►
From YouTube: Cartographer Office Hours #2 - Nov 29th, 2021
Description
00:00 Overrridable vs default params
03:13 RFC 014 - what information is passed on user notifications
13:43 RFC 010 and RFC 015 move to Accepted
15:20 Open questions from RFC 016
The purpose of this meeting is to discuss architecture-changing ideas (in the form of RFCs) and provide in-depth support to the community of Cartographer contributors.
You can continue the conversation by adding comments to the RFCs or creating a new one:
https://github.com/vmware-tanzu/cartographer/pulls?q=is%3Apr+is%3Aopen+rfc
Agenda: https://docs.google.com/document/d/1ImIh7qBrOLOvGMCzY6AURhE-a68IE9_EbCf0g5s18vc/edit?usp=sharing
#opensource #softwaresupplychain
A
B
Okay,
so
yeah,
just
to
recap
right
from
rfc
10.
We
had
talked
about
these
two
different
approaches.
One
was
the
idea
of
having
a
value
with
an
overrideable,
true
false
flag
in
the
supply
chain.
The
other
approach
was
having
a
default
value,
semantic
that
got
applied
to
all
the
different
places
where
params
are
used,
where
default
means
that
you
can
override
something
value
means
that
you
can't
override
it
anymore.
B
So
what
we
did
is
we
originally
implemented
it
with
overrideable
flag
per
the
initial
recommendation,
but
then
we
found
prior
art
in
the
pod
spec
template
that
comment
right
there,
the
one
that
david's
sharing
right
now,
and
so
we
submitted
a
new
pr
that
added
this
behavior
and
it
got
merged.
So
we
went
ahead
with
default
value.
B
C
C
C
That
makes
sense,
I
feel
like
it's
a
little
undecided
about
if
I
like
template
having
default,
but
I
don't
think
I
have
a
strong
enough
opinion
to
say
either
way.
So
it
sounds
good.
I
just
wanted
to
understand
where,
where
I
went,
I
can
update
the
kind
of
large
internal
dock
also
to
cover
that
awesome.
A
C
Actually
one
one
quick
thing
on
from
last
week,
I'm
just
looking
through
stuff
that
was
talked
about
on
rfc
14,
which
only
suggested
adding
information
about
the
resource
that
it
passed
through.
Is
there
a
reason
we
need
that
versus
just
the
name
of
the
like
there's
a
separate
name
that
identifies
the
component
that
it
links
to?
Is
there
a
reason
to
include
both
the
oh,
the
resource
information
and
the
name
of
the
component?
Are
you
worried
like
what
happens
in
the
supply
chain
changes
or
something
like
that.
E
It's
less,
it
says
when
the
supply
chain
changes.
I
think
in
the
in
that
note,
I
had
pointed
to
an
issue
where
essentially
the
the
reasoning
from
that
issue.
I
think
applies
equally
here
and
josh
can
speak
to
that.
I
believe
that
that
378.
E
E
This
was
about
you
know
the
messages.
Oh
we're
waiting
on
something
and
if
they
didn't
have
the
supply
chain
there,
the
component
name
wouldn't
be
very
useful
to
them
to
understand.
What's
going
on.
Similarly,
if
we're,
if
we're
saying
like
here's,
this
artifact-
and
it
comes
from
this
component
name,
but
they
can't
look
at
the
supply
chain,
then
they
don't
really
know
what
what
object
that
comes
off
of.
C
I'm
curious
about
it's
like
the.
The
proposed
association
creates
a
kind
api
version
name
and
namespace
association
with
the
artifact
or
with
the
reference
to
the
other
artifact
right.
So
it's
like
it's
not
associated
with
the
artifact
itself.
It's
just
when
an
artifact
comes
from
another
artifact.
You
you
say
came
from
that
artifact
through
this
other
resource.
Is
that
right,
but
then
we
still
have
this
past
list
that
describes
the
stages
that
have
been
through.
Do
we
need
the
past
list
anymore
if
we
are
keeping
track
of
this?
C
B
E
Yeah-
and
I
think
the
this
muddies
like
whether
this
information
should
be
in
from
along
with
that
id,
I
think,
is
a
I'm
not
sure
that
it
should,
like
those.
Those
are
really
different
concepts,
but
I
yeah
there
should
be
some
some
term
that
allows
you
to
specify
like
here's.
The
original
object
that
this
was
read
off
of.
C
So,
like
you
have
source
code
and
it
passes
through
a
few
stages
unchanged
right
does
that
source
code
say
it
came
from
source
code
from
itself
from
itself
from
itself
with
different
references,
or
should
all
this
really
be
in
the
past
list.
The
past
list
says
this
resource
passed
through
sorry.
This
artifact
passed
through
this
these
resources,
I'm
pretty
sure
it
should
be
the
latter
right,
and
so,
unless
you
disagree,
we
could
flip
the
model
so
that
it,
you
know
it
creates
chain
of
links
to
itself.
C
But
I
think,
because
we're
trying
to
form
an
artifact
like
say
artifacts
turn
into
other
artifacts
right.
It
might
make
more
sense
to
rep
to
represent
the
artifacts,
the
top
level
and
then
use
pass
to
represent
the
resources
that
they
pass
through.
So
like
moving
the
information
that
you
proposed
from
there
into
past
instead
and
then
having
separate
resource
name
versus
component
name
in
there
might
be
one
way
to
solve
it.
E
Yeah,
I
I
don't
have
any
objections
to
that.
I
wonder
if
there
should
be
some-
and
this
may
be
tangential
or
orthogonal
some
way
to
note
like
the
resource
that
it
wasn't
just
passed
from,
but
that
it
originated
from
and
maybe
if
passed
is
just
an
ordered
list,
then
we're
like
yeah,
it's
the
first
one
in
the
list.
C
The
resource
that
the
artifact
originated
from
not
the
artifact,
the
artifact,
originated
from
that's
what
it
meant
right.
Yes,
so
the
first
one
in
past
should
be
the
thing
that
generated
it.
Yeah
yeah,
I
totally
agree
just
making
sure
on
the
same
page
cool.
I
can
leave
a
comment
after
your
comment
on
that
to
move
it
around.
I
just
just
wanted
to
make
sure
we
got
the
nitty-gritty
right,
cool.
A
B
D
D
D
C
Kept
in
the
status,
we
don't
want
historical
things
to
be
kept
as
events,
because
how
many
do
you
keep
an
scd
right?
It's
the
like.
What's
the
right
amount
to
keep
on
the
cluster?
In
that
case,
I
figured
the
historical
relationships
should
go
into
some
kind
of
more
permanent
storage,
but
it's
like
could
you
represent?
D
B
D
Yeah,
like
I
think
the
semantics
like
makes
sense
to
make
the
the
relationship
between
events
and
what
we're
trying
to
do,
but
I
think
the
way
they're
treated
and
is
expected
to
be
used
in
kubernetes.
I
think
there
might
be
a
mismatch
there,
but
again,
I'm
not
super
familiar
with
events.
Really,
I
think
it's
worth
putting
a
note,
though,.
C
I
think
it's
going
to
be
helpful
to
have
at
least
the
current
state
of
the
world
tracked
in
one
participle
place
that
we
can
easily
return
back
to
the
user
and
show
in
a
a
graph
right
without
having
to
parse
through
events.
But
I
I
agree.
I
like
the
idea
of
and
that's
being
made
available
when
things
happen,
to
improve
the
user
experience.
C
Do
that
or
yeah?
We
could
do
that,
though
right
you,
you
can
even
set
the
registry
as
a
backend
right
for
the
the
artifact
tree
and
then,
as
artifacts
drop
off
they're
no
longer
part
of
the
tree.
They
you
know
stay
in
the
registry
based
storage
and
then
you
don't
need
any
external
other
kinds
of
storage
and
your
cli
can
you
know
parse
understand
how
to
go
from
the
crd
to
the
registry
that
it's
writing
to
and
automatically
give
you
historical
information.
Then
you
know
magically
on
vk
in
any
place.
C
A
Great
okay,
thank
you.
Anything
else
got
an
rc,
14
or
any
other.
E
Yeah,
so
we
I
just
kind
of
dropped
in
rfc
10
we've
got
an
implementation,
that's
merged.
To
main.
I
assume
that
we
should
go
ahead
and
finalize
that
rfc
with
the
current
default
value.
That
can
be
some
of
the
documentation
on
how
that
and
how
that
works,
and
then
I
think
that
that's
accepted
we
can
mark
it
accepted.
We
can
drop
it
into
an
accepted
folder.
A
E
So
there,
so
there
are
a
couple
of
open
questions
in
the
in
the
notes.
What
does
validation
mean
for
config,
which
is
a
large
block?
Vml?
Do
we
need
another
template
type
for
config
known
to
be
case
objects,
so
I
I
have
preceded
my
understanding
has
always
been
that
cluster
config
templates
are
meant
to
hold
a
a
case,
object
and
I've
written
it
like
that
currently.
But
I
think
that
we,
you
know
we
had
some
questions,
some
open
questions
at
the
last
meeting.
E
Are
they
being
used
in
other
ways
right
now
and
do
you
expect
them
to
be
used
in
other
ways
and
that
I
think
that
in
some
ways
that's
a
little
bit
of
a
validation
question?
But
it's
also
just
a
what
template
types
do
we
need
question.
C
Pod
templates
back
they're
used
to
like
convey
chunks
of
information
about
that
would
go
into
a
deployment
or
another
resource.
Pretty
often
in
examples
we
have
so
I
don't
think
a
config
is
a
cat's
resource.
I
think
it's.
It
could
be
many
kids
resources.
It
could
be
a
snippet
of
the
inside
of
a
kid's
resource,
but
I'd
say
it's
probably
valid,
saying
that
it's
valid
yaml,
it's
probably
good
enough,
and
that
also
buys
you
json
as
a
subset
of
yaml,
which
is
nice,
and
so
maybe
just
validating
it
with
a
yaml.
C
F
It's
just
yeah.
It
was
just
that
because
I
was
coming
out.
I
was
coming
at
that
particular
validation
from
having
heard
people
say.
Well,
it's
just
any
old
string
right.
I
think
they
meant
it's
just
any
old
string.
That
represents
a
bunch
of
documents
all
right.
It
can
be
one
or
more
that's
what
I
think
they
meant,
but
because
they
said
it
could
be
in
the
old
string.
I
wanted
to
double
check
that
yeah.
E
So
I'm
fine
with
this
saying
that
it
has
to
be
key
value
pairs.
I
don't
know
how
how
how
canonical
yq
is,
but
if
you
echo
high
to
yq
it'll
it'll
be
like
yeah.
This
is
a
string
hi.
C
C
C
For
sure
multi-document
it
could
be
multiple
resources,
I
guess
yeah
sure
it
should
be
able
to
be
what
happens
if
you
yeah?
No,
I
think
that's
right.
It
should
be
able
to
be
multiple
documents
because.