►
From YouTube: Carvel Community Meeting - July 7, 2022
Description
Carvel Community Meeting - July 7, 2022
This week we announced three new releases: kapp-controller, vendir, and secretgen-controller. We also had in-depth discussion on 'Packaging API: version constraints for k8s version and kapp-controller version' and 'Examples or patterns for using imgpkg and kbld in a go CLI.' Check out the agenda here: https://hackmd.io/F7g3RT2hR3OcIh-Iznk2hw#July-7-2022-Agenda
A
Hi
everyone
welcome
to
this
week's
edition
of
the
carmel
community
meeting.
If
you
are
watching
this
from
home,
we
encourage
you
to
come.
Join
us
live
we
meet
today,
every
thursday
at
10,
30
am
pacific
time.
But
after
this
meeting
we're
changing
some
things
up
so
keep
watching
and
I'll.
Let
you
know
what
that
means.
A
It's
a
great
opportunity
for
you
to
come
and
listen
in
on
what
the
maintainers
are
working
on,
get
feedback
on.
What
they're
working
on
ask
questions
if
you
have
any
feature
requests
or
you
need
help
with
something
you
can
come
and
and
just
get
at
that
live
help
from
the
maintainers
and
other
members
of
the
community.
A
If
you
are
unable
to
find
us,
are
unable
to
join
us
in
these
meetings.
But
you
still
want
to
reach
out
to
us.
You
can
find
us
in
the
carnival
channel
within
the
kubernetes
like
workspace,
you
can
email
us.
You
can
obviously
find
us
in
github
within
any
of
our
project
repos,
and
you
can
find
us
on
twitter
at
carvilleunderscoredev.
A
A
Today's
date
is
july,
7th
2022,
as
listed
here
in
the
agenda.
If
you
are
using
any
of
the
karbal
tools,
we
want
to
know
more
about
how
you're
using
it.
So
we
created
a
pinned
issue
that
allows
you
to
provide
those
details
for
us.
You
can
input
those
the
comments
or
add
a
comment.
Sorry
to
sorry,
I'm
just
muting
some
folks,
because
there's
some
feedback,
I'm
getting
okay.
A
We
just
asked
that
you
provide
details
within
a
comment
to
this
pinned
issue
on
your
use
case
with
any
of
the
cardboard
tools
and
optionally,
add
a
logo
of
your
company,
and
we
will
get
added
to
the
adopters
file
here.
It's
a
really
great
way
for
you
to
share
what
you're
working
on
with
the
maintainers.
A
So
they
can
better
understand
and
help
with
the
development
of
the
tools,
as
well
as
share
sharing
your
knowledge
on
how
you
use
the
tools
with
the
community,
and
it
helps
them
learn
how
they
can
also
use
the
tools
as
well.
So
we
would
really
appreciate
it
if
you
added
that
comment
in
there
and
gave
us
a
little
bit
more
information.
A
A
We
will
also
share
it
at
the
community
meeting
and
we
will
share
on
slack
and
do
all
sorts
of
other
promotion
with
that
and
as
a
thank
you,
we
will
send
you
a
t-shirt
or
an
alternate
swag
item
of
your
choice.
If
you
don't
like
t-shirts,
we
have
other
options
to
choose
from.
So
if
you
have
any
questions,
feel
free
to
reach
out
to
us.
B
This
was
a
a
recent
feature
when
we
added
in
38,
I
think,
or
maybe
37.
I
forget
anyway.
The
nintendo
was
both
package
repositories
and
app
crs
follow
the
same
procedure
and
for
package
repositories
deviated
from
actually
executing
a
site
car.
So
this
small
fix
corrects
that
most
people
would
not
even
notice
since
most
people
don't
use
custom
proxies
and
ca
certificates,
but
for
the
environment
who
do
use
it.
This
might
be
useful.
B
It's
me
again:
this
was
some
from
a
previous
release.
We
were
investigating
why
vendor
and
helm
was
not
playing
nice
when
it's
configured
through
asdf
package
manager
and
turns
out
that
asdf
package
manager,
for
whatever
reason,
needs
to
have
access
to
the
home
directory
as
configured
through
the
home
environment
variable,
even
though
it
does
all
kind
of
paths
rewriting
so
interior
should
need
it,
but
for
whatever
reason
it
needs
it.
So
this
is
an
enhancement
to
make
vendor
work
with
asdf,
better.
A
C
D
D
A
A
We
posted
this
in
slack
to
try
and
get
feedback
and
scott
rosenberg
one
of
our
awesome
community
man,
members
gonna,
say
community
managers
he
might
as
well
be
a
manager
of
community.
He
suggested
wednesdays
instead
of
thursdays,
so
we
are
now
going
to
be
moving.
This
community
meeting
two
wednesdays
at
9
00
a.m,
pacific
time,
every
second
and
fourth
wednesday,
and
we
won't
be
meeting
next
week,
which
would
technically
be
the
second
wednesday
I'm
just
because
we're
meeting
today.
A
A
C
F
Okay,
hooray
so
basically
version
stink.
We
should
never
write
new
software
ever
again,
but
barring
that
solution,
you
might
want
to
say
hey
this.
This
will
only
work
up
to
kubernetes
1.23,
or
this
will
only
work
starting
on
kubernetes,
1.24
or
even
worse.
You
might
have
a
scenario
where
you're
like
well.
If
this
is
kubernetes
1.16
or
below,
I
want
to
use.
You
know
this
feature
like
I
know.
One
of
the
things
we
talked
about
was
like
pod.
Was
it
psp's
pod
security?
Whatever
the
last
p?
F
Is
you
know,
and
then,
if
it's
a
later
version
of
kubernetes,
I
want
to
do
something
else,
and
so
I
I
need
to
have
conditional
logic
in
my
templating
and
anyways
and
you
might
be
in
that
position
with
respect
to
both
kubernetes
and
with
respect
to
cap
controller
itself.
So
hence
there's
this
kind
of
like
two-prong
solution,
so
we're
saying
well,
we
can
provide
a
minimum.
F
F
and
maybe
you
want
to
say
my
maximum
is.
I
don't
know
I
gave
this
example
123.,
and
you
know
I
think
we
basically
said
well
look.
If
a
package
install
like
you
can
have
a
package
on
your
system,
but
a
package
install
if
you
make
a
package
install
that
says
the
minimum
kubernetes
is
1.25,
and
here
you
are
in
2022
running
kubernetes
1.23
is
we're
gonna
be
like
well,
you
can't
install
that.
You
know
this
package
has
a
minimum
kubernetes
of
1.25
that
doesn't
exist
yet
so
you
can't
install
it.
F
That
seems
reasonable
and
I
maybe
you
know
as
a
brief
question.
I
would
love
to
get
any
temperature
in
the
room
of
like.
Would
you
rather
have
two
separate
keys
for
minimum
and
maximum?
Would
you
rather
specify
a
range?
Is
this
gonna
totally
miss
the
mark
on
anything
that
you
all
are
dealing
with
today?.
G
F
Two
scott
you're
genius:
you
are
a
community
manager,
so
yeah,
so
this
this
first
step
is
about.
I
just
don't
want
the
install
to
go
through
and
then
the
second
step,
our
very
own,
dennis
recently.
Well,
I
guess,
before
we
move
on
to
step
two,
no
further
questions
on
step,
one,
your
honor,
no
further
questions!
I.
H
F
I
That
like
I
want
to
know
why
right
and
so
then
my
question
is
like
what
is
the
behavior
of
cap
when
you
provided
a
list
of
objects
of
specific
api
groups
that
are
not
satisfied
by
the
cluster
right
like
I
don't
want
to
see
a
hollow
message
that
says
you
can't
install
this
because
of
some
number.
That's
arbitrary,
like
that's
so
decoupled
from
the
contract,
that's
actually
being
broken,
which
is
this
api
group
is
not
available
or
you
know
like
there
can
there's
like
a
very
small
subset
of
more
esoteric
things
like
this.
F
Think
I
appreciate
the
input
lee
and
I
I'm
trying
to
square
that
the
the
ticket
or
the
issue
that
was
opened
was
was
actually
about
upgrade
like
basically,
I
I
don't
want
to
upgrade
my
kubernetes
cluster
if
a
package
won't
be
compatible
with
the
new
version
right
and
that,
like
things
that
happened
like
I
think,
famously
1.24
the
like,
they
just
dropped
a
bunch
of
stuff
on
the
floor
and
they
were
like.
Oh,
were
you
using
that?
B
B
You
know
transparent
to
it
right,
especially
if
you
get
into
you
know
different,
you
know,
managed
kubernetes
service,
kubernetes
offerings
and
different
kind
of
version
ranges
that
they
that
they
offer
right.
So
this
feature
does
not
necessarily
replace
a
potential
future
feature
that
talks
about
hey
I'd
like
to
make
some
choices
around.
You
know
what
I'm
deploying
based
on
the
available
api
versions,
but
I
don't
think
that
future
feature
is
a
replacement
for
this
feature.
I
Yeah,
I
think
a
great
example
of
this
is
in
the
most
kubernetes
release.
Most
recent
kubernetes
release.
We
dropped
support
for
auto,
like
long-lived
service,
account
tokens
because
they've
been
deprecated,
for
you
know
several
years
now,
so
that
automatic
behavior
is
no
longer
present
in
a
cluster.
B
I
Authors
should
be
empowered
to
say,
like
hey.
This
probably
is
not
going
to
work,
and
you
might
run
into
something
in
this
very
common
case,
but
with
any
gate
or
like
pre-flight
check
or
warning
or
early
exit
linter
type
system,
especially
when
it
comes
to
infrastructure,
which
is
just
like
all
we're
gluing
together.
These
things
that
are
so
loosely
coupled
like
I'm
very
against,
like
anything
that
makes
it
difficult
for
somebody
to
actually
do
the
thing
that
they
want
to
do.
I
So
if
we
should
help,
people
discover
that
packages
will
might
have
problems,
but
we
should
be
really
careful
about,
like
encouraging
package
authors,
to
take
some
absolute
stance.
That
says
like
this
should
not
install
with
this
version
right.
Somebody
should
always
have
the
option
to
override
that,
and
the
experience
should
be
more
about
warnings
and
reasoning
than
outright
failure.
B
I
think
that
aligns
generally
with
cap
controllers.
Balance
of
you
know:
what
can
a
consumer
do,
even
though
the
author
provided
something
right
so,
for
example,
here
might
be
ability
for
us
to
actually
override
a
choice
of
or
not
a
choice,
but
rather
override
a
decision
that
the
system
is
making
by
default.
Right.
Hey,
look
ignore
this
version
constraint
thing
right.
You
just
go
ahead.
Trust
me.
It
may
work
right.
I
know
my
system
better
kind
of
thing
right
and
so
that
I
I
don't
I
would.
F
I
Yeah
this
does
seem
like
something
that
would
probably
be
very
well
abstracted
within
cap
itself,
like
you
would
probably
want
some
of
these
things
if
it's,
if
it's
not
already
there
in
cap
on,
like
you
know
it
install
this
resource.
If,
if
we're
matching
this
api
version
or
this
api
server
version
or
if
this
api
group
is
present,
you
know
install
this
thing.
B
I
don't
think
it
would
necessarily
push
it
to
cap
cap
itself
doesn't
know
much
about.
You
know,
kind
of
all
kinds
of
logic
that
you
might
want
to
be
doing
right.
I
think
ultimately,
we'll
you
know
will
probably
with
the
combination
where
this
information
is
available
for
you
at
the
you
know,
mutation
of
your
configuration
layer
right.
B
J
J
I
really,
and
I
think
that
if
you,
if
you
think
you
know
better
than
the
package
author,
because
that's
what
was
talking
here,
you
think
you
know
better
than
the
package
author.
Then
you
should
fork
that
package
and
you
should
add
it
yourself
with
the
restrictions
that
you
think,
but
in
some
sense
what
the
package
author
is
telling
you
this
works
in
this
situation,
I'm
not.
J
Why
would
you
want
to
insult
in
a
different
place
right?
I
think
that
sometimes
I
feel
like
that,
giving
too
much
like
freedom
and
too
much
knobs.
This
is
gonna,
even
though
it's
gonna
bite
us
in
the
future
for
sure,
but
it
also
it's
just
like
it's
becomes
a
little
bit
loosey
here
I
don't
know
that's
at
least
that's
what
I
think.
K
That
makes
me
wonder
something
else
related,
which
is
I'm
wondering
what
the
behavior
of
you
know.
You
have
cluster
inversion
on
version
one
and
the
packages
within
the
range
it's
allowed
to
be
installed
on
version
one
of
the
cluster
and
then
the
cluster
admin
upgrades
it
to
cluster
two
and
now
the
package
is
no
longer
in
in
the
range
of
that
of
that
cluster
versioning.
I
Like
again
like
that's,
that's
like
a
very
good
point,
and
it's
a
natural
consequence
of
using
kubernetes
is
that
the
way
that
we
upgrade
things
is
to
provide
migration
paths
and
flags
to
enable
and
disable
specific
behaviors,
and
that
there
are
many
systems
that
are
interacting
each
with
each
other
over
boundaries
that
have
various
couplings
right,
like
with
the
very
specific
failure
mode
that
I'm
describing.
The
things
that
broke
from
the
last
release
of
with
service
accounts
tokens
no
longer
being
generated
by
default.
I
This
is
an
example
of
something
that
would
break
people's
packages
in
a
very
surprising
way
that
can
only
be
found
out
at
runtime.
It's
an
example
of
something
that
a
package
author
would
likely
want
to
help
warn
users
and
protect
them
from,
but
at
the
end
of
the
day,
because
kubernetes
is
so
flexible
and
because
upgrade
paths
are
very
dependent
on
which
components
are
causing
breakages
and
you
the
ability
to
change
the
behavior
based
off
of
how
the
cluster
is
configured.
I
It's
if
you
are
packaging
for
a
specific
kubernetes
version,
and
you
have
the
hubris
to
say
I
don't
want
this
to
install
on
this
particular
thing.
You
end
up
with
the
packaging
system.
That's
just
going
to
get
in
people's
way.
All
of
the
time
you
know
with
the
pace,
pace
of
change
in
the
core
project
still
as
it
stands
years
in
it
right.
J
But
it
should
stand
in
your
way
because
if
I
am
managing
a
package-
and
I'm
telling
you
that
you
shouldn't
install
this
in
this
particular
version
of
kubernetes
like
I
must
know
why
right
or
should
I
just
allow
you
to
install
it,
break
it
and
then
come
to
me
and
tell
me:
oh,
this
is
broken,
and
I
tell
you
oh
yeah,
because
we're
missing
this
part
I
mean
now.
This
doesn't
work
anymore.
J
I
They
want
to
prevent
people
from
making
that
mistake
by
default,
but,
as
somebody
who's
been
in
a
platform,
an
infrastructure
person
gluing
things
together,
like
these
sorts
of
gates,
always
get
in
my
way
you
know,
and
at
like
I
do
want
the
power
to
be
able
to
say.
Yes,
I
really
understand
what
I'm
doing
and
I'm
going
to
install
this
and
when.
B
I
F
F
I
appreciate
the
discussion.
Okay,
so
the
other
thing
exactly
as
prophesied
by
scott
rosenberg
is
we're.
Gonna
make
this
information
available
in
templating,
because
you
probably
care
about
that.
You
probably
have
conditional
logic
and
all
kinds
of
terrible
gnarly
things
to
do
depending
on
the
version
and
so
dennis
recently
added
we're
calling
it
downward
api.
It's
it's
an
analogy
to
the
kubernetes
downward
api,
so
we're
we're
making
available
data.
That's
in
like
the
meta
like
the
app
you
know,
metadot
namespace
or
something
we.
F
So
we
have
our
own
downward
api
and
you
can
be
like
you
know.
I
want
you
to
bind
the
value
from
this.
My
own
apps
metadot
namespace
into
this
name
that
I'm
providing
right
and
it
works,
and
that
sounds
very
much
like
the
kubernetes
download
api.
And
so
then
you
know
same
thing:
we're
offering
you
know
well,
you're
you're
gonna
get
to
pick
your
own
name
that
we
bind
the
data
to,
but
somehow
we're
gonna
make
carvel.
F
Somehow
we're
gonna
make
the
kubernetes
version
available
to
you
and
the
cap
controller
version
available
to
you,
and
I
don't
think
this.
It
barely
matters,
but
I
did
I.
I
showed
two
different
ways
that
we
could
do
this
right
on
the
one
we've
got
like
left-hand
side
that
says,
source
carval.kubernetes
version
and
on
the
other,
the
left-hand
side
is
the
name
of
the
data.
Already
controller
version-
and
you
know
you're
just
saying
like
the
right
hand,
side
is
barely
matters.
What
you,
what
you
say,
you're
just
saying:
that's
right,
anyways!
F
B
B
I
was
going
to
throw
in
something
this.
This
might
be
a
good,
also
starting
point
for
other
similar
types
of
features
like,
for
example,
he
was
mentioning
earlier
on
around
the
the
access
to
available
apis
right
and
so
potentially
plumbing
such
information
into
you
know
places
like
help,
template
ydt,
template,
etc,
etc.
G
Yeah,
I
was,
I
was
just
about
to
say
one
of
the
things
that
helm
does
when
you
do
a
helm
apply
is
that
it
has
the
idea
of
capabilities
within
it,
and
then
you
can
use
that
through
the
built-in
capabilities.kubernetes
version
that
does
exist
in
helm,
template
by
passing
in
flags
and
we're
doing
a
helm
template
here.
So
I
would
wonder
if,
as
part
of
this
proposal,
we
could
also
add
that,
like
helm,
template
for
example
automatically,
we
would
pass
in
the
kubernetes
version
as
this
value,
because
that
never
hurts
the
helm
template.
G
B
This
does
raise
an
interesting
question
around
whether
this
should
be
under
the
items
part
of
the
downward
api
versus
some
additional
section,
which
may
then
provide
ability
to
you
know
the
the
the
version
or
the
potentially
down
the
line
available.
Cluster
versions
right
may
not
be
actually
injected
as
a
data
value
right.
Maybe
it's
injected
in
through
the
inner
workings
of
you
know,
helm,
template,
etc,
etc.
Right
so
might
be
some
some
more
thinking
to
do
in
this
area.
G
Yeah,
and
especially,
I
liked
what
you
had
brought
up
demetrium
down
the
road,
possibly
adding
like
available
api
types,
and
things
like
that,
like
helm,
has
today
where
it
can
pull
and
say
yeah,
you
have
service,
monitor
crds
of
prometheus,
so
create
service
monitors
for
this
application.
If
specific
things
exists,
I'm
not
sure
it
makes
sense
under
items
necessarily.
I
would
agree
with
that
that,
possibly
having
it
like
cluster
info
or
something
under
downward
api,
that
would
be
a
way
of
separating
it
out
from
the
actual
downward
api's
strict.
B
I
G
G
I
B
B
So
all
of
that
stuff
is
in
the
pr
state
right
now
we're
still
iterating
actually
just
recently,
I
think
it's
a
week
or
two
ago
kind
of
a
gotten
a
little
bit
more
clarity
around
like
how
we
should
partition
the
flow.
But
you
kind
of
wanted
to
understand
if
some
of
this
stuff
is
maybe
overlapping
in
in
your
you
know,
in
your
efforts-
maybe
not
yes,
yeah.
L
We
need
a
little
bit
of
help
to
template
out
the
directory
structure
for
our
devs.
We
need
a
little
help,
giving
them
tooling.
To
you
know,
k
build
and
image
package
push
the
biggest
thing
that
we're
really
interested
in
is
you
know
getting
some
testing
around
that
as
well
and
so
right
now
most
of
our
stuff
is
bash
scripts,
because
we're
just
at
that
phase,
but
we're
starting
to
look
at
iterating
on
our
go
clies
and
we
had
one
of
our
senior
or
actually
principal
devs.
L
Take
a
look
and
just
struggled
a
little
bit
incorporating
the
library's
image
package
was
totally
fine
k
build.
We
just
actually
had
a
little
bit
of
issues
with
and
given
the
relationship
we
have
and
how
helpful
everyone
always
is,
we
said
hey,
why
don't
we
just
talk
to
the
folks
we
know,
and
so
that's
what
we're
curious
about,
and
it
sounds
like.
L
Maybe
what
we
should
be
looking
is
this
this
k
control,
if
I'm
saying
that
right,
because
we
haven't
spent
too
much
time
focusing
there,
but
it
sounds
like
what
we
what
we
actually
need-
and
that's
that's
the
point
that
we're
at
we
have
other
needs
with
this
unified
cli
tool.
I've
alluded
to
that.
May
work
with
some
of
our
infrastructure.
Some
of
our
cluster
deploys.
L
So
incorporating
both
may
make
this
kind
of
like
huge
mega
tool
for
us,
which
would
be
a
fun
dream,
but
right
now
the
the
immediate
issue
is:
how
do
we
accelerate
our
developers?
To
put
you
know
their
custom
yaml
their
custom,
whatever
inside
of
a
package,
so
we
can
get
them
onto
package
repositories
as
quick
as
possible,
and
you
know
accelerate
that
cycle
and
that's
kind
of
where
we're
stumbling
right
now
and
everything
we
have
works,
calling
binaries
working
out
of
containers,
but
it's
just
the
testing
and
the
validation
is
limited.
L
There
is
like
everyone
here
can,
probably
guess
so.
I'm
happy
to
expand
any
more
or
talk
into
any
details,
but
it
sounds
like
maybe
first
crack
taking
a
look
at
that
pr
you
talked
about
would
be
really
helpful
for
us
and
see
or
helping
out
you
know.
We've
got
anova
who's
very
interested
in
working
with
everyone
here
and
we'll
see
if
we
can
get
some
time
back
to
help
with
that.
But
yeah,
that's
that's
kind
of
the
question
our
perspective
and
what
we're
thinking
about.
B
Cool
cool
yeah,
I
think
I
was
thinking.
Maybe
we
can
share
a
little
bit
of
of
a
demo
at
some
point
in
the
channel.
I
don't
know
if
reno's
team,
I
know
that
there
were
some
demos
that
have
been
shared
in
the
team's
private
channel.
I
wasn't
sure
if
those
demos
are
meant
to
be
publicly
shared
yet
so
that
would
be
a
question
for
those
folks.
B
B
You
know
if,
if
you
want
to
throw
in
any
specific
questions
where
you
all
got
stuck
importing
things,
and
you
know
calling
out
two
things
and
whatnot,
I
think
maybe
this
that
we
could
take
to
slack
just
with
concrete.
You
know
problems.
I
know
that
some
folks
import
image
package.
We
actually
did
have
some
some
problems
with
import
with
how
we're
using
go
container
registry
and
how
we're
using.
Actually
it's
not
even
go
container.
Is
this
the
kate's
credential
provider?
B
So
there's
some
pending
work
on
remedying
that
and
cutting
a
new
release.
I
do
know
k
build,
has
not
been
as
commonly
imported
in
most
folks,
I
think,
have
just
delegated
to
the
tool
or
just
use
the
tool
directly.
We
don't
really
have
any
objection
to
you
know
cleaning
up.
Some
of
the
I
don't
know
import.
You
know,
objects
to
be
used
right.
B
So
just
tell
us
tell
us
what
you're
trying
to
kind
of
import
and
where
are
you
running
into
a
problem,
and
we
can
try
to
see
how
to
make
that
easier.
With
regards
to
the
kctrl
or
k
control,
I
guess
sorry
it's!
I
don't
think
I'll
ever
forget
that
name.
So
with
regards
to
that,
I
think
those
pr's
are
fairly
raw
in
in
in
shape,
so
most
likely,
if
you
just
you,
know,
check
it
out
and
try
to
use
it
locally.
B
L
But
it
sounds
based
on
the
way
you
described
it
like
exactly
what
we
need
or
are
looking
for,
and
it's
just
that
component,
the
future
state
of
if
it
interacts
with
clusters-
and
you
know
some
of
maybe
the
tonzo
community
edition
stuff-
could
be
a
fun
thought
as
well
cluster
provisioning
relating
into
that.
If
they
all
map
whether
the
idea
is
intentionally
separate
tools
totally
fine,
too,
you
know
that's
all
personal
but
yeah
I'll
I'll,
save
that
pr
and
I'll
drop
it
in
the
room.
L
E
One
last
thing
on
this
one:
I
could
probably
ask
rohit
to
share
the
recording
of
of
what
we
have
done
so
far
with
you
separately,
so
that
you
could
look
at
it.
We
will
not
put
it
in
the
public
channel,
but
I
think
he
could
give
it
out
separately.
You
can
just
look
at
it
that
way,
along
with
the
pair.
A
A
H
Yeah
my
pleasure
nancy
yeah,
we're
continuing
on
with
our
work
on
validations,
so
we're
anticipating
one
more
rule
to
get
implemented
before
we
much
more
proactively
extract
user
validation
of
the
ux
of
our
validation
rules.
Here,
we're
really
looking
for
folks
to
be
able
to
be
able
to
really
use
use
the
the
feature
as
as
intended,
which
is
that
a
lot
of
the
kinds
of
validations
that
you
would
want
to
write
ought
to
be
easy
short,
simple
and
intuitive.
H
So
we
want
to
make
sure
that
we
understand
how
close
we
are
to
that
mark.
So
this
one
not
null
is
sort
of
the
last
of
those
we
actually
even
did
some
internal
usability
testing
or
exploratory
testing
and
found
some
of
our
own
ux
improvements.
We
folded,
those
in
but
yeah,
we'll
be
looking
for
a
release
of
ytt
of
version
0.42
coming
up
pretty
soon
to
include
these
rules
in
an
experiment,
mode
plus
some
additional
interesting
contributions
and
bug
fixes.
So
look
for
that
coming
up.
J
I
can
do
the
update
for
image
package
this
week.
It's
fine,
so,
okay,
so
I've
been
working
in
two
different
things.
One
is
a
continuation
of
what
we
talked
last
week:
we're
working
on
updating
our
authentication
mechanism
that
we're
using
like
a
different
library.
That
was
a
fork
from
the
the
kubernetes
one,
but
it
was
causing
pain
to
to
our
friend
friend
david.
J
So
we
said:
okay,
we're
gonna,
fix
it
and
we're
going
to
start
using
the
the
one
that
the
the
authentication
mechanism
that
comes
with
go
container
registry
library
that
we
are
already
using,
and
thanks
to
that,
we're
going
to
drop
a
bunch
of
of
dependencies.
That
kind
of
came
with
this
kubernetes
library
that
was
kind
of
overload
overloaded
with
stuff.
So
we're
working
on
that
not
sure
when
we'll
be
ready,
we're
grappling
with
some
questions
around
what
should
we
enable
what
should
be
enabled
by
default?
Should
we
do
allow
you
to
obtain
opt-out?
J
J
Sometimes
it
fails
and
you
need
to
copy
it
again
and
we're
trying
to
see
if
there's
like
any
nice
way
that
you
can
just
give
an
attar,
we
can
just
fill
in
the
rest
of
the
the
blobs
that
you
didn't
copy
the
first
time
around.
So
that's
the
things
that
we're
working
on.
I
think
that's
that.
Does
anybody
have
any
questions
about
image
package.
A
All
right,
so
it
sounds
like
we
will
skip
the
next
two
wednesdays
and
start
fresh
with
9am
pacific
time
on
the
fourth
wednesday
of
july,
and
until
then
you
know
where
to
find
us
we'll
be
in
the
kubernetes
workspace
and
the
carville
channel
on
twitter
at
cargo
underscore
dev,
always
on
our
github
repos
and
an
email
on
our
google
groups.
So
with
that,
we
look
forward
to
seeing
you
at
our
next
meeting
and
have
a
wonderful
day.