►
From YouTube: Cartographer Office Hours, Sept 19th, 2022
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
welcome
everyone
to
cartographer
office
hours
meeting.
Remember
that
this
page
is
mainly
scientists
cause
both
proposals
to
keep
improving
the
project
and
also
questions
and
any
topic.
You
may
ask
the
maintainer
in
here
in
the
chat.
I
put
the
link,
the
note
just
let
me
know
you
don't
have
it
recording
in
progress
all
right,
so
feel
free
to
add
yourself,
you
can
you
sleep,
including
your
affiliation
and
again
glad
to
see
your
thumbnail.
A
Yeah,
that's
a
great
question.
Emily!
That's
called
really
the
first
time
with
big
after
bloor.
So
I
went
your
your
talk
there.
You
have
several
right.
The
top.
B
Yeah,
the
session
went
great.
It
was
standing
room
only
luckily
so,
and
it
went
well
got
a
lot
of
good
feedback
afterwards
and
a
bunch
of
people
testing
out
the
custom
supply
chains
I
built
so
all
went
well.
A
B
Not
much
regarding
cartographer
except
except
wow,
there's
a
lot
for
me
to
learn
the
feedback
that
I
got
from
most
people
where
they
thought
that
kind
of
out
of
the
box
supply
chains
that
came
out
of
tap
were
kind
of
what
cartographer
was
and
when
I
showed
some
of
the
extensibility
capabilities
that
cartographer
offers
up
offers.
Us
people
were
a
bit
shocked
with
how
crazy
they
could
get,
and
I
only
shared
some
of
my
crazy
ideas
so
yeah,
but
that
was
the
general
feedback.
A
C
Yeah
question
did
that
come
mostly
from
trickery
and
ytt,
or
were
there
other
levers
that
you
were
pulling
to.
B
So
it
was
both
options
as
well
as
ytt,
so
there
was
a
lot
of
ytt
magic
in
there
for
certain
things,
but
a
lot
of
it
was
also
even
just
like.
I
had
a
supply
chain
that
I
showed
where
afterwards
like
with
when
I
was
just
talking
with
some
people
afterwards,
where
I
was
actually
deploying
crossplane
objects
and
what
not
in
how
far
you
could
take
it,
where
I
actually
deployed
virtual
machines.
B
For
example,
there
was
no
ytt
speciality
in
that,
but
the
fact
that
you
could
even
use
cartographer
for
let's
say
non-cloud
native
applications
or
certain
other
use
cases
interested
people
as
well,
so
I'd
say
about
50
50
for
ytt
versus
other
things
and
the
main
one
was
probably
around
options
and
being
able
to
kind
of
get
rid
of
ytt
in
certain
cases
and
adding
the
conditionals
into
the
supply
chain
level
itself.
A
Yup,
so
you
mentioned
you,
you
were
using
crossplane
with
cryptographer
many
any.
What's
been
your
experience
doing.
B
That
doesn't
mean
cartographers
easy
to
learn,
trying
to
understand
wrapping
your
head
around
how
compositions
work
is
unique
in
crossplane's
world
and
much
more
complex,
I
would
say
for
getting
started.
However,
the
integration
has
been
really
easy
to
do.
B
I
would
say:
I've
actually
used
it
with
compositions
of
kubernetes
resources
instead
of
let's
say,
k
native
services
as
a
good
example,
using
just
the
kubernetes
provider,
even
of
crossplane,
to
be
able
to
do
things
as
well
as
like
service
bindings,
using
crossplane
compositions
to
actually
stamp
out
good
secrets
for
what
I
need
as
part
of
the
supply
chain
itself.
So
there
are
interesting
use
cases
with
it.
B
I
think
crossplane
opens
up
a
lot
of
options
if
you
know
really
the
in
and
outs
of
how
compositions
work
and
how
to
best
utilize
the
tool,
but
there's
a
lot
of
rough
edges
that
don't
have
to
do
with
cartographer
but
cross
plane
itself
in
getting
crossplane
to
actually
work
the
way
you
want
it
to.
A
C
A
D
A
Okay,
no
problem
great,
so,
oh
or
is
there
any
question
around
rfc
proposal,
anyone
else.
E
David
you
just
sent
me
a
note
on
the
tv
to
see.
Is
that
right.
A
A
Yeah
well,
the
the
question
was
how
to
to
implement
the
decision
on
dissolving,
basically
to
see
so
yeah
there's
a
couple
of
mentions
in
public
docs
and
two
cartographers
on
the
role
of
the
poc.
So
we
will
need
to
update
this
to
actually
reflect
the
decision
that
basically,
the
super
majority
of
boats
from
the
maintainers
team
will
be
the
main
criteria
for
accepting
proposals
for
review.
A
That's
that's
the.
How
that
I
was
spending
to
review.
I
don't
know
if
you
want
to
add
something
else.
E
I
mean
the
basically,
we
were
waiting
for
the
how
to
the
how
to
go
about
doing
that,
because
we
we
don't
have
the
you
know
the
toc
that
we
had
doesn't
exist
anymore.
The
the
leaders
that
we
had,
but
really
it
comes
down
to
the
process
that
was
in
place,
was
stalling.
E
How
we
work
so
the
the
idea
is
to
make
sure
that
we
can
implement
changes
still
in
the
open,
but
without
without.
E
A
process
in
place
that
keeps
us
from
working,
so
the
the
toc,
hopefully
will
be
sorry,
I'm
still
trying
to
read
the
note
that
you
sent
will
be
dissolved
so
that
the
and
then
the
governance
model
will
be
updated
to
reflect
those
changes.
So
hopefully
we'll
do
that
in
the
next
week
or
two
assuming
that
that
that's
accepted
by
the
majority.
E
A
D
Regarding
a
blueprints
rc,
I
think
there's
been
a
lot
of
internal
discussions
with
stakeholders
that
we're
still
trying
to
get
alignment
on.
So
we
don't
have
an
update
on
pushing
blueprints
through
yet
scott.
D
Hopefully
soon
we
will
have
direction,
we
can
start
implementing
some
things.
A
Thank
you
all
right.
Next
up
for
discussion
topic,
this
was
the
discussion
created
a
couple
weeks
ago
by
thomas.
A
I
don't
know
if
all
of
you
have
had
a
chance
to
read
it,
but
you
get
the
idea
from
the
title
and
yeah.
Thank
you
for
bringing
it
up.
Thomas.
I
don't
know
if
you
wanted
to
briefly
reintroduce
discussion
here.
F
Yeah,
maybe
yeah
short
summary,
so
I
wrote
a
lot
a
lot
of
things
there,
but
the
gist
of
it
is
that
I
was
wondering
when
working
with
cartographer,
how
to
approach
securing
the
supply
chain
in
terms
of
yeah
what
the
community
is
moving
on
in
regards
to
salsa
framework,
the
recommendations
from
the
cncf
security
group
and
yeah
in
general,
the
the
idea
of
having
all
steps
in
a
supply
chain
signed
and
with
an
attestation
that
is
stored
somewhere
signed
as
well,
using
in
todo
at
the
stations
and
yeah.
F
I
was
trying
to
figure
out
how
to
achieve
that
in
with
cartographer,
is
like
open
this
discussion,
not
because
we
need
something
in
cartographer.
I
guess
it
was
more
an
open
question
about
the
ecosystem
when
working
with
cartographer.
What
should
I
consider
because,
for
example,
kpac
provides
some
functionality
in
regards
to
this?
I
can
sign
images.
C
I
think
the
first
thing
for
for
us
is
that
you
know
the
cartographer
model
is
that
we're
allowing
these
we're
allowing
you
to
build
a
supply
chain
out
of
these
more
fully
formed
agents,
right
that
in
in
tecton
everything
that
you're
doing
is
code,
that's
written
and
it's
that
can
be
you
know,
tecton
can
read
all
the
code,
that's
there
and
I
I
will
admit
that
I
have
not
developed.
C
I
have
a
high
level
understanding
of
how
chains
work,
but
when
you
say
that
chains
is
intercepting
I'd
be
interested
in
looking
more
into
how
deep
can
that
interception
go
in
particular
yeah?
C
I
would
imagine
that
if
you,
if
you
called
out
from
a
techton
task
to
some
api
of
a
service,
that's
running
off
of
your
cluster
and
it
does
some
work
and
that
work
comes
back
to
you.
There's
limited
attestation.
That
chains
could
give
you,
because
all
it
knows
is
hey.
I
called
out
to
this
api
and
it
handed
me
back
this,
this
artifact
and
really
that's.
What's
going
on
with
cartographer
right,
we
we
stamp
out
an
object
and
then
that
object
goes
and
spins
and
it
it
hands.
C
Us
back
an
artifact
if
one
looks
at
if
one
looks
at
kpac
and
says
I
don't
like,
I
don't
like
the
system
that
it
uses
for
attestation
the
way
cartographer
handles
that
is,
we
say.
Oh,
we
make
it
really
easy
for
you
to
swap
kpac
for
something
else
that
you
do
prefer.
C
I
would
say
that
that's
my
stance
is
that
you
know
if
you,
if
you
have
a
desired,
if
you
have
standards
that
need
to
be
met
by
the
tooling
cartographer
says
we
make
it
very
easy
for
you
to
swap
in
tooling.
So
all
you
need
to
do
is
identify
tooling
that
meets
your
standards
and
then
it'll
be
easy.
Peasy.
You
know
pass
in
pass
in
from
your
supply
chain
the
values
for
for
that
tool.
To
tell
that
tool
hey.
C
F
Yeah
the
thank
you
for
that.
What
got
me
thinking
is
how
they
implemented
tactum
chains,
because
it
works
in
a
way
that
like
intercepts,
what
are
the
inputs
and
the
outputs
of
a
step,
and
what
is
the
specification
of
that
step?
And
I
figured
okay,
that's
what
cryptographer
knows
already.
It
knows
the
inputs,
the
outputs
and
the
template
of
the
resource
that
it
will
be
stamped.
F
So
would
it
make
sense
for
the
cartographer
also
to
like,
provide
an
attestation
knowing
the
information
that
already
knows
and
hooks
into
this
salsa
framework
like
creating
the
attestation
and
having
a
mechanism
to
sign
that
at
the
station,
or
would
it
be
each
resource
part
of
the
supply
chain
responsible
for
getting
inputs,
outputs
and
build
specification
and
create
this
attestation
and
either
way?
I
think
it
would
be
nice
to
have
some
kind
of
best
practice
or
guidelines
like
or,
if
you're,
using
photographer,
here's
how
you
can,
for
example,
make
your
system
salsa
level
three.
F
C
Yeah
on
your
on
your
second
point
like
it
would
be
valuable
to
be
able
to
create
a
system
that
that
meets
particular
salsa
levels.
Yes,
I
agree.
Okay,
I
think
they
were
aligned
there
in
terms
of
cartographer
reporting
what
it
is
able
to
know.
There
are
some
rfcs
that
we
wrote
a
couple
months
back
now,
one
around
artifact
tracing,
which
is
right.
Now,
it's
not
technically.
C
Meant
to
fix
that
fix
that
problem
to
allow
users
to
opt
in
to
a
system
where
they
would
know
those
things
there
would
be
a
performance
hit
and
you
know
for
for
some
users,
that'll
be
absolutely
like
that
that'll
be
a
trade-off
worth
making
and
then
a
separate
rfc
in
terms
of
okay.
Once
you
have
toggled
that
switch
and
you've
you've
allowed
that
tracing
to
to
be
possible,
how
would
that
information
be
communicated
out?
I
think
if
memory
serves
me
right,
that's
rfc,
18.
C
A
G
Yeah
hi,
I
wanted
to
the
team,
wanted
to
bring
this
up
to
folks
who
are
using
cartographer,
because
this
was
an
interesting
one.
We
were
working
on
a
story
to
simplify
json
path
errors
because
right
now,
if
they
happen
deep
inside
a
template,
there's
this
very
weird
recursion
in
the
error.
It's
really
really
hard
to
understand.
What's
going
on,
because
you
basically
see
little
snippets
of
your
template
being
regurgitated
in
this
large
recursive
area
becomes
very
difficult
to
really
understand
what
the
error
is
trying
to
say.
G
So,
we've
we've
made
this
draft
pr,
which
basically
collapses.
All
of
that
and
tells
you
where
the
path
to
the
document
is.
But
when
we
were
making
these
changes,
we
we
actually
noticed
that
we
had
a
slightly
undocumented
feature
that
we
even
have.
E
G
Test
for,
but
we
don't
really
believe
people
are
using,
so
you
know
we
kind
of
just
wanted
to
kind
of
highlight
it
here
in
the
community
meeting
just
to.
G
Actually,
using
any
feature
like
this,
we
don't
think
so,
but
you
know
we
kind
of
just
wanted
to
you
know:
do
it
in
the
open
as
much
as
possible.
So
I
don't
know
dave
david
if
you
could
just
pull
open
the
files
change
tab
there
on
this
issue
and
if
you
pop
down
to
there's
a
second
last
folder
on
the
right
there,
that
has
a
zero
one
supply
chain:
dot
yaml,
so
yeah,
that's
the
one
at
the
top
there.
But
it's
it
says
the
file
was
deleted.
G
If
you
can
just
click
the
load
diff
on
it,
it's
the
one
on
the
top
yeah.
So
if
you
see
here
on
line
38
there's
this
like
really
clever
value,
that's
being
put
into
the
the
value
for
this
supply
chain
parameter-
and
this
doesn't
actually
get
evaluated
here,
but
it's
being
passed
in
from
here
and
then
what
actually
the
feature
that
this
that
this
test
relied
on?
G
If
you
go,
if
you
could
actually
just
click
on
zero,
zero
templates,
now
david
just
above
templates
there
you
can
see,
I
think
you
have
to
load
the
diff
for
that
as
well.
My
apologies.
It's
just
at
the
top
there.
Okay,
that's
the
one
with
the
blue
ring
around
it.
Oops
do
you
want
to.
A
G
So
you
can
see
here.
This
is
the
the
value
that
I
was
talking
about.
It
was
passed
in
the
supply
chain
and
then
later
in
a
template.
This
test
was
picking
up.
Where
is
it
now.
G
Here
we
go,
it
specifies
the
service
account
name
inside
this
template
for
a
runnable
and,
of
course,
so
what
this
relies
on.
Is
this
template
being
evaluated
this
snippet
being
evaluated
once
which
results
in
the
parameter
keep
in
mind
this
isn't
evaluated
in
the
supply
chain.
So
this
is
actually
a
string
at
this
time,
and
we
had
this
feature
where
we
were
evaluating
the
results
of
that
template.
So
we
would.
D
G
Evaluating
workload,
spec
service
account
name
in
order
to
get
you
know
the
surface
account
of
the
workload.
Once
again,
we
have
a
fairly
strong
feeling
that
most
people
are
just
using
ytc
anyway.
So
this
isn't
a
thing
but
kind
of
just
wanted
to
point
this
out,
because
this
probably
would
be
a
breaking
change.
If
you
rely
on.
G
G
Any
questions
concerns.
B
G
B
G
So
you'd
you'd
you'd
end
up
with
well,
as
you
can
see,
we're
deleting
this
test
in
this.
In
this
situation,.
C
G
This
was,
if
we
still
kept
this
test
around,
this
would
fail
right
and,
and
the
value
that
you'd
end
up
with
here
would
be
this
weird.
So
this
would
get
evaluated
and
value
would
be
this.
B
G
G
Cool
all
right,
we'll
look
at.
We
might
promote
that
to
a
non-draft
br
this
week.
A
Awesome,
I
think,
he's
happy
all
right.
Is
there
any
other
topic
you
like
to
discuss
here?