owned this note
owned this note
Published
Linked with GitHub
# OCI Weekly Discussion
###### tags: `oci` `discussion`
Time: 1700 GMT (1300 EST; 1000 PST; 1900 CET; 0300 AEST; 0100 CST)
- [OCI Calendar](https://calendar.google.com/calendar/b/2/r?cid=bGludXhmb3VuZGF0aW9uLm9yZ19pMHNhZG8waTM3ZWtuYXI1MXZzdThtZDVoZ0Bncm91cC5jYWxlbmRhci5nb29nbGUuY29t)
- [Conference URL](https://zoom.us/j/6449415895?pwd=S2tJVGVra0dYdlZCRjJwdXdPdGRQQT09) with embedded passcode
- One tap mobile
[+16465588656,,6449415895#](+16465588656,,6449415895#) US (New York)
[+16699006833,,6449415895#](+16699006833,,6449415895#) US (San Jose)
Passcode: 77777 *(5 7's)*
Dial by your location
+1 646 558 8656 US (New York)
+1 669 900 6833 US (San Jose)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
Meeting ID: 644 941 5895
Find your local number: https://zoom.us/u/aLDk4OXTu
Working groups:
- Auth: <https://hackmd.io/YyhWh7X_RuCod0i0mGxVLg>
- Image Compatibility: <https://hackmd.io/060HKC3DTV-NzzewNQbHCg>
- FreeBSD: <https://hackmd.io/hq_NOVL4RZS7xYYMqfJ6-A>
*template at the bottom*
## December 12, 2024
### Attendees:
- _add yourself_
### Actionable Agenda Items:
- _add your items_
### Presentation/Discussion Agenda Items:
- Ram's demo of Stacker with a new layer type (TBD?)
- Looking at soci, squashfs, and erofs
- Building image with Stacker: <https://github.com/project-stacker/stacker>
- Mounting layers with Atomfs: <https://github.com/project-machine/atomfs>
- _add your items_
### Notes:
- _add your notes_
## December 5, 2024
**Recording**: https://youtu.be/o918_rZ5I_A
### Attendees:
- Tianon
- Brandon Mitchell
- Jon Johnson
- Peter Treese
- Erin Barratt
- Brian Goff
- Syed Ahmed
### Actionable Agenda Items:
- Review needed:
- Hard link limitations: <https://github.com/opencontainers/image-spec/pull/1211>
### Presentation/Discussion Agenda Items:
- KEP-4639 is resulting in groups creating invalid OCI Images with OCI Artifact functionality
- <https://github.com/CloudNativeAI/model-spec/blob/main/docs/spec.md>
- <https://github.com/opencontainers/image-spec/blob/main/manifest.md#guidelines-for-artifact-usage>
- <https://github.com/kubernetes/enhancements/issues/4639>
- TOB Election results: <https://github.com/opencontainers/tob/issues/145#issuecomment-2515665252>
### Notes:
From the zoom chat:
00:01:05 Peter Treese: Hello from Baltimore
00:03:13 Brandon Mitchell: https://hackmd.io/El8Dd2xrTlCaCG59ns5cwg?both#
00:03:23 Brandon Mitchell: I know our paths have crossed a few times in the past
00:05:45 Brandon Mitchell: https://github.com/CloudNativeAI/model-spec/blob/main/docs/spec.md
00:08:54 Brandon Mitchell: https://github.com/opencontainers/image-spec/pull/1197
00:09:22 Brian Goff: If they aren't tar-shaped then it'll be pear-shaped.
00:11:15 Brian Goff: "Straight forward" depending on what standard you are using 🙂
00:17:14 Brandon Mitchell: https://github.com/opencontainers/image-spec/pull/1141
00:23:35 Brian Goff: omg it's been so long.
00:25:21 Brian Goff: Feels good to break the rules.
00:35:03 Brian Goff: Compatability
00:35:41 Brian Goff: As Tianon mentioned earlier, OCI is more or less, what Docker defined 11 years ago.
00:36:47 Brian Goff: Replying to "As Tianon mentioned ..." Not to diminish effort that's been put into OCI, but everything has had to center around the original Docker implementations.
00:39:41 Brian Goff: Replying to "As Tianon mentioned ..." And to add, stuff in OCI tends to bubble up from work done in the runtimes/community rather than handed down from the spec.
00:40:11 Peter Treese: Thank guys. bye
00:50:59 Brian Goff: Parallel pulls/processing.
## November 28, 2024
Canceled, US holiday.
## November 21, 2024
**Recording**: https://youtu.be/nrYorcaWNqE
### Attendees:
- Brandon Mitchell
- Mike Brown
- Tianon Gravi
- Samuel Karp
- Michael Brown
- Brian Goff
- Sajay Antony
- Ramkumar Chinchani
### Actionable Agenda Items:
- No items
### Presentation/Discussion Agenda Items:
- Should the namespace specified in the registry proxy be usable in other APIs?
- <https://github.com/opencontainers/distribution-spec/pull/66>
- Tag listing, referrers, or pushing content to a push-through proxy?
- How to reference content with a namespace (should there be a syntax to pull content directly from a proxy with a specific namespace)?
- Can this be extended to an OCI Layout reference that stores content from multiple repositories in a single Layout directory?
- Skipping next week for US Thanksgiving
- Ram wants to demo some new functionality in Stacker with a new layer type next meeting
- Looking at soci, squashfs, and erofs
- Frontend: <https://github.com/project-stacker/stacker>
- Backend: <https://github.com/project-machine/atomfs>
### Notes:
Notes from the zoom chat:
00:06:19 Brandon Mitchell: https://github.com/opentofu/libregistry/tree/oci/registryprotocols/ociclient
00:10:46 Sajay Antony: basically pass in the upstream information?
00:12:16 Sajay Antony: Could you share information on the NS parameter?
00:16:34 Sajay Antony: If this is in scope or distribution, I'm trying to understand how a registry operator would use this? [Creating a pull through cache rule in Amazon ECR - Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache-creating-rule.html)
00:21:21 Mike Brown: https://github.com/opencontainers/distribution-spec/issues/12
00:26:13 Brandon Mitchell: ocidir://path/dir#upstream_repo:tag
00:29:29 Brandon Mitchell: docker pull proxy.example.org#docker.io/proj/image:tag
00:30:59 Sajay Antony: I'm curious if the goal is the expand the distribution spec to be a proxy as well?
00:36:39 Sajay Antony: Its quite a bit of wiring up. I think enabling a proxy for your clusters is a common theme.
00:37:06 Sajay Antony: NTD for the not so fun conflict I have.
Miss this group more 🙂
00:37:27 Mike Brown: said another way we are already proxying and need to formalize and secure it between client/registry
00:37:45 Mike Brown: and client/proxy cases
00:43:00 Ramkumar Chinchani: sorry, back from the dentist, left side still numb
00:48:11 Brian Goff: Also need to be able to experiment.
00:49:31 Brandon Mitchell: "Implementations MAY implement SHA-512 digest verification for use in descriptors." is the ultimate incompatibility feature in OCI today. :D
00:50:16 Ramkumar Chinchani: https://github.com/project-stacker/stacker
00:50:29 Ramkumar Chinchani: https://github.com/project-machine/atomfs
00:51:17 Brian Goff: Everyone hates writing json but only some people hate writing yaml.
00:51:44 Brian Goff: (tongue in cheek)
00:52:53 Brandon Mitchell: woot, OCI Layouts! 😀
## November 14, 2024
Canceled for KubeCon meeting.
## November 12, 2024 - KubeCon US
**Recording**: https://youtu.be/iYPf7hyDR5U
- Time: Tuesday, Nov 12th, 2:30 - 4:30pm MST
- Location: Salt Palace Convention Center | Level 2 | 253AB
- Remote zoom (same as weekly): https://zoom.us/j/6449415895?pwd=S2tJVGVra0dYdlZCRjJwdXdPdGRQQT09
### Attendees:
- Brandon Mitchell
- Samuel Karp
- Mike Brown
- Akihiro Suda
- Antonio Ojea
- Toru Komatsu
- Phil Estes
- Alexander D. Kanevskiy
- Byonggon Chun
- Antti Kervinen
### Actionable Agenda Items:
- TOB nominations are open: <https://github.com/opencontainers/tob/issues/145>
- Any maintainer may nominate, nominees do not need to be a maintainer.
### Presentation/Discussion Agenda Items:
- Adding a cgroup repo: <https://github.com/opencontainers/tob/pull/144>
- Vote has passed, and repo will be created.
- (aojea) Linux network devices: <https://github.com/opencontainers/runtime-spec/pull/1271>
- runtime-spec is focused on containers, but networking in K8s is at a pod level
- OCI is currently focused on container concerns, Pods are a higher level concern of K8s
- Proposing a primitive for netdev creation in a namespace, not prescribing behavior of higher-level layers like containerd/crio or Kubernetes
- Mike would like an OCI specification for a set of containers (that would map to shims for pod spec support)
- distribution-spec conformance tests
- Also suggested that we create an image-spec that validates an OCI Layout (and optionally provide a tool that exports from a registry to an OCI Layout)
- Inject MaskedPath without using k8s security context
- What is the schedule for releasing new specs
- OCI Volumes in K8s
## November 7, 2024
**Recording**: <https://youtu.be/I7U0YbJafXQ>
### Attendees:
- Brandon Mitchell
- Tianon
- Syed Ahmed
- Ramkumar Chinchani
- Sajay Antony
- Samuel Karp
- Brian Goff
- Jory Burson
- Michael Brown
### Actionable Agenda Items:
- image-spec reviews needed:
- Hard links in union filesystems: <https://github.com/opencontainers/image-spec/pull/1211>
- Ignore uname/gname: <https://github.com/opencontainers/image-spec/pull/1212>
### Presentation/Discussion Agenda Items:
- containerd released v2.0.0: <https://github.com/containerd/containerd/releases/tag/v2.0.0>
- Proposal for cgroup repo forked off from runc: <https://github.com/opencontainers/tob/pull/144>
- runc source: <https://github.com/opencontainers/runc/tree/main/libcontainer/cgroups>
- Platform in image manifest: <https://github.com/opencontainers/image-spec/issues/1216>
### Notes:
Notes from the zoom chat:
00:04:56 Brandon Mitchell: https://github.com/opencontainers/tob/pull/144
00:06:19 Ramkumar Chinchani: Replying to "https://github.com/o..." Cgroups lib but limited to golang?
00:09:39 Brandon Mitchell: https://github.com/opencontainers/image-spec/issues/1216
00:09:41 Sajay Antony: the uid changes, i forgot to submit my review. before.
00:20:17 Jory Burson (LF): containerd - shall we highlight that anywere
00:21:36 Brian Goff: GPT loves to write docs.
00:23:11 Brandon Mitchell: (Oh, and Sajay too, derp)
00:24:53 Brandon Mitchell: https://github.com/opencontainers/tob/issues/118
00:25:20 Samuel Karp: CIVS usually
00:30:05 Tianon (he/him): gonna get gregkh back in here one way or another! 😂
00:30:45 Sajay Antony: This group has been super supportive.
00:37:34 Sajay Antony: Sorry folks need to drop. Have to be in another call.
00:37:36 Ramkumar Chinchani: NTD
## October 31, 2024
**Recording**: https://youtu.be/dqWUxX3fKvI
### Attendees:
- Brandon Mitchell
- Brandon Klein
- Jory Burson
- Ramkumar Chinchani
- Sajay Antony
- Tianon Gravi
### Actionable Agenda Items:
- image-spec reviews needed:
- Remove master references: <https://github.com/opencontainers/image-spec/pull/1207>
- Pin versions on release: <https://github.com/opencontainers/image-spec/pull/1208>
- Hard links in union filesystems: <https://github.com/opencontainers/image-spec/pull/1211>
- Ignore uname/gname: <https://github.com/opencontainers/image-spec/pull/1212>
### Presentation/Discussion Agenda Items:
- Platform in image manifest: <https://github.com/opencontainers/image-spec/issues/1216>
- Digest verification requirements: <https://github.com/opencontainers/distribution-spec/pull/556>
- Redirects/CDN in dist-spec? : <https://github.com/opencontainers/distribution-spec/issues/299>
### Notes:
Notes from the zoom chat:
00:05:51 Tianon (he/him): https://github.com/kolyshkin
00:06:01 Brandon Mitchell: https://github.com/opencontainers/runc/issues/4114
00:10:59 Tianon (he/him): https://jqlang.github.io/jq/manual/v1.6/
00:11:11 Tianon (he/him): https://jqlang.github.io/jq/
00:11:44 Tianon (he/him): https://github.com/tianon/debian-bin/blob/7a94f900c5c6974b8c5f6b201034d1b09ae266df/jq/dpkg-version.jq
00:14:26 Brandon Mitchell: https://github.com/opencontainers/image-spec/issues/1216
00:17:09 Ramkumar Chinchani: Replying to "https://github.com/o..." don't we want to stay away from "Config" wrt artifacts?
00:23:17 Ramkumar Chinchani: Replying to "https://github.com/o..." lesser of two bad choices?
00:26:22 Ramkumar Chinchani: Replying to "https://github.com/o..." non-runnable artifacts
00:28:50 Sajay Antony: NTD to drop for cat herding. Will join back if that get's over faster 🙂
00:43:54 Tianon (he/him): https://github.com/distribution/distribution/blob/c427f845035d28faab65a9218407293bd917e7d5/docs/content/about/configuration.md#redirect
## October 24, 2024
**Recording**: https://youtu.be/5W9qXmhWTR4
### Attendees:
- Tianon
- Brandon Mitchell
- Jory Burson
- Derek McGowan
- Sajay Antony
- Ramkumar Chinchani
- Brian Goff
### Actionable Agenda Items:
- image-spec reviews needed:
- Remove master references: <https://github.com/opencontainers/image-spec/pull/1207>
- Pin versions on release: <https://github.com/opencontainers/image-spec/pull/1208>
- distribution-spec reviews needed:
- Verify digests: <https://github.com/opencontainers/distribution-spec/pull/556>
### Presentation/Discussion Agenda Items:
- runc
- v1.2.0 released: <https://github.com/opencontainers/runc/releases/tag/v1.2.0>
- image-spec:
- EOS/Deprecation annotation: <https://github.com/opencontainers/image-spec/pull/903>
- os-release annotations: <https://github.com/opencontainers/image-spec/issues/1152>
- uname/gname: <https://github.com/opencontainers/image-spec/issues/1210>
- hard links across layers: <https://github.com/opencontainers/image-spec/issues/1204>
- *Remaining items deferred to a later meeting*
- distribution-spec:
- Conformance tests: <https://github.com/opencontainers/distribution-spec/issues/548>
- TOB:
- image-tools archive: <https://github.com/opencontainers/image-tools>
- recommendations for repositories: <https://groups.google.com/a/opencontainers.org/g/tob/c/OFimwVDK0Fs>
### Notes:
Notes from the zoom chat:
00:19:26 Tianon (he/him): arguably, every image is EOL the minute it's created, right? they can't be updated 🤔
00:19:54 Tianon (he/him): Replying to "arguably, every imag..." "supported" is probably more accurately a feature of tags - ie, "this tag will likely be updated in the future for bug fixes, security updates, etc"
00:25:05 Sajay Antony: Replying to "arguably, every imag..." This is also why we didn't invest too much effort into standardizing this.
00:28:41 Brandon Mitchell: Someone is about to break Tianon's world model: https://ttl.sh/
00:36:25 Sajay Antony: NTD. Folks.
00:36:29 Sajay Antony: Sorry.
00:38:52 Tianon (he/him): https://github.com/jonjohnsonjr/tarp
00:40:48 Tianon (he/him): Replying to "https://github.com/j..." yeah this reports empty for these layers too, wild; I wonder where it stores the ownership data 🤔
00:44:54 Tianon (he/him): https://github.com/git/git/blob/fd3785337beb285ed7fd67ce6fc3d3bed2097b40/archive-tar.c#L229-L232
00:57:00 Brandon Mitchell: https://github.com/opencontainers/image-spec/blob/main/layer.md#hardlinks
00:58:45 Tianon (he/him): I tried to replicate with `<<<$'FROM bash\nRUN echo hi > foo.txt\nRUN ln foo.txt bar.txt'` and the end result makes bar.txt a copy of foo.txt, not a hard link
00:59:02 Tianon (he/him): Replying to "I tried to replicate..." (confirming our expectations)
00:59:11 Brian Goff: Nope
## October 17, 2024
**Recording**: https://youtu.be/NQflxFMrwqI
### Attendees:
- Brandon Mitchell
- Philip Laine
- Tianon
- Ramkumar Chinchani
- Brian Goff
- Sajay Antony
- Mike Brown
### Actionable Agenda Items:
- None
### Presentation/Discussion Agenda Items:
- Registry proxying: <https://github.com/opencontainers/distribution-spec/pull/66>
- TOB votes and open discussions:
- archive image-tools: <https://groups.google.com/a/opencontainers.org/g/tob/c/PPFdx36D9u0>
- code of conduct: <https://groups.google.com/a/opencontainers.org/g/tob/c/KAzq5Fnzg5Y>
- <https://github.com/opencontainers/.github/pull/61>
- defining repo standards: <https://groups.google.com/a/opencontainers.org/g/tob/c/OFimwVDK0Fs>
- Remove references to master in image-spec: <https://github.com/opencontainers/image-spec/pull/1207>
- Update image-spec release to pin external spec versions: <https://github.com/opencontainers/image-spec/pull/1208>
- EOS/Deprecation annotation discussions:
- <https://github.com/opencontainers/image-spec/pull/903>
- <https://github.com/opencontainers/image-spec/issues/1152>
- Mike: K8s mounting artifacts as volume
- they plan to add artifact support next
- Clients should verify requested digest: <https://github.com/opencontainers/distribution-spec/pull/556>
- Content ideas for KubeCon meeting?
### Notes:
From the zoom chat:
00:05:41 Philip Laine: https://github.com/opencontainers/distribution-spec/pull/66
00:08:26 Brandon Mitchell: The slack join link is here: https://opencontainers.org/community/overview/
00:36:46 Sajay Antony: This is so interesting. I need to drop for a standing conflict. Erlang versioning I need to read up.
00:40:34 Brandon Mitchell: https://github.com/opencontainers/image-spec/pull/1197
00:45:44 Sajay Antony: Managed to get out of that meeting 🙂
00:50:38 Sajay Antony: folks have been working on CRI signature and other item validations.
00:51:29 Brandon Mitchell: custom extensions for that make a lot of sense, I worry about it getting into the k8s api directly
00:54:11 Brandon Mitchell: https://github.com/opencontainers/image-spec/pull/970
00:59:02 Brandon Mitchell: Now I'm triggered
01:01:44 Sajay Antony: atomic referrer put API, Latest referrer of an artifactType
01:02:03 Sajay Antony: Fun stuff later folks.
## October 10, 2024
**Recording**: https://youtu.be/jur-zCrG61E
### Attendees:
- Tianon
- Brandon Mitchell
- Sajay Antony
- Brian Goff
- Ramkumar Chanchani
### Actionable Agenda Items:
- none
### Presentation/Discussion Agenda Items:
- none
### Notes:
- Mentioned open TOB votes
- <https://groups.google.com/a/opencontainers.org/g/tob/c/OFimwVDK0Fs>
- Call to action: add agenda items for KubeCon meeting
- Short meeting, no agenda
## October 3, 2024
**Recording**: https://youtu.be/e7kLLkLvYCE
### Attendees:
- Brian Goff
- Syed Ahmed
- Brandon Klein
- Joseph Ferguson
- Michael Brown
- Ramkumar Chanchani
- Jory Burson
- Sajay Antony
- Brandon Mitchell
### Actionable Agenda Items:
- TOB Vote to archive image-tools:
- <https://github.com/opencontainers/image-tools>
- <https://groups.google.com/a/opencontainers.org/g/tob/c/PPFdx36D9u0>
- TOB Vote to update Code of Conduct:
- <https://github.com/opencontainers/.github/pull/61>
- <https://groups.google.com/a/opencontainers.org/g/tob/c/KAzq5Fnzg5Y>
### Presentation/Discussion Agenda Items:
- Brandon: How should auth be setup in the OCI GitHub repos
- Various teams list people that haven't been involved in the project for a long time
- Archived projects still have admin access to shared repositories
- Inconsistent access between spec maintainers on shared repositories
- Jory has a room at KubeCon on Tuesday, OCI calendar has been updated
### Notes:
From the zoom chat:
00:06:45 Brandon Mitchell: https://groups.google.com/a/opencontainers.org/g/tob
00:07:32 Brandon Mitchell: https://github.com/opencontainers/image-tools
00:08:40 Sajay Antony: Sounds good.
00:08:48 Sajay Antony: Will reply.
00:12:41 Brandon Mitchell: https://github.com/orgs/opencontainers/teams
00:18:16 Brandon Mitchell: https://github.com/orgs/opencontainers/teams/website
## September 26, 2024
**Recording**: https://youtu.be/SWQMmkaNWvQ
### Attendees:
- Brandon Mitchell
- Tianon
- Ramkumar Chinchani
- Brian Goff
- Jory Burson
- Syed Ahmed
- Victor Lu
### Actionable Agenda Items:
- Fixing endpoint status codes: <https://github.com/opencontainers/distribution-spec/pull/555>
### Presentation/Discussion Agenda Items:
- Hard links between layers? <https://github.com/opencontainers/image-spec/issues/1204>
### Notes:
From the zoom chat:
00:05:51 Jory Burson (LF): https://youtu.be/rvrZJ5C_Nwg?t=130
00:06:50 Brandon Mitchell: So a blurry affiliation.
00:07:05 Jory Burson (LF): https://docs.google.com/document/d/1tHcSsCwlIPRr6RKaCxtY2yCMl-0Nc9PVXX-jeVmYutk/edit
00:09:57 Tianon (he/him): on the timing discussion Brandon and I were having, OCI and CNCF were both ostensibly created/announced in June 2015, although OCI had immediate action in July and CNCF didn't do much until the following year (which tracks with the "what are we?" early confusion CNCF had that I was mentioning)
00:10:39 Ramkumar Chinchani: CNCF got it right by creating a formal project onboarding process
00:13:00 Tianon (he/him): Replying to "CNCF got it right by..." for OCI, that's really more of a reflection of OCI's purpose and focus - it was never intended to be a collection of projects, but rather a place to collaborate and coordinate on the very low-level bits
00:14:20 Brandon Mitchell: Reacted to "for OCI, that's real..." with ➕
00:15:20 Brian Goff: lol, answering other people's questions.
00:16:16 Brian Goff: No, no history on hardlinks between layers here.
00:17:58 Tianon (he/him): I've sent a ping out to more Moby project maintainers to see if anyone there is willing to chime in on hard links between layers (although not holding my breath; this is a pretty hefty edge case scenario 😄)
00:19:39 Brian Goff: Replying to "I've sent a ping out..." Yeah, I imagine a lot of 🤷
## September 19, 2024
**Recording**: https://youtu.be/7B4WAZfsB4A
### Attendees:
- Tianon
- Brandon Mitchell
- Mike Brown
- Sajay Antony
- Brian Goff
- Samuel Karp
- Syed Ahmed
### Actionable Agenda Items:
- zstd support: <https://github.com/opencontainers/image-spec/pull/1198>
- distribution-spec release process: <https://github.com/opencontainers/distribution-spec/pull/460>
### Presentation/Discussion Agenda Items:
- Proposed KubeCon room: Wednesday, Nov 13, 2:30-4:30pm MST
- Sam to follow up and see whether we can have a room on Tuesday instead
- OCI VolumeSource KEP
- Mention of artifacts seems to cause confusion as the KEP generally just supports images
### Notes:
From the zoom chat:
00:13:42 Brian Goff: Nope
00:17:42 Sajay Antony: I'm actually really excited to see that KEP materialize.
00:21:25 Sajay Antony: Volumes all the way down.
00:24:55 Brandon Mitchell: https://docs.google.com/document/d/1E7iKPOuyA1jxPe8vDG8aPd8jtnCEbpDpCifXDvDCnA0/edit#
00:29:25 Brandon Mitchell: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/4639-oci-volume-source#non-goals
00:29:50 Brandon Mitchell: "Manifest list use cases are left out for now and will be restricted to matching architecture like we do today for images." I may have misread that
00:30:06 Tianon (he/him): Replying to ""Manifest list use c..." yeah that sounds correct IMO
00:30:40 Tianon (he/him): Replying to ""Manifest list use c..." but the whole discussion has me thinking about how interesting it might be to have the runtime/orchestrator mount an OCI layout inside a container 🤔
00:34:39 Sajay Antony: layers are blobs.
00:34:55 Sajay Antony: but for image its clearly defined.
00:38:23 Brian Goff: So OCI is now a nix store
00:39:25 Sajay Antony: Glad we put in the limit.
00:39:31 Sajay Antony: Need to drop folks.
00:40:49 Brian Goff: Now you just need a mat with different conclusions that you can jump to.
00:41:08 Brian Goff: Replying to "Now you just need a ..." That's an "Office Space" reference
## September 12, 2024
**Recording**: https://youtu.be/8usYqCou9TU
### Attendees:
- Tianon
- Brandon Mitchell
- Ramkumar Chinchani
- Sajay Antony
- Brian Goff
### Actionable Agenda Items:
- nondistributable layers deprecation: <https://github.com/opencontainers/image-spec/pull/1200>
- zstd support: <https://github.com/opencontainers/image-spec/pull/1198>
- distribution-spec release process: <https://github.com/opencontainers/distribution-spec/pull/460>
### Presentation/Discussion Agenda Items:
- Raw image layers: <https://github.com/opencontainers/image-spec/pull/1197>
- URLs field: <https://github.com/opencontainers/image-spec/issues/1201>
### Notes:
- Blake3 status
- PR to update support isn't seeing traction <https://github.com/opencontainers/go-digest/pull/66>
- go-digest hasn't had a release in a long while, so support in existing projects requires an import of a commit
- Adding this to go-digest means an added dependency to every user of the project
- Ideally, this could make it into the Go stdlib, but even making it into x/crypto is blocked waiting for the standard to mature: <https://github.com/golang/go/issues/36632>
- Once supported, changes to the distribution-spec APIs would be needed to allow clients to push manifests and blobs with a different digest algorithms.
Zoom chat:
00:16:02 Ramkumar Chinchani: basically, http download something and bind-mount into container
00:16:52 Sajay Antony: Tianon , you bring the Joy.
00:17:23 Tianon (he/him): Replying to "Tianon , you bring t..." I try so hard - these meetings can be so dry sometimes and I want us to remember we're people 😄
00:21:14 Brandon Mitchell: I like how Non-distributable layers says that they may include URLs but that it doesn't determine non-distributable: https://github.com/opencontainers/image-spec/blob/main/layer.md#non-distributable-layers
00:22:17 Sajay Antony: Ah the OCI - docker - same difference.
00:22:27 Ramkumar Chinchani: https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve/
00:25:04 Brandon Mitchell: https://github.com/opencontainers/image-spec/pull/442
00:27:19 Sajay Antony: Oh wow song download with multiple formats indexes would be cool.
00:27:32 Tianon (he/him): no interesting references to urls in https://github.com/opencontainers/distribution-spec/commit/c90b0f145ac6bc09d2636ee214486ac333edc284
00:32:39 Brian Goff: I don't think we talked about it last week and I missed the week before. Anything new re: Blake3?
00:34:34 Sajay Antony: Is there a way for Buildkit to produce Blake3 already?
00:34:51 Brian Goff: Replying to "Is there a way for B..." Nope.
00:36:54 Brandon Mitchell: https://github.com/opencontainers/go-digest/pull/66
00:37:06 Tianon (he/him): one* PR away! 😂
00:37:12 Brian Goff: Sorry, missed the last few minutes due to school calling me.
00:37:19 Tianon (he/him): Replying to "Is there a way for B..." *actual number may vary
00:37:33 Tianon (he/him): (talk to your doctor Docker to see if PRs are right for you)
00:39:12 Brian Goff: Same (re: 3rd party lib)
00:40:29 Tianon (he/him): https://github.com/golang/go/issues/36632
NTD for another meeting.tony: Sounds like Brian is signing up for championing blake3 😂
## September 5, 2024
**Recording**: https://youtu.be/OFyzjajQ7gk
### Attendees:
- Brian Goff
- Jory Burson
- Brandon Mitchell
- Syed Ahmed
- Ramkumar Chanchani
- Tianon
- Sajay Antony
- Mike Brown
- Brandon Klein
### Actionable Agenda Items:
- Request for feedback on index entries <https://github.com/opencontainers/distribution-spec/issues/550>
### Presentation/Discussion Agenda Items:
- Remaining items for zstd support <https://github.com/opencontainers/image-spec/issues/803>
- Action: Opened <https://github.com/opencontainers/image-spec/pull/1198>
- Deleting by tag: <https://github.com/opencontainers/distribution-spec/issues/551>
- Action: Opened <https://github.com/opencontainers/distribution-spec/pull/552>
### Notes:
From the zoom chat:
00:03:31 Brian Goff: 2nd day of school for the kids and I'm already done this morning.
00:05:47 Tianon (he/him): and the buildkit issue is "fixed" but the fix isn't enabled by default (it's opt-in 🙃)
00:06:58 Brandon Mitchell: https://github.com/opencontainers/image-spec/issues/803
00:07:28 Brian Goff: lol I think its easier to say "z-standard" then it is to say "z-s-t-d"
00:08:19 Tianon (he/him): Replying to "lol I think its easi..." "zee studd" slurring the u a bit, for the cursed option
00:10:54 Brian Goff: +1 should
00:15:04 Sajay Antony: content Negotiation per blob?
00:19:58 Mike Brown: IMO.. on the 803 PR use plain language in a note: regarding some registries and clients MAY also… and explain that this is optional and may not be supported in all 1.0/1.1 image manifest implementations
00:32:15 Brian Goff: We have 2 digests now.
00:32:50 Brian Goff: Probably also don't need 2 digests if you can verify the uncompressed blob digest.
00:33:00 Brian Goff: (with transport compression)
00:38:31 Sajay Antony: Need to drop for some fun compliance work discussions
00:46:56 Jory Burson (LF): Back to school!
00:49:42 Brian Goff: 🎤
00:49:57 Jory Burson (LF): Oh captain my captain!
00:52:20 Mike Brown: https://github.com/opencontainers/image-spec/pull/775
00:52:21 Tianon (he/him): it's probably not productive to say "a compelling reason to get the marginal gains of zstd" in the things we're missing? 😂
00:53:00 Brian Goff: /me writes a 2nd thing called zstd
00:53:53 Brandon Mitchell: Embrace, extend, confuse
00:54:19 Brandon Mitchell: https://github.com/opencontainers/distribution-spec/issues/551
00:55:35 Mike Brown: 775 may be controversial but: “Container Runtimes
Implemented and upstreamed for containerd stack
containerd (1.3+)
https://github.com/containerd/imgcrypt
Implemented and upstreamed for RedHat stack
cri-o 1.17+
buildah 1.5+
skopeo“
## April 2024 - March 2025 Call Logs
The sixth year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2024-apr-2025-mar.md](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2024-apr-2025-mar.md).
## April 2023 - March 2024 Call Logs
The fifth year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2023-apr-2024-mar.md](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2023-apr-2024-mar.md).
## April 2022 - March 2023 Call Logs
The fourth year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2022-apr-2023-mar.md](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2022-apr-2023-mar.md).
## April 2021 - March 2022 Call Logs
The third year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2021-apr-2022-mar.md](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2021-apr-2022-mar.md).
## April 2020 - March 2021 Call Logs
The second year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2020-apr-2021-mar.md](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2020-apr-2021-mar.md).
## March 2019 - March 2020 Call Logs
Older call logs are archived on the OCI GitHub [here](https://github.com/opencontainers/.github/blob/main/meeting-notes/oci-weekly-notes-2019-mar-2020-mar.md) covering March 2019 - March 2020.
## Template
## Meeting Date
### Attendees:
- _add yourself_
### Actionable Agenda Items:
- _add your items_
### Presentation/Discussion Agenda Items:
- _add your items_
### Notes:
- _add your notes_