►
From YouTube: CNCF Harbor's Community Zoom Meeting - 3 Nov, 2021
Description
CNCF Harbor's Community Zoom Meeting
A
Hello,
everyone
today
is
the
november
3rd
and
that's
the
official
meeting
for
harbor
community
meeting,
it's
official
cncf
meeting,
so
please
behave
and
follow
the
code
of
conduct.
My
name
is
rolin
vasilev
and
I'm
the
community
manager
for
harbor
for
today's
agenda.
A
I
have
one
topic
and
it's
I
want
to
bring
up
the
office
hours
again.
So
what
do
you
think?
I,
I
think
there'll
be
huge
benefits
for
the
community
to
bring
the
office
hours
again.
There
are
many
questions
popping
up
in
the
channel
every
day
and
especially
with
the
new
release.
I
think
it
would
be
great
to
to
have
it
and
to
say
to
have
someone
from
the
team
to
do
some.
Some
demos
on
the
distributed
tracing
features
and
the
changes
in
the
api
for
the
robot
accounts.
A
So
what
I
think
is
good
good
to
have
them
back,
or
it
would
be
too
much
to
have
them
again
and
to
be
like
the
community
meetings
every
second
week
or
something.
B
Hey
really:
what
is
the
time
you're
thinking
for
this.
A
Maybe
we
can
alternate
so
the
the
week
after
this
one,
so
to
not
sure
if
that
will
be
visible
for
everyone,
but
we
can.
We
can
make
it,
for
example.
Next
week
same
time,
I
think.
B
C
Yeah
we
should
discuss
with
team,
and
previously
we
probably
have
officer
all
right,
but
I'm
not
not
sure
what
is
what
is
the
time
at
that
time.
C
A
B
It
was
also
bi-weekly
and
it
was
around
1
p.m.
Eastern
okay
and
attendance
was
pretty
low.
I
think
we
only
had
a
couple
sessions
where
you
know
more
than
a
few
people
showed
up,
so
we
decided
to
cancel
it.
A
A
D
Maybe
you
can
do
a
vote
on
slack
channel,
for
example,
and
then
what
what
time
most
people
would
fit.
You
know
like
giving
a
few
options
of
time
zones
like
that
central
european
time
zone,
east
u.s,
eastern
u.s,
western
and
then
some
like
paging
time
or
something
and
just
that.
What
what's
works
best
for
people.
A
You
mean
to
to
create,
like
a
slack
pool
and
people
to
decide
not
to
through
github,
okay.
A
Yeah,
okay,
some
way
to
decide
what
would
which
is
the
good
time
for
this
one
and
and
as
a
second
topic
for
my
side,
to
bring
vadim's
nomination,
I'm
not
sure
if
the
maintenance
team
managed
to
vote.
So
please
check
that
nomination
and
put
your
vote
in
and
yeah.
We
have
something
in
the
chat.
D
I
think
regarding
the
vote,
though,
not
every
voter
is
considered
there.
I
think
that
tianan
is.
His
vote
is
not
considered
because
I
think
he
is
he's
he's
not
a
member
of
this
repository
of
this
project.
D
A
As
far
as
we
have
the
the
votes
collected-
okay,
I'll
check
that
those
are
my
topics,
anyone
else
wants
to
get
on
from
here.
Welcome
abby
from
your
relief.
E
I'm
I'm
back
so
looking
forward
to
getting
back
up
to
speed
on
the
project
and
excited
to
see
all
your
faces
this
morning.
A
Do
you
have
because
I
can
see
your
face?
That's
your
first
on
the
list.
Do
you
have
something
to
discuss.
D
The
implementation
is
on
harbor
side.
Is
it's
a
bit
problematic
there
and
the
topic
is
regarding
the
open
id
connect,
implementation
in
harbor
and
and
the
fact
that,
if
you
have
open
mind
connect
enabled
you
have,
the
refresh
tokens
are
tied
to
the
to
the
cli
key.
So
this
means
that
if
you
have
open
id
connect
enabled-
and
you
have
users
that
are
logging
logging
in
with
almighty
connect
and
those
user-
create
a
cli
secret
and
there
is
no
expiration
date
on
the
ci
secret.
D
So
the
user
assumes
that
the
cli
secret
will
work,
but
actually
the
cli
secret
is
tied
to
their
refresh
token
and
in
some
implementation.
So,
if
they're,
oh,
I
opened
the
connect,
implementation
is
a
bit
more,
I
would
say
strict
so
where
the
refresh
token
is
only
valid
for
you
of
a
few
minutes.
This
means
or
a
few
days.
D
This
means
that
the
user
can
only
log
in
in
this
time
of
period,
so
he
needs
to
first
log
in
again
to
get
a
new
refresh
token,
and
then
he
can
use
his
cli
key,
and
this
is
not
transparent
because
yeah
it
the
assumption
of
the
user,
is
they
they
generate
the
cli
token
so
that
they
can
use
it
in
openid
context.
D
But
the
reality
is
that
even
though
they
have
the
cli
token,
it's
still
tied
to
their
opm
connect,
user
and,
and
especially
the
refresh
token-
and
this
means
that
yeah
after
some
certain
amount
of
time
that
the
the
cli
key
is
not
valid
anymore
and
there
is
no
feedback
or
respond
to
the
user.
It
just
fails
to
log
in
and
I
think
from
the
implementation
point
of
view.
D
Maybe
we
need
to
kind
of
address
this
topic
again,
because
I
mean
the
the
database
login
is
in
harbor
or,
I
would
say,
a
second-class
citizen,
because
it's
it's
not
not
a
primary
lock-in
option
for
harbor
how
it's
used,
because
it's
like
some
core
functionality
there
and
yeah.
So,
in
the
context
of
mighty
connect,
it
would
make
sense
to
to
see
how
we
can
improve
this.
This
workflow
there.
F
Yes,
this
is
by
designs
on
definitely
record
the
the
combination
of
the
cli
secretary
and
the
research
token
meet
the
oit
supply
like
something
we.
F
So
I
I
I
don't
clear
and
use
the
cos.
F
B
B
D
There
are
a
few
issues
on
on
on
github
regarding
this
topic
already
so
from
different
users
in
the
past,
and
I've
been
scanning
again
over
the
issues
and
what
people
talking
about,
and
maybe
we
need
to
kind
of
consolidate
all
these
issues
together
and
maybe
address
this
this
this
topic,
because
it's
yeah
it's.
B
F
Yeah
yeah,
I
I
I
understand
y'all,
if
I
record
correctly,
the
the
oidc
crs
secret
and
the
combination
of
the
cri
secret
and,
in
the
reflect
token,
are
made
the
rtc
specification.
That's
why
we
take
this
implementation.
I
mean.
E
D
D
B
I
think
yeah
it
does
so
it's
been
a
while
for
me,
but
I,
the
core,
you
know
logic
behind
this-
is
that
the
it's
because
docker
cli
can't
handle
redirection
for
single
sign-on.
That's
why
we
use
a
cli
secret
and
basically.
A
B
Secret
is
it's
mapped
to
the
id
token
right,
and
so,
when
harbor
tries
to
refresh
the
token
the
cli
secret
will
be
invalid
right
if
the
user
is
invalidated
on
the
oitc
side
and
that's.
A
B
I
was
going
to
say
the
way.
The
refresh
token
works
is
that
if
you
know
the
oitc
provider's
side,
it
doesn't
provide
a
refresh
token
or
the
refresh
token
fails.
Then
the
cli
secret
that
that's
how
you
that's,
how
you
invalidate
the
cli
secret
right,
because
that's
when
the
user
has
been
removed
from
the
oitc
side
and
that's
really
the
only
way
for
harper
to
pick
this
up.
A
F
A
F
D
D
D
Something
like
this,
maybe
I'm
not
sure
I
mean
there
that
may
be
other
options
and
I've
seen
some
discussions
on
github
regarding
solutions,
and
maybe
but
my
point
was
here
just
to
bring
up
this
topic
and
see
if
we
can
work
on
that
again
and
then
try
to
to
solve
this.
F
You
can
just
file
the
issue
regarding
this.
D
D
It's
I
think
steven
is
not
here
right,
and
this
is
like
regarding
the
the
harbor
satellite
concept
that
I
would
like
to
work
on
and-
and
I
think,
alex
stephen
was
working
on
on
the
concept
there
and
he
wrote
that
it's
not
public,
and
I
was
was
about
to
ask
him
if
he
could
share
this
somehow
or
make
it
public
so
that
we
can
continue
on
the
work
that
he
did
before
and
use
this
as
a
reference
of
the
starting
point
already
and
and
move
this
topic
with
the
replica.
D
B
Yeah
there's
there's
a
document
available.
I
just
need
to
make
that
public.
Sorry
about
that.
He
did
bring
this
up
to
me
with
me.
I'll.
Do
that
and
I'll
share
with
you,
but
all.
B
That's
more
something
that's
more
appropriate
for
an
edge
case.
So
it's
a
much
lighter
footprint.
D
D
D
D
B
Yeah
I'll
I'll
share
I'll
share
the
doc
with
you
first,
okay,
all
right
is
it.
If
there's
an
issue,
I
can
just
paste
it
onto
the
the
issue.
I
don't
know
if
there's
an
issue,
if
not,
I
can
just
share
with
you.
Okay,
okay,.
B
But
but
yeah,
let
me
the
idea
was
to
deliver
another
harvard
instance,
probably
within
the
same
project.
D
D
Okay,
so
another
question
from
my
side:
if
there
is,
if
there's
nobody
else,
asking
questions,
there
is
also
a
discussion
regarding
the
health
chart,
a
helm,
chat
or
chat,
museum
support
for
harvard
2.4
that
you
know
is
now
kind
of
remarked
as
as
deprecated,
and
it's
clear
I
mean
for
me,
it's
clear
what
this
means
that
it's
not
gonna
get
the
new
functionality
and
support,
and
there
is,
however,
one
thing
that
I
came
across
is
that
replicating
the
replication
of
images
does
not
include
harbor
charts
and
now
the
question
is:
would
you
consider
this
to
be
an
update
to
this
functionality,
or
would
you
consider
it
to
be
fixing
a
problem,
so
what
I
want
to
ask
is,
would
it
make
sense
to
to
create
still
still
create
some
form
of
contribution
there
or
not?
F
I
mean
yeah:
do
me
not
replicate
the
charts
in
charm,
museum
right
or
the
oci
hr.
D
You
know
oci
chats
are
not
deprecated,
the
charter
museum
is
deprecated
no,
but
but
what
is
not
replicated
is
the
chart.
Museum
charts
are
not
replicated
the
oci
images
they
are
replicated
because
there
are,
you
know,
ocr
images,
but
now
I'm
talking
about
the
deprecated
part.
If,
if
you
think
it
would
still
make
sense
to
create
a
contribution
there
or
not,.
D
B
D
B
D
B
Not
seeing
the
you
know
the
adequate
level
of
the
response
we
would
need
from
from
charm
museum
as
an
upstream
project
to
to
really
have
confidence
here.
I.
D
D
C
A
Third
thing,
and-
and
please
as
a
reminder
for
everyone
ad
at
yourself
and
in
the
topics
that
you
wanted
to
discuss,
so
we
don't
lose
track
of
what
was
discussed.
F
I
just
want
to
pick
one
or
two
items
from
discussion
list
to
how
discuss
with
you.
One
of
the
other
topic
is
about
the
chat
museum
deprecation.
We
still
have
some
user,
it's
confusing.
What
do
you
mean
by
limited
store
on
chart
museum?
F
I
just
give
a
response
response
that
we
want
to
release
the
signal
to
the
community.
Like
the
china
museum,
it
will
be
deprecating
in
the
future
release
and
engage
user
to
leverage
the
ocr
compatible
chart
and
we
will
not
provide
any
attacks
bars
on
the
chart
museum
problem,
especially
the
performance
problem
that
we
noticed,
but
still
some
user
wanna
have
discussed
on
that.
F
So
so
at
least
do
should
we
have
just
some
notification
to
the
community
and
to
give
some
clear
message
to
the
user
to
let
them
know
that
we
wanna
to
deprecate
the
child
museum
in
future
release.
B
F
Yes,
we
just
have.
Let
me.
F
But
we
have
a
lot
of
users,
only
very
little
of
them
during
the
community
meeting.
So
I
just
delete
one
message
here:
we
we
will
provide
limits
for
onshore
museum,
but
I
think
we
we
should
have
some
strong
message
to
community
to
let
you
know
that
we
we
wanted
to
protect
china.
D
Yeah
yeah,
I
think
that's
explanation,
what
what
it
means
with
deprecation
and
and
what
is
the
way
forward.
D
Maybe
would
explain
it
or
made
it
clear
to
say:
okay,
we
deprecate
chart
museum,
you
know
so
there's
not
going
to
be
new
features
new
functionality,
but
it
will
be
still
there
until
so
there's
a
condition
until
when
is
it
there,
and
I
think
the
condition
from
my
perspective
is
if
helm
has
official
support
for
oci,
and
I
think
this
is
the
point
when
hand
does
officially
support
oci
images,
then
I
think
is
a
good
time
to
deprecate
or
to
remove
chart
museum
from
harbor,
and
I
think,
making
this
condition
clear
would
already
help
a
lot
of
people
say
like
we
deprecated,
so
we're
not
going
to
add
new
functionality
and
features
to
the
chart
museum
or
to
the
implementation
and
we're
going
to
remove
a
chart
museum
from
harbor
when
helm
has.
D
D
F
D
This
would
stop
the
discussions
because
I
think
I
mean
it's
understandable.
People
are
afraid
because
they
think
okay
they're
not
going
to
be
a
chart
museum
the
chart
support.
So
what
should
they
do?
Next
and-
and
we
need
to
give
them
a
clear
road
path
and
a
clear
wordpress
would
be.
You
know,
a
chat
museum
will
be
in
harbor
until
it's
not
experimental
anymore.
In
hell.
B
I
think
that
makes
sense.
I
don't
know
if
they
have
any
plans
to
actually
transition
to
something
more
stable
from
experimental,
but
we
have
had
internal
discussions
about.
B
You
know
like
if
we're
gonna
be,
if
we're
gonna
be
spending
time
to
invest
in
a
solution
here,
should
we
be
working
with
the
helm
community
or
should
we
should
we
be
working
with
the
charm
museum
community
and
it
felt
like
charm
museum?
Was
you
know
they
really
let
themselves
go?
We
have
just
haven't
been
gotten
just
haven't
gotten
the
feedback
we
need
so
out
of
the
two
we
would
prefer
to
work
with
telling
the
seems
helm
is
still
pretty
active,
but
I
think
you
make
a
solid
point
here
that.
F
B
Yeah
I
can
we
can
take
that
as
an
action
as
an
action
item.
Someone
put
it
down
on
the
the
agenda
doc
and
we
can.
We
can
try
to
stay
something.
That's
that's
more.
You
know
more
a
stronger
message,
more
forceful
and
more
succinct.
B
I
thought
you
know
we
we've
been
doing
an
okay
job,
just
kind
of
reinforcing
this
in
previous
community
meetings
and
in
the
to
release,
notes
but
yeah.
I'm
still
getting
questions
like
that
from
customers
as
well.
So.
F
Okay,
so
I
can
file
an
issue,
so
we
can
have
some
follow-up.
Maybe
we
can
can
deliver
some
stronger
message
to
the
community
and
by
some
way.
D
Yeah,
let's
create
an
issue
and
then
you
can
collect
some
some
messages
and
where
to
put
them,
you
know
like
the
release,
notes
and-
and
you
know
some
somewhere
else
on
the
block-
maybe
just
a
short,
walk
information
or
something
yeah.
F
So
another
issue
I
and
that
I
wanna
have
discuss
with
that.
F
So
since
we
have
released
2.4
and
then
I
just
have
a
release
to
the
1.2.9
and.
B
I
think
there's
nothing
wrong
with
the
way
it
looks
on
github.
I
think
what
we
have
to
do
is
communicate
that
we
maintain
three
releases:
three
minors
in
parallel,
so
you
you
could
have
a
patch
release
of
an
older
miner.
You
know
moving.
B
F
Find
a
new
concept:
we
just
officially
support
two
backward
version
like
it
2.2
or
2.3
once
the
214
is
released,
but
we
still
have
some
patch
released
in
1.10
and
user
is
confusing
about
that.
I
didn't
come
up
with
a
better
idea
about
that,
since
the
the
the
1.10.9
is
actually
the
latest
release,
but.
B
Right
we
just
have
to.
We
just
have
to
answer
this
question
from
the
discussion,
because
I've
done
this
before
on
the
on
the
slack
people.
This
isn't
the
first
time
they
don't
understand
that
1.10
is
still
being
1.10
is
especially
bad
right
because
it's
it's
way
out
of
support
for
us.
Even
so,
this
there's
a
special.
B
You
know
a
special,
not
a
customer,
but
a
constituent
that
we
are
releasing
these
four.
So
it
feels
like
we're
maintaining
four
releases
now,
but
we're
not
we're
still
doing
three
right,
we're
doing
m
minus
two,
but
it's
no
different.
If
you
that's
the
same
question
about
one
point,
one
point
or
two
point
zero:
if
we
were
maintaining
2.0,
we
could
potentially
have
a
2.0
patch
release
show
up
as
the
latest,
because
github
just
just
lists
it
in
the
data
release
right,
so
they
could
jump
around.
B
F
B
So
yeah
I
mean
on
this
meeting.
We
can
only
share
that
we're
releasing
these
patches
for
a
certain
someone,
but.
B
But
yeah
it's
not
a
great
model
and
we
should
try
to
get
away
from
it
right.
So
the
this
is
an
issue
to
community
as
well
charlie,
if
you're,
if
you're
still
here.
This
is.
B
B
C
B
F
B
Okay,
so
I
have
one
quick
thing,
which
is
harvard
2.4
got
released,
congrats
to
the
entire
team,
to
all
the
maintainers
who
contribute
to
this
really
great
work,
and
so
we're
starting
the
hardware
2.5.
B
So
looking
for
anyone,
you
know
watching
this
recording
later,
please,
you
know
file
an
issue
for
something
you
want
to
be
done
in
2.5,
where
you
can
again
go
through
we'll
be
we'll
be
putting
those
issues
into
its
own
swimlane
on
the
project
board,
so
it'll
be
a
2.5
and
if
there's
something
you
want,
you
know
just
just
ask,
or
you
can
plus
one
on
the
issues
that
are
exist,
we're
going
to
be
going
through
those
pretty
soon
within
the
next
week.
Two
weeks
I
would
say.
B
Yeah,
I
think,
there's
there's
a
you
can
explicitly.
You
know,
ask
for
this
to
be
in
2.5
or
we
can
just
create
an
issue
and
the
the
maintainer
team
will
figure
out
the
priority
here.
If
it
looks,
you
know
if
it
looks
compelling,
and
if
it's
adequately
that
if
the
problem
is
you
know
adequately
described,
then
we
can
we'll
reach
out
on
the
ticket,
as
we
usually
do
and
we'll
figure
out
if
we
can
put
it
into
2.5.
D
So,
are
you
planning
to
go
over
the
issues
or
how
do
we
plan
to
to
figure
out
where
which
issues
should
be
kind
of
considered
for
2.5
from
all
the
from
you
know,
from
the
issues?
Is
there
kind
of
a
structure
how
we
could
help
you
with
like
selection
or
or
should
we,
I
don't
know
like
adding
at
the
discussions,
or
I
mean
I'm
not
sure
if
it's
because
the
projects
are
closed,
there's
no
projects
anymore.
So
is
there
kind
of
a
yeah.
B
Yeah,
so
typically
right,
so
we
would
have
a
discussion
and
then
a
maintainer
discussion,
not
using
not
leveraging
this
time.
For
you
know
the
wider
community,
we
would
have
maintained
a
discussion
and
everyone
would
all
the
containers
would
work
on
this.
I
think
there
was
there
was
discussion
about.
Can
we
make
maybe
make
this
public
for,
for
you
know,
other
contributors
and
anyone
else
really
maybe
like
in
the
form
of
a
zoom
session,
not
a
not
a
zoom
session,
where
everyone
can
participate
right?
B
It
would
just
be
like
one
of
those
webinars
where
someone
has
control
over
this
session
and
people
can
listen
in,
but
they
can't
they
can't
talk
right
because
we
don't
want
to
get
distracted.
So
maybe
that's
an
idea.
We've
also,
you
know,
grown
our
maintainer
team
quite
a
bit
right
with
with
the
team
and
tienen
joining
us,
so
between
all
the
new
people
and
different
time
zones.
This
is
a
new
process
for
us,
so
we're
gonna
have
to
figure
things
out,
maybe
break
this
down
into
two
sessions.
B
I
think
I
don't
think
we
can
cover
everything
in
just
one
session,
but
so,
let's,
let's
all
go
through
the
list
of
issues
that
we
would
like
to
to
get
done
in
2.5,
and
once
we
have
enough
we'll
we'll
go
through
it
and
you
know,
tag
tag,
those
issues
for
2.5
and
then
we'll
we'll
meet
for
an
actual
discussion
and
we'll
we'll
figure
out
what
the
times
are
and
I'll
send
out
an
invite.
But
it
won't
be.
It
won't
be
this
session.
C
Yeah,
maybe
another
another
way
we
can
do
is
to
open
a
discussion
to
connect
to
collect
the
2.5
requirement.
D
F
A
A
No
okay,
abby
do
you?
Do
you
want
to
add
something?
No,
all
right,
okay,
so
with
that,
I
think
we
can
close
for
today,
15
minutes
back
catch
up
in
two
weeks.
Okay,
thank
you,
everyone
and
see.