►
From YouTube: CNCF Harbor's Community Zoom Meeting - 3 Nov, 2021
Description
CNCF Harbor's Community Zoom Meeting
A
A
I
have
one
topic
and
it's
I
want
to
bring
up
the
office
hours
again.
So
what
do
you
think?
I,
I
think
there'll
be
huge
benefits
for
the
community
to
bring
the
office
hours
again.
There
are
many
questions
popping
up
in
the
channel
every
day
and
especially
with
the
new
release.
I
think
it
would
be
great
to
to
have
it
and
to
say
to
have
someone
from
the
team
to
do
some.
Some
demos
on
the
distributed
tracing
features
and
the
changes
in
the
api
for
the
robot
accounts.
A
B
C
A
B
A
A
D
Maybe
you
can
do
a
vote
on
slack
channel,
for
example,
and
then
what
what
time
most
people
would
fit.
You
know
like
giving
a
few
options
of
time
zones
like
that
central
european
time
zone,
east
u.s,
eastern
u.s,
western
and
then
some
like
paging
time
or
something
and
just
that.
What
what's
works
best
for
people.
A
D
D
A
A
D
The
implementation
is
on
harbor
side.
Is
it's
a
bit
problematic
there
and
the
topic
is
regarding
the
open
id
connect,
implementation
in
harbor
and
and
the
fact
that,
if
you
have
open
mind
connect
enabled
you
have,
the
refresh
tokens
are
tied
to
the
to
the
cli
key.
So
this
means
that
if
you
have
open
id
connect
enabled-
and
you
have
users
that
are
logging
logging
in
with
almighty
connect
and
those
user-
create
a
cli
secret
and
there
is
no
expiration
date
on
the
ci
secret.
D
So
the
user
assumes
that
the
cli
secret
will
work,
but
actually
the
cli
secret
is
tied
to
their
refresh
token
and
in
some
implementation.
So,
if
they're,
oh,
I
opened
the
connect,
implementation
is
a
bit
more,
I
would
say
strict
so
where
the
refresh
token
is
only
valid
for
you
of
a
few
minutes.
This
means
or
a
few
days.
D
But
the
reality
is
that
even
though
they
have
the
cli
token,
it's
still
tied
to
their
opm
connect,
user
and,
and
especially
the
refresh
token-
and
this
means
that
yeah
after
some
certain
amount
of
time
that
the
the
cli
key
is
not
valid
anymore
and
there
is
no
feedback
or
respond
to
the
user.
It
just
fails
to
log
in
and
I
think
from
the
implementation
point
of
view.
D
Maybe
we
need
to
kind
of
address
this
topic
again,
because
I
mean
the
the
database
login
is
in
harbor
or,
I
would
say,
a
second-class
citizen,
because
it's
it's
not
not
a
primary
lock-in
option
for
harbor
how
it's
used,
because
it's
like
some
core
functionality
there
and
yeah.
So,
in
the
context
of
mighty
connect,
it
would
make
sense
to
to
see
how
we
can
improve
this.
This
workflow
there.
F
B
B
B
F
E
D
D
B
A
A
B
I
was
going
to
say
the
way.
The
refresh
token
works
is
that
if
you
know
the
oitc
provider's
side,
it
doesn't
provide
a
refresh
token
or
the
refresh
token
fails.
Then
the
cli
secret
that
that's
how
you
that's,
how
you
invalidate
the
cli
secret
right,
because
that's
when
the
user
has
been
removed
from
the
oitc
side
and
that's
really
the
only
way
for
harper
to
pick
this
up.
A
F
A
F
D
D
D
D
B
D
D
D
D
B
D
D
You
know
oci
chats
are
not
deprecated,
the
charter
museum
is
deprecated
no,
but
but
what
is
not
replicated
is
the
chart.
Museum
charts
are
not
replicated
the
oci
images
they
are
replicated
because
there
are,
you
know,
ocr
images,
but
now
I'm
talking
about
the
deprecated
part.
If,
if
you
think
it
would
still
make
sense
to
create
a
contribution
there
or
not,.
D
B
D
B
D
B
D
D
C
F
F
I
just
give
a
response
response
that
we
want
to
release
the
signal
to
the
community.
Like
the
china
museum,
it
will
be
deprecating
in
the
future
release
and
engage
user
to
leverage
the
ocr
compatible
chart
and
we
will
not
provide
any
attacks
bars
on
the
chart
museum
problem,
especially
the
performance
problem
that
we
noticed,
but
still
some
user
wanna
have
discussed
on
that.
B
F
D
D
F
D
This
would
stop
the
discussions
because
I
think
I
mean
it's
understandable.
People
are
afraid
because
they
think
okay
they're
not
going
to
be
a
chart
museum
the
chart
support.
So
what
should
they
do?
Next
and-
and
we
need
to
give
them
a
clear
road
path
and
a
clear
wordpress
would
be.
You
know,
a
chat
museum
will
be
in
harbor
until
it's
not
experimental
anymore.
In
hell.
B
B
You
know
like
if
we're
gonna
be,
if
we're
gonna
be
spending
time
to
invest
in
a
solution
here,
should
we
be
working
with
the
helm
community
or
should
we
should
we
be
working
with
the
charm
museum
community
and
it
felt
like
charm
museum?
Was
you
know
they
really
let
themselves
go?
We
have
just
haven't
been
gotten
just
haven't
gotten
the
feedback
we
need
so
out
of
the
two
we
would
prefer
to
work
with
telling
the
seems
helm
is
still
pretty
active,
but
I
think
you
make
a
solid
point
here
that.
F
B
B
F
B
B
F
Find
a
new
concept:
we
just
officially
support
two
backward
version
like
it
2.2
or
2.3
once
the
214
is
released,
but
we
still
have
some
patch
released
in
1.10
and
user
is
confusing
about
that.
I
didn't
come
up
with
a
better
idea
about
that,
since
the
the
the
1.10.9
is
actually
the
latest
release,
but.
B
Right
we
just
have
to.
We
just
have
to
answer
this
question
from
the
discussion,
because
I've
done
this
before
on
the
on
the
slack
people.
This
isn't
the
first
time
they
don't
understand
that
1.10
is
still
being
1.10
is
especially
bad
right
because
it's
it's
way
out
of
support
for
us.
Even
so,
this
there's
a
special.
B
You
know
a
special,
not
a
customer,
but
a
constituent
that
we
are
releasing
these
four.
So
it
feels
like
we're
maintaining
four
releases
now,
but
we're
not
we're
still
doing
three
right,
we're
doing
m
minus
two,
but
it's
no
different.
If
you
that's
the
same
question
about
one
point,
one
point
or
two
point
zero:
if
we
were
maintaining
2.0,
we
could
potentially
have
a
2.0
patch
release
show
up
as
the
latest,
because
github
just
just
lists
it
in
the
data
release
right,
so
they
could
jump
around.
B
F
B
B
B
B
C
B
F
B
So
looking
for
anyone,
you
know
watching
this
recording
later,
please,
you
know
file
an
issue
for
something
you
want
to
be
done
in
2.5,
where
you
can
again
go
through
we'll
be
we'll
be
putting
those
issues
into
its
own
swimlane
on
the
project
board,
so
it'll
be
a
2.5
and
if
there's
something
you
want,
you
know
just
just
ask,
or
you
can
plus
one
on
the
issues
that
are
exist,
we're
going
to
be
going
through
those
pretty
soon
within
the
next
week.
Two
weeks
I
would
say.
B
Yeah,
I
think,
there's
there's
a
you
can
explicitly.
You
know,
ask
for
this
to
be
in
2.5
or
we
can
just
create
an
issue
and
the
the
maintainer
team
will
figure
out
the
priority
here.
If
it
looks,
you
know
if
it
looks
compelling,
and
if
it's
adequately
that
if
the
problem
is
you
know
adequately
described,
then
we
can
we'll
reach
out
on
the
ticket,
as
we
usually
do
and
we'll
figure
out
if
we
can
put
it
into
2.5.
D
So,
are
you
planning
to
go
over
the
issues
or
how
do
we
plan
to
to
figure
out
where
which
issues
should
be
kind
of
considered
for
2.5
from
all
the
from
you
know,
from
the
issues?
Is
there
kind
of
a
structure
how
we
could
help
you
with
like
selection
or
or
should
we,
I
don't
know
like
adding
at
the
discussions,
or
I
mean
I'm
not
sure
if
it's
because
the
projects
are
closed,
there's
no
projects
anymore.
So
is
there
kind
of
a
yeah.
B
Yeah,
so
typically
right,
so
we
would
have
a
discussion
and
then
a
maintainer
discussion,
not
using
not
leveraging
this
time.
For
you
know
the
wider
community,
we
would
have
maintained
a
discussion
and
everyone
would
all
the
containers
would
work
on
this.
I
think
there
was
there
was
discussion
about.
Can
we
make
maybe
make
this
public
for,
for
you
know,
other
contributors
and
anyone
else
really
maybe
like
in
the
form
of
a
zoom
session,
not
a
not
a
zoom
session,
where
everyone
can
participate
right?
B
It
would
just
be
like
one
of
those
webinars
where
someone
has
control
over
this
session
and
people
can
listen
in,
but
they
can't
they
can't
talk
right
because
we
don't
want
to
get
distracted.
So
maybe
that's
an
idea.
We've
also,
you
know,
grown
our
maintainer
team
quite
a
bit
right
with
with
the
team
and
tienen
joining
us,
so
between
all
the
new
people
and
different
time
zones.
This
is
a
new
process
for
us,
so
we're
gonna
have
to
figure
things
out,
maybe
break
this
down
into
two
sessions.
B
I
think
I
don't
think
we
can
cover
everything
in
just
one
session,
but
so,
let's,
let's
all
go
through
the
list
of
issues
that
we
would
like
to
to
get
done
in
2.5,
and
once
we
have
enough
we'll
we'll
go
through
it
and
you
know,
tag
tag,
those
issues
for
2.5
and
then
we'll
we'll
meet
for
an
actual
discussion
and
we'll
we'll
figure
out
what
the
times
are
and
I'll
send
out
an
invite.
But
it
won't
be.
It
won't
be
this
session.