like
in
hp,
headers
right.
So
it's
just
a
matter
of
like
a
way
to
pass
this
information
up
but
yeah.
I
I
agree
like
I'm,
not
sure
that,
like
tying
it
to
like
the
end
use
cases,
I
mean
it's
it's
like
necessary,
but
it's
like
yeah.
F
J
I
was
wondering
with
the
you
know,
with
all
of
you
networking
that
everybody's
you
know
just
constant
pinging,
for
I
need
to
be
able
to
not
have
any
upstream
content
coming
through
through
the
network,
regardless
of
container
registry
or
anything
to
do
with
that
storage
accounts.
J
Is
this
something
we
want
to
focus
on
or
like
I'd
love,
to
see
the
work
around
the
caching
stuff
that
you
know
that
we've
initially
outlined
in
the
open
containers,
blog
post
aws,
implemented
last
year,
we're
implementing
this
year
as
being
more
of
a
general
pattern
for
solving
this
problem,
as
opposed
to
kind
of
investing
more
in
what
we
know
is
problematic
from.
F
F
Give
you
this,
you
can
optionally
provide
this.
If,
like
you,
want
to
do
something
else,
server-side
inside
your
registry,
and
you
need
this
information
right,
yeah
yeah,
you
could
do
that
as
well.
As
I
said,
I
feel
like
we've
gone
back
and
forth
on
like
like
hey.
Do
we
just
add
this
variable
and
say
this?
Is
information
and
use
it?
However,
you
want
or
hey
here's
a
variable
you
can
use
it
for
use
case
this
use
case.
F
Actually
I
don't
really
care
either
way
like
it's
it's
I
guess
I
should
read
back
through
the
spec
to
see
how
we're
even
raising
this
kind
of
stuff.
So
we
have
gotten
feedback
from
some
folks
that
have
just
like
tried
to
implement
a
registry
straight
off
the
oci
spec
that
they're
they
like
have
read
certain
things
and
been
like
okay.
This
thing
exists,
but
why
so
like?
F
I
can
understand
how
it
would
be
confusing
yeah,
I'm
also
a
fan
of
like
giving
more
details
to
the
registry
to
for
it
to
do
with
it,
what
it
pleases
right.
I
don't
necessarily
want
to
prescribe
stuff
like,
even
if
people
just
like,
took
this
and
like
stored
it
somewhere
like
logged
it
just
to
make
their
logs
better
or.
F
Yeah
yeah,
I
just
think
prescribing
use
case,
is
probably
bad
in
this
scenario,
even
if
it
does
provide
more
information
to
registry
implementers
yeah.
I
agree
with
that
as
well
because,
as
I
said
like
it's
there's,
there's
more
than
one
way
to
proxy.
F
We
shouldn't
say
like
this
is
how
you
must
proxy,
like
a
client,
may
try
to
do
it
this
way,
but
it's
hard,
like
I
don't
know
like
it's
it's
getting
these
in,
like
which
order
should
you
do
it
in
is,
is
hard
at
least
from
like
the
client
perspective,
we
can
just
pass
that
information
up.
I
Just
a
question
on
ns
is
the:
is
the
value
of
ns
actually
going
to
be
fully
qualified,
for
example,
host
people
and
tag
or
digest,
or
just
the
host
and
repo.
F
I
don't
know
if
there's
somewhere,
that
was
describing
how
but
yeah
it's
not
like
the
fully
qualified
name
which
could
be
but
you'd
be
duplicating
a
bunch
of
information
right
so
like
today
we
have.
The
api
is
like
the
api
root,
slash
repository
and
then
the
clients
will
have
the
fully
whatever
you
consider
like
the
full
image
name
as
some
sort
of
host
name,
slash.
F
Yeah,
as
I
said,
like
image,
names
aren't
really
prescriptive
in
terms
of
what
they
how
they
should
be
interpreted.
Anyways,
like
you,
don't
even
have
to
use
a
hostname.
A
I
guess
in
the
interest
of
time
is
this
derek?
Do
you
think
this
is
something
we
should
do
for
one
one
or
should
we
keep
take.
F
Would
say,
yeah
push
this
to
a
1.2
just
because,
like
it
does
need
rework
like
fundamentally,
I
think
everyone.
I
think
people
can
agree
with
the
idea,
but
like
not
the
text
as
it's
written
right
like
getting
getting
the
fully
qualified
or
like
getting
all
the
information.
So
you
can't
have
a
fully
qualified
like
image.
Name
in
the
registry
seems
pretty
important.
Prescribing
how
it
should
be
used
seems
yeah,
not
good
right.
F
It
kind
of
brought
up
the
thorny
issue,
which
is
around
my
name,
and
how
the
fact
that
we
have
tried
to
be
as
non-prescriptive
as
possible
in
terms
of
what
a
name
represents,
and
that's
why
I
use
the
word
namespace
and
not
host,
because
the
client
can
take
whatever
name
it
wants.
It
can
cut
it
up.
However,
it
wants
and
provide
just
part
of
it
to
a
registry
or
provide
all
of
it
to
a
registry.
F
It
doesn't
matter
the
name.
Space
is
basically
just
saying:
hey
the
name
that
I
gave
you.
This
was
the
name
space
that
it
was
a
part
of
and
the
fact
that
you're
expecting
to
concatenate.
That,
with
like
a
slash
is
in
of
itself
I'd,
say
enough
controversy
to
say
like
we're
being
prescriptive
here,
but
I
mean
we
kind
of
already
said
that
names
are
kind
of
separated
in
like
paths
essentially.
A
Okay,
do
we
are
we
okay
to
go
through
the
rest
of
these.
A
Oh
hey,
we
were
just
talking
about
you
in
a
good
way.
A
K
I
think
last
I
looked
at
this.
I
was
hoping
for
vague
consensus
around
like.
Should
I
actually
pr
this
in
a
more
complete
way.
A
A
Okay,
so
we
were,
you
walked
in
and
we
were
going
through
just
like
the
open
pr's.
This
top
one
is
something
I
can.
I
was
testing
out.
It's
just
like
a
problem
with
the
tests.
It's
nothing
spec
related.
We
just
talked
about
derek's
pr
from
2019
about
proxying
and
determined
there's
still
some.
A
Basically,
still
some
work
until
we
put
this
in
so
1.2
that
so
there
is
look,
is
steve
still
here.
A
A
Right
I'll,
just
silently
let
this
fall
off
here.
A
H
Got
it
I
mean,
like
you
know,
we
spent
a
long
time.
I
think
urls
had
a
2k
limit
in
iiis
for
a
long
time,
which
eventually
got
I
mean
like
it's
going
to
increase
at
some
point
right
yep.
I
don't
think
at
this
point.
It's
just
saying:
here's
what
the
here's
what's
gonna
happen.
I
don't
think
we
even
have
it.
Do
we
even
have
a
limit
in
this
anymore?
It
doesn't
look
like
it.
H
A
H
B
The
biggest
goal
was
to
try
to
make
sure
that
registries
were
interoperable
with
the
same
content.
So
if
I
was
able
to
push
a
image
to
one
registry,
I
should
be
able
to
push
it
to
other
registries
that
all
implement
those
I
spec,
ideally
and
so
having
this
gave
us
a
little
bit
more
standardization
across
that.
A
K
E
Remember
john's
the
one
who
wants
to
embed
all
the
data
in
his
manifest,
I'm
pretty
sure
he's
going
to
extend
that
to
his
layer.
Data
too
he's
going
to
start
putting
the
layer
blobs
in
the
json
document.
A
H
Yeah,
I
don't
remember
what
the
what
the
cutoff
is
or
what
the
like
inflection
point
is,
but
there's
some
inflection
point
where
it's
way
cheaper
to
embed
the
data
than
to
pay
the
cost
of
the
round
trip
for
the
request
you
can
calculate
it
based
on
the
bandwidth
delay
product.
I
don't
remember,
I
remember
calculating
this
at
some
point.
It
was
like
a
megabyte
or
or
two
or
something
like
that.
B
G
K
The
conversation
is
long.
Basically,
it
depends
on
who
you're
talking
about
like
registries
should
ideally
support
infinitely
sized
everything
right,
but
in
reality,
there's
some
limitations
based
on
their
design
choices.
So
you
would
expect
clients
to
kind
of
self-impose
limits
if
they
care
about
portability
between
registries
but
from
a
specification
point
of
view
and
the
image
spec,
it
doesn't
make
sense
to
enforce
arbitrary
limits
on
like
data
structures.
E
E
H
K
Yeah,
like
there
are
limits
already
right,
this
just
kind
of
makes
them
handleable
because
we're
standardizing
what
the
error
code
is
and
giving
some
expectation
for
what
those
limits
might
be.
D
Yeah
thanks
sorry,
I
didn't
follow
that
last
time,
so
my
worry
is
like
the
data
field
may
provide
an
injection
point
for
shell
scripts,
that
shouldn't
be
invoked
and
because
of
the
lack
of
round
tripping.
That
might
be
a
place
where
people
can
put
data
that
a
client
may
be
expecting
to
you
know
pass
on
somewhere,
and
I
I
have
I.
D
B
D
I
don't
know,
let
me
go
ahead.
Brian.
B
Phrase
this
and
put
it
back
at
you
and
see
where
we're
going
with
this,
because
the
data
field
itself,
when
we
were
talking
about
that
one
and
to
be
clear,
we
split
this
into
two,
and
so
this
is
not
the
data
field
itself.
B
But
when
we
were
talking
about
the
data
field,
that
was
just
the
data
that
was
in
the
blob
already
we
weren't
changing
the
blob
or
doing
anything
different
that
we
were
just
taking
the
content
that
was
already
in
the
blob
repackaging
in
a
json
and
dumping
in
the
manifest
and
the
digest
on
that
was
going
to
match.
So
you
couldn't
put
anything
different
that
was
already
in
the
blob
because
the
digest
has
to
match
in
this
case.
So
we
didn't
change
anything
that's
already
out
there.
B
D
D
Do
they
do
annotations
are
like
key
value?
Pairs
data
is
just
a
blank
place
to
put
whatever
you
want.
D
I
Application
injections
that
customers
do
encode
it
into
something
and
stick
it
in
there.
It's
not
unheard
of
data,
just
formalizes
it
nicely
so.
H
H
You
go
to
the
registry,
you
pull
it
down
from
registry,
you
verify
it
and
then
you
make
sure
that
that
just
matches
right
all
the
data
field
does
is
put
the
content
that
you
would
fetch
from
the
registry
identified
by
that
digest
into
the
field
into
that
data
field.
It
coded
encoded
in
base
64..
I
believe
I,
if
I
remember
correctly,
you
can
correct
me
if
I'm
wrong,
so
there's
no
like
that.
You
can't
just
in
so
it's
going
to
change
the
digest
of
that
descriptor
right.
H
H
If
we've
done
everything
right,
you
should
be
able
to
like
pick
up
a
usb
like
like
sitting
in
a
gutter
on
the
street,
plug
it
in
hash.
The
data
I
mean:
don't
do
that.
That's
that's
badly
security
for
other
reasons,
but
I'm
just
illustrating
you
can
get
the
data
from
literally
literally
anywhere.
If
you
can
safely
hash
it
and
process
it
like,
and
it
has
that
same
hash
like
you
should
theoretically
be
okay,
and
so
it's
just
the
same.
It's
just
another
avenue.
So
it's
not
like
a
side
injection
mesh
mechanism.
H
D
Okay,
that
makes
more
sense
to
me
soon,
so
you
know
as
long
as
the
spec
clearly
says,
this
is
how
you
encode
data
into
the
data
field.
This
is
fine.
D
D
I
I
I'm
okay
with
it,
I
don't
have
any
you
know,
control
over
merged
stuff
or
anything
like
that.
It
was
just
a
question
I
had.
K
A
All
right
I,
for
the
purposes
of
this
spec
1-1,
I'm
I'm
done
so.
B
B
B
A
Okay,
yeah
I'll
just
I'll
already
ahead
of
time,
ask
if
john
and
derek
and
steven,
if
once
I
do
once
and
if
I
do
do
a
conformance
pr.
If
I
can
get
a
swift
look
at
that
and
we
can
cut
a
release
candidate
and.
A
Yeah
all
right
see
you
samia
tuesday,
see
some
of
you
in
a
week
from
today
and
on
the
internet
bye.
Thank
you.
Everybody.