HackMD
  • Beta
    Beta  Get a sneak peek of HackMD’s new design
    Turn on the feature preview and give us feedback.
    Go → Got it
      • Create new note
      • Create a note from template
    • Beta  Get a sneak peek of HackMD’s new design
      Beta  Get a sneak peek of HackMD’s new design
      Turn on the feature preview and give us feedback.
      Go → Got it
      • Sharing Link copied
      • /edit
      • View mode
        • Edit mode
        • View mode
        • Book mode
        • Slide mode
        Edit mode View mode Book mode Slide mode
      • Note Permission
      • Read
        • Only me
        • Signed-in users
        • Everyone
        Only me Signed-in users Everyone
      • Write
        • Only me
        • Signed-in users
        • Everyone
        Only me Signed-in users Everyone
      • More (Comment, Invitee)
      • Publishing
        Please check the box to agree to the Community Guidelines.
        Everyone on the web can find and read all notes of this public team.
        After the note is published, everyone on the web can find and read this note.
        See all published notes on profile page.
      • Commenting Enable
        Disabled Forbidden Owners Signed-in users Everyone
      • Permission
        • Forbidden
        • Owners
        • Signed-in users
        • Everyone
      • Invitee
      • No invitee
      • Options
      • Versions and GitHub Sync
      • Transfer ownership
      • Delete this note
      • Template
      • Save as template
      • Insert from template
      • Export
      • Dropbox
      • Google Drive Export to Google Drive
      • Gist
      • Import
      • Dropbox
      • Google Drive Import from Google Drive
      • Gist
      • Clipboard
      • Download
      • Markdown
      • HTML
      • Raw HTML
    Menu Sharing Create Help
    Create Create new note Create a note from template
    Menu
    Options
    Versions and GitHub Sync Transfer ownership Delete this note
    Export
    Dropbox Google Drive Export to Google Drive Gist
    Import
    Dropbox Google Drive Import from Google Drive Gist Clipboard
    Download
    Markdown HTML Raw HTML
    Back
    Sharing
    Sharing Link copied
    /edit
    View mode
    • Edit mode
    • View mode
    • Book mode
    • Slide mode
    Edit mode View mode Book mode Slide mode
    Note Permission
    Read
    Only me
    • Only me
    • Signed-in users
    • Everyone
    Only me Signed-in users Everyone
    Write
    Only me
    • Only me
    • Signed-in users
    • Everyone
    Only me Signed-in users Everyone
    More (Comment, Invitee)
    Publishing
    Please check the box to agree to the Community Guidelines.
    Everyone on the web can find and read all notes of this public team.
    After the note is published, everyone on the web can find and read this note.
    See all published notes on profile page.
    More (Comment, Invitee)
    Commenting Enable
    Disabled Forbidden Owners Signed-in users Everyone
    Permission
    Owners
    • Forbidden
    • Owners
    • Signed-in users
    • Everyone
    Invitee
    No invitee
       owned this note    owned this note      
    Published Linked with GitHub
    Like3 BookmarkBookmarked
    Subscribed
    • Any changes
      Be notified of any changes
    • Mention me
      Be notified of mention me
    • Unsubscribe
    Subscribe
    # OCI Weekly Discussion ###### tags: `oci` `discussion` Time: 1700 GMT (1300 EST; 1000 PST; 1900 CET; 0300 AEST; 0100 CST) - [OCI Calendar](https://calendar.google.com/calendar/b/2/r?cid=bGludXhmb3VuZGF0aW9uLm9yZ19pMHNhZG8waTM3ZWtuYXI1MXZzdThtZDVoZ0Bncm91cC5jYWxlbmRhci5nb29nbGUuY29t) - [Conference URL](https://zoom.us/j/6449415895?pwd=S2tJVGVra0dYdlZCRjJwdXdPdGRQQT09) with embedded passcode - One tap mobile [+16465588656,,6449415895#](+16465588656,,6449415895#) US (New York) [+16699006833,,6449415895#](+16699006833,,6449415895#) US (San Jose) Passcode: 77777 *(5 7's)* Dial by your location +1 646 558 8656 US (New York) +1 669 900 6833 US (San Jose) 877 369 0926 US Toll-free 855 880 1246 US Toll-free Meeting ID: 644 941 5895 Find your local number: https://zoom.us/u/aLDk4OXTu *template at the bottom* ## June 1, 2023 ### Attendees: - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - image-spec: renaming the "scratch" descriptor ("filler" ?) [Brandon or Tianon] - https://github.com/opencontainers/image-spec/issues/1067 - https://github.com/opencontainers/image-spec/pull/1068 - _add your items_ ### Notes: - _add your notes_ ## May 25, 2023 ### Attendees: - ToddySM - Brandon Mitchell - Aaron Friel - Brian Goff - Derek McGowan - Jon Johnson - Mike Brown - Phil Estes - Tianon Gravi - Brandon Klein - Victor Lu - Sajay Antony (chat only) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - distribution-spec needs an approver for `+dev`: <https://github.com/opencontainers/distribution-spec/pull/417> - Add artifactType to index: <https://github.com/opencontainers/image-spec/pull/1066> - _add your items_ ### Presentation/Discussion Agenda Items: - Unblocking discussion on <https://github.com/opencontainers/image-spec/pull/1030>? Previous call discussed moving this to distribution spec; but there was concern about registry support. How can we unblock? - Garbage collection in registries (ToddySM) ### Notes: ## May 18, 2023 **Recording**: https://youtu.be/qjSOsm85C6c ### Attendees: - Brandon Mitchell - Phil Estes - Toddy SM - Brian Goff - Tianon Gravi - Mike Brownn (IBM) - Sajay ANtony - Aaron Freil - Derek McGowan - Ramkumar Chinchani - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Using `+dev` in version: <https://github.com/opencontainers/image-spec/pull/1050>, <https://github.com/opencontainers/runtime-spec/pull/1198> - Scratch blob content: <https://github.com/opencontainers/image-spec/pull/1064> - _add your items_ ### Presentation/Discussion Agenda Items: - Risks when copying annotations from image to runtime: <https://github.com/opencontainers/image-spec/pull/1061> - `org.opencontainers.image.source.subpath`: <https://github.com/opencontainers/image-spec/pull/1062> - FYI - Tommorrow is the first CNCF Artifact WG Meeting From Slack: > Hi TAG! The TAG will host a preliminary meeting of the proposed Artifacts WG tomorrow Friday May 19 to finish the group's charter and start work towards its goals. More info on the proposed group and its mission is in this issue and the draft charter. > If you'd like to contribute to simplifying packaging, delivery and deployment of both configuration and binary content please join the group! Slack channel here: #wg-artifacts. > Info for tomorrow's meeting: > Event page (RSVP for an invite): https://community.cncf.io/events/details/cncf-tag-app-delivery-presents-wg-artifacts-project-meeting/ > Date/Time: Friday May 19 @ 1600 UTC (https://www.timeanddate.com/worldclock/converter.html?iso=20230519T160000&p1=1440&p2=64&p3=1960&p4=tz_aet) > Zoom URL: https://zoom.us/j/7276783015?pwd=R0RJMkRzQ1ZjcmE0WERGcTJTOEVyUT09 > Notes URL: https://docs.google.com/document/d/1E7iKPOuyA1jxPe8vDG8aPd8jtnCEbpDpCifXDvDCnA0/edit > Charter URL: https://docs.google.com/document/d/1w_lo2RZDKeEzQg4DMV-9Tq4ir_znONj_ypJ27CUfMgY/ > Slack: https://cloud-native.slack.com/archives/C04UQDWS4M7 - Can we target date for OCI 1.1 GA? (ToddySM) ### Notes: From the chat: - Gitlab - https://github.com/moby/buildkit/pull/3610#issuecomment-1453858526 - https://gitlab.com/gitlab-org/container-registry/-/issues/967 - granted, we're basically _always_ in an "request for comment" period, but what about a public notice of RFC that is open for say 60 days, with something about raising blockers. ## May 11, 2023 **Recording**: https://youtu.be/8ASCmKinQaQ ### Attendees: - Brian Goff (MSFT) - Josh Dolitsky (Chainguard) - Ramkumar Chinchani - Michael Brown - Mike Brown - Victor Lu - Tianon Gravi - Brandon Klein - Sajay Antony ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Wasm (Brian) ### Notes: - (horrifyingly oversimplified notes by Tianon) - Brian: can we store "wasi" modules in the config object for the runtime to install? - Tianon: yes* - spec says unknown fields should be ignored (so you don't need our "permission") - wasi is big moving target, so it would be useful to have more implementation proof that the proposal is "sufficient" before we codify it in the spec (and thus try to avoid spec churn) From Chat: - https://github.com/opencontainers/image-spec/pull/1055/files ## May 4, 2023 **Recording**: https://youtu.be/Fto6y9QSWgg ### Attendees: - Brandon Mitchell - Aaron Friel - Brandon (Klein?) - John Kjell - Michael Brown - Sajay Antony - ToddySM - Tianon Gravi - Ramkumar Chinchani - Mike Brown (IBM) - Brian Goff - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Use `+dev` instead of `-dev`: <https://github.com/opencontainers/image-spec/pull/1050> - Clarify when errors are allowed: <https://github.com/opencontainers/image-spec/pull/1030> - `Content-Type` syntax: <https://github.com/opencontainers/distribution-spec/issues/408> - Allow 307 responses: <https://github.com/opencontainers/distribution-spec/issues/397> - `Content-Length` omitted on patch requests: <https://github.com/opencontainers/distribution-spec/pull/404> - Registry vs repository terminology: <https://github.com/opencontainers/distribution-spec/pull/325> - _add your items_ ### Notes: From the chat: 00:12:25 Sajay Antony: +1 to More Brandons 00:26:57 Ramkumar Chinchani: allowlist/denylist could be a registry-specific policy, every deployment will have an opinion 00:34:21 Aaron Friel: encoding my artifact type by using the casing bits of spongebob case as a sidechannel 00:35:02 Ramkumar Chinchani: Another example of HTTP rfcs conflicting with dist-spec … "Range" is one other 00:37:09 Aaron Friel: In accordance with the RFC this is also valid: Content-Type: application/vnd.oci.image.index.v1+json (Generated by Friel) 00:41:13 Aaron Friel: @Tianon looking forward to your media type experiments and seeing which runtimes break on comments and parameters 00:41:14 Sajay Antony: I like differing to the RFC as a disambiguation. 00:43:10 Tianon Gravi: I'm far too tired for that 😅 00:43:29 Tianon Gravi: it's definitely not defined as allowed in "mediaType" fields, so this would only be for "Content-Type" I think 00:43:40 Aaron Friel: Reacted to "it's definitely not ..." with 👍 00:45:38 Tianon Gravi: PUT https://index.docker.io/v2/tianon/test/manifests/sPoNgEbOb: MANIFEST_INVALID: manifest invalid; if present, mediaType in manifest should be 'application/vnd.oci.image.manifest.v1+json' not 'aPpLiCaTiOn/vNd.oCi.iMaGe.mAnIfEsT.V1+jSoN' 00:46:03 Sajay Antony: Reacted to "PUT https://index.do…" with 😂 00:47:01 Tianon Gravi: https://explore.ggcr.dev/?image=tianon/test:sPoNgEbOb 00:55:53 Ramkumar Chinchani: also multi-tenant access control 00:57:08 John Kjell: 400-499 😂 ## April 27, 2023 **Recording**: https://youtu.be/33V8H3a_3aA ### Attendees: - Ramkumar Chinchani - Josh Dolitsky - Brandon Klein - Brandon Mitchell - Brian Goff - Jason Hall - John Kjell - Jon Johnson - Leroy - Mike Brown (ibm) - Tianon Gravi - Lachlan Evenson - Samuel Karp - Aaron Friel - Jeanine Burke - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Tag image-spec 1.1.0-rc.3 <https://github.com/opencontainers/image-spec/pull/1049> - https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc.3 in pre release - Tag distribution-spec 1.1.0-rc.2 <https://github.com/opencontainers/distribution-spec/pull/403> - https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0-rc.2 in pre release - Push to next week PR1030 <https://github.com/opencontainers/image-spec/pull/1030> - wasi is back, now with p: https://github.com/opencontainers/image-spec/issues/1053 - Jason Hall will open a PR to capture output of discussion - https://github.com/opencontainers/image-spec/pull/1055 - Discuss language to require implementations not to have an allowlist of media types - Aaron will revise the PR based on today's discussion - _add your items_ ### Presentation/Discussion Agenda Items: - Image-spec 1.1.0 milestone: <https://github.com/opencontainers/image-spec/milestone/14> - Distribution-spec 1.1.0 milestone: <https://github.com/opencontainers/distribution-spec/milestone/6> - _add your items_ ### Notes: From the chat: 00:08:10 John Kjell: Proper sorting enabled for when we get to rc.10 😂 00:13:02 Josh Dolitsky: :drake-no: 00:16:13 Brandon Mitchell: Semver++ 00:16:42 Jason Hall: TIL https://semver.org/spec/v2.0.0-rc.2.html 00:17:22 Brandon Mitchell: We need tianon 00:17:40 Samuel Karp: Time for a governance change to support github? 00:18:11 Josh Dolitsky: jon, you could have just said we have quorum and nobody would have challenged 00:19:04 Samuel Karp: me neither... 00:19:33 Josh Dolitsky: youll hear from the lawyers 00:19:40 Brandon Mitchell: The commit to tag is the one before the dev 00:19:53 Jason Hall: lol are there GG maintainers? 00:20:00 Brian Goff: So was reader ❤️ 00:20:35 Josh Dolitsky: The HTML/PDF artifacts have been uploaded here: https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0-rc.2 00:20:41 Josh Dolitsky: skipped the malware this time 00:20:43 Mike Brown: Reacted to "The HTML/PDF artifac..." with 👍 00:22:04 Samuel Karp: Reacted to "So was reader ❤️" with 😂 00:22:39 Jason Hall: wow josh is a lot better at this 00:23:09 Josh Dolitsky: we need brandon back on the bike 00:23:24 Jon Johnson: v1.1.0-rc.3' 00:23:25 Jon Johnson: v1.1.0-rc.3 00:24:17 Jon Johnson: https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc.3 00:25:00 Jason Hall: let's fork semver 00:25:07 Jon Johnson: slimver 00:25:08 Aaron Friel: wow what a take to join the call to 00:25:25 Aaron Friel: What are we currently discussing? 00:27:18 Brandon Mitchell: Wsaaaaaaaaaaaaaaaammmmm 00:27:29 Josh Dolitsky: dont text and drive plz 00:27:51 Brandon Mitchell: Reacted to "dont text and drive ..." with 😂 00:31:45 Brandon Mitchell: Every registry today has a manifest allow list 00:34:43 Brandon Mitchell: There's a difference between the media type and config media type ## April 20, 2023 Canceled for KubeCon EU ## April 19, 2023 ### In person meeting at KubeCon EU Open Container Initiative Meeting Date: Wednesday, April 19 Time: 2:30pm - 5:00pm (5:30am PT / 8:30am ET) Room: D203-204 https://hackmd.io/31EBLRysR8OQLZyH82LDdg ## April 13, 2023 **Recording**: https://youtu.be/Bx-urZXikMk ### Attendees: - Brandon Mitchell - Ramkumar Chinchani - Jon Johnson - Josh Dolitsky - Tianon Gravi - Victor Lu - Derek McGowan - Syed Ahmed - Michael Brown - Sajay Antony - Mike Brown (IBM) - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - PRs needing review for next release: - Nits and shifting layer requirements: <https://github.com/opencontainers/image-spec/pull/1042> - Add artifactType to image manifest: <https://github.com/opencontainers/image-spec/pull/1043> - Define artifactType usage in referrers API response: <https://github.com/opencontainers/distribution-spec/pull/395> - Distribution spec 1.1 release? (Josh) - <https://github.com/opencontainers/distribution-spec/milestone/6> - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: From chat: 00:10:57 Josh Dolitsky: in the spec: It MUST match the following regular expression: ^[0-9]+-[0-9]+$ 00:12:41 Tianon Gravi: fwiw, I've seen non-container-related HTTP implementations make this same mistake with Range headers (as a datapoint of it being semi-common, despite the HTTP spec) 00:14:27 Tianon Gravi: something something "strict in what you send, generous in what you accept" (probably the reason this has happened in so many places in the first place) 00:19:16 Josh Dolitsky: Ok, this is is ready for green clicky https://github.com/opencontainers/distribution-spec/pull/401 @jon @derek @brandon 00:21:16 Tianon Gravi: https://github.com/opencontainers/image-spec/pull/1023 00:23:52 Sajay Antony: https://github.com/opencontainers/image-spec/pull/1023#issuecomment-1428455309 00:31:35 Josh Dolitsky: need to drop 👋 00:34:08 Ramkumar Chinchani: LGTM 00:39:11 Tianon Gravi: the only merge conflict appears to be from the other PR we merged today 😄 00:39:47 Tianon Gravi: "artefact manifest" 00:40:27 Sajay Antony: Reacted to ""artefact manifest"" with 😂 00:40:32 Mike Brown: aRtifact 00:40:44 Brandon Mitchell: add 😂 00:40:45 Michael Brown: ærtifact 00:42:01 Tianon Gravi: https://github.com/opencontainers/image-spec/compare/85f34e9bc20cc8d1e75dbc3c2c2d4059a26a7ae9..63b8bd02f5b5a2ce464a9a8ea6df049c326ce20f is the link GitHub provides 00:42:11 Tianon Gravi: you click on the "force-pushed" part of the text 00:42:41 Tianon Gravi: I _really_ wish GitHub would do something better there for things that include both a rebase _and_ other changes 🙃 00:43:28 Sajay Antony: Reacted to "I _really_ wish GitH..." with 👍🏼 00:44:54 Sajay Antony: Can we merge - https://github.com/opencontainers/distribution-spec/pull/395/files 00:47:58 Tianon Gravi: maybe we can add https://github.com/opencontainers/image-spec/pull/1020 to the list to discuss? before I hit approve on it and put Brandon even further in a corner 😄 00:57:15 Tianon Gravi: why don't GitHub's reactji have 😭 yet 😂 01:01:35 Sajay Antony: Index of signatures for multi-arch. 01:05:07 Sajay Antony: If artifact type was there in index. CNAB folks discussion would have been really easy. 01:06:09 Jon Johnson: Reacted to "If artifact type was..." with 👍 ## April 6, 2023 **Recording**: https://youtu.be/I6EgMx-rdBE ### Attendees: - _add yourself_ - Scott Rigby (can attend 2nd half of the meeting) - Ramkumar Chinchani - Mike Brown (IBM) - Aaron Friel - Toddy Mladenov - Sajay Antony - Vincent Batts - Scott Rigby - Jason Hall - Andrew Block - Tianon Gravi - Jon Johnson - Derek McGowan - Brian Goff - Steve Lasker - Michael Brown - John Kjell - ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - [Scott Rigby] I would like to discuss the best ways(s) for cross-polination with CNCF around OCI artifacts. There is a proposed CNCF Working Group on improving OCI Artifacts for cloud native App Delivery (possibly using extensions, mostly likely implemented as a sub-project of ORAS, but definitely including end user improvements such as search and discovery). Please see this GitHub issue: https://github.com/cncf/tag-app-delivery/issues/ - Goal: how to search for artifacts - Adding artifactType to image manifest: https://github.com/opencontainers/image-spec/pull/1043 - Using artifactType in referrers response: https://github.com/opencontainers/distribution-spec/pull/395 - Tianon is now a maintainer: https://github.com/opencontainers/image-spec/pull/1044 ### Notes: ## March 30, 2023 **Recording**: https://youtu.be/ERJPxtL5WjM ### Attendees: - Brandon Mitchell - Ramkumar Chinchani - Tianon Gravi - Aaron Friel - Jon Johnson - Jesse Butler - Victor Lu - Derek McGowan - Jamie Wu - Brandon Klein - Michael Brown - Jason Hall - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Nits and shifting layer requirements: <https://github.com/opencontainers/image-spec/pull/1042> - Add artifactType to image manifest: <https://github.com/opencontainers/image-spec/pull/1043> - Define artifactType usage in referrers API response: <https://github.com/opencontainers/distribution-spec/pull/395> - Archiving `artifacts` repo: <https://github.com/opencontainers/artifacts/issues/63> - _add your items_ ## March 23, 2023 **Recording**: https://youtu.be/w-FWd986Qic ### Attendees: - Brandon Mitchell - Aaron Friel - John Kjell - Ramkumar Chinchani - Brandon Klein - Jason Hall - Jon Johnson - Amye Scavarda Perrin - Derek McGowan - Jesse Butler - ToddySM - Victor Lu - Tianon Gravi - Samuel Karp - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Warning header merged! 🎉 https://github.com/opencontainers/distribution-spec/pull/393 - <https://github.com/opencontainers/image-spec/pull/1029> - Should this be split into two PRs? (to get the nits merged) - How do we want to handle `mediaType` -> `artifactType` for artifacts without a dedicated config (pushing the scratch blob) - Opt 1: scratch = null so `mediaType` can mismatch content - Opt 2: custom `mediaType` extension (`+oci`) - Opt 3: define `artifactType` in the config descriptor - Opt 4: define `artifactType` in the image manifest - Option 4 was preferred by the team - **Did not get to the below agenda items** - Artifact manifest removal - merged in distribution-spec: <https://github.com/opencontainers/distribution-spec/pull/383> - image-spec: <https://github.com/opencontainers/image-spec/pull/999> - Need for updated RC to communicate to partners. Added by @sajay but might not able to make it this weeek and if the folks on the call want, we can move out to next week. - Request for comments and review on https://github.com/opencontainers/image-spec/pull/1030 - Add insecure HTTPs support in conformance tests: https://github.com/opencontainers/distribution-spec/pull/394 Example of option 4: ```json { "schemaVersion": 2, "mediaType": "application/vnd.oci.image.manifest.v1+json", "artifactType": "application/vnd.cyclonedx", // add new artifact type "config": { "mediaType": "application/vnd.oci.artifact.scratch.config.v1+json", // use static media type when artifactType defined "size": 2, "digest": "sha256:44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a" }, "layers": [ { "mediaType": "application/vnd.cyclonedx+json", "size": 15362, "digest": "sha256:216c9f9553bf811a4ff2d6d60f0b007752414805e1bb62611282481837cf7def" }, { "mediaType": "application/vnd.cyclonedx+xml", "size": 15362, "digest": "sha256:216c9f9553bf811a4ff2d6d60f0b007752414805e1bb62611282481837cf7def" } ], "annotations": { "org.opencontainers.artifact.created": "2023-03-03T19:42:34Z", "org.opencontainers.artifact.description": "CycloneDX JSON SBOM" }, "subject": { "mediaType": "application/vnd.oci.image.manifest.v1+json", "size": 1024, "digest": "sha256:81b44ad77a83506e00079bfb7df04240df39d8da45891018b2e5e00d5d69aff3" } } ``` ## March 16, 2023 **Recording**: https://youtu.be/U9GXGABqP0Y ### Attendees: - _add yourself_ - Josh Dolitsky - Jason Hall - Brandon Mitchell - Jon Johnson - Sajay Antony - ToddySM - Tianon Gravi - Aaron Friel - Mike Brown (IBM) - Ramkumar Chinchani ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - RFC: server-sent warnings: https://github.com/opencontainers/distribution-spec/issues/390 - deprecation vs warning header? - https://datatracker.ietf.org/doc/html/draft-dalal-deprecation-header-00#page-7 - Guidance for registry/client tool implementers wrt "artifacts"? This is holding up progress/releases. - https://github.com/opencontainers/image-spec/pull/1029 - [Jon] Add a `+oci` [structured suffix](https://www.iana.org/assignments/media-type-structured-suffix/media-type-structured-suffix.xhtml) for single-layered artifacts? - Will this get a review after 1029? https://github.com/opencontainers/image-spec/pull/1030 - Minimum chunk size: https://github.com/opencontainers/distribution-spec/pull/391 ## March 9, 2023 **Recording**: https://youtu.be/4qOyBLVTJaA ### Attendees: - _add yourself_ - Aaron Friel - Phil Estes (AWS) - Brandon Klein - Mark Rossetti - James Sturtevant - Bradley D. Thornton - Ramkumar Chinchani - Mike Brown (IBM) - Sajay Antony - Brian Goff (MSFT) - Tianon Gravi - Brandon Mitchell - Jamie Wu - Lachlan Evenson - Michael Brown - Syed Ahmed - ToddySM ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - containerd security issue w/ large configs: https://github.com/containerd/containerd/security/advisories/GHSA-259w-8hf6-59c2 - should OCI recommend a - Last arg for clean Artifact Manifest. We are very close to standardizing something that will yield CVEs for years to come by overloading Image Manifest and standardizing the current behavior of registry implementations while ignoring the cost of additional complexity and ambiguity on client implementations. Overloading type definitions leads to type confusion and parsing vulnerabilities. Known issues: - The above issue with large configs is completely relevant. If artifacts upload arbitrary sized blobs to configs, runtime spec would like to specify that blobs have a limit when used in the config field. - Removing `mediaType` from manifests resulted in type confusion This is exactly what we're proposing to do for config blobs: the descriptor will describe the "artifactType", not the content of the blob. https://github.com/advisories/GHSA-qq97-vm5h-rrhg & https://www.cvedetails.com/cve/CVE-2021-41190/ - Clients do not handle arbitrary/malformed image content well, e.g.: plausible path to RCE in Anchore when it scans a "specially crafted manifest". With lowercase-a artifacts, we expose more clients to arbitrary content. If we standardize this and encourage it, we have not done an analysis like [#1025](https://github.com/opencontainers/image-spec/issues/1025) on client behavior. https://www.cvedetails.com/cve/CVE-2020-11075/ - Docker clients crashed due to trusting layers, blobs were valid for Images content ([see commit](https://github.com/moby/moby/commit/8d3179546e79065adefa67cc697c09d0ab137d30)). Just as with Anchore, we have not modeled the impact of giving arbitrary content to clients which trusted content to be configs & layers. https://www.cvedetails.com/cve/CVE-2021-21285 - quay/claircore may have exactly this type of vulnerability here. Is it generally safe to treat any blob whose mediaType terminates in in ".tar" as a tarball? No! The media type of the config blob is undefined post-999. https://github.com/quay/claircore/blob/35f60dd69a229051d0c494b959bbc023842bd98e/libindex/fetcher.go#L261-L291 - Updating the image manifest, approval needed for at least one: - <https://github.com/opencontainers/image-spec/pull/1023> - <https://github.com/opencontainers/image-spec/pull/1029> - <https://github.com/opencontainers/image-spec/pull/1030> - Request to remove blob delete from conformance tests (email from JFrog) - Fix JSON Schema: <https://github.com/opencontainers/image-spec/pull/931> - Chunked uploads need a minimum size header from the server: <https://github.com/opencontainers/distribution-spec/issues/374> ### Presentation/Discussion Agenda Items: - _add your items_ - Windows LayerFolder https://github.com/opencontainers/runtime-spec/issues/1185 ### Notes: ## March 2, 2023 **Recording**: https://youtu.be/lZ7LRwgEVTQ ### Attendees: - Lachlan Evenson - Brandon Mitchell - Ramkumar Chinchani - ToddySM - Sajay Antony - Tianon Gravi - Aaron Friel - Vincent Batts - Amye SP - Jesse Butler - Michael Brown - Brandon Klein - John Kjell - Phil Estes - Mike Brown(IBM) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? (Lachlan Evenson) - _add your items_ ### Presentation/Discussion Agenda Items: - decision on 999 - https://github.com/opencontainers/image-spec/pull/999 - Can we consider codifying lower a artifacts into image-spec prior to this (aaron) - We need to codify the way to use image space prior to consider merging this PR (vbatts) - Do we have an action plan to merge 999? In order to merge 999 these things must first be merged? (vbatts) - - Cleanup PRs - https://github.com/opencontainers/image-spec/pull/1013 - closed - https://github.com/opencontainers/image-spec/pull/1016 - closed - descriptor schema: add missing data and artifactType definitions - https://github.com/opencontainers/image-spec/pull/1022 - manifest: provide guidance on SCRATCH descriptor (config and layer) - https://github.com/opencontainers/image-spec/pull/1023 - https://github.com/opencontainers/image-spec/pull/1029 Discussion - If 999 is to be accepted the following PRs should be merged prior and there should be a decision about if artifact manifest should be moved to a feature branch for continued work. - Below is the list of PRs that are being considered prior to the merge of #999 - https://github.com/opencontainers/image-spec/pull/1022 - https://github.com/opencontainers/image-spec/pull/1023 - Conversation - Drop the function, keep the const, clarify what scratch means, should we move forward with 1029 - https://github.com/opencontainers/image-spec/pull/1030 - We should also add issue #1025 table to a markdown and have it tagged. It's useful to have as a tool to have to understand the decision - Not Covered - v1.1 milestone and possible timelines. (@sajay) ### Notes: ## February 23, 2023 **Recording**: https://youtu.be/YTzqnUr8z_A ### Attendees: - Brandon Mitchell - ToddySM - Lachlan Evenson - Victor Lu - Mike Brown(IBM) - Tianon Gravi - John Kjell - Michael Brown (AWS) - Jon Johnson - Aaron Friel - albi - Sajay Antony - Phil Estes - Nisha Kumar - Jamie Wu - Ramkumar Chinchani - Jesse Butler - cpuguy83 (Brian Goff) - Amye - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Decide on a minimal image manifest: <https://github.com/opencontainers/image-spec/issues/1025> - Clarify ignore: - <https://github.com/opencontainers/image-spec/pull/1028> - <https://github.com/opencontainers/image-spec/pull/902> - <https://github.com/opencontainers/image-spec/pull/1023> - What could a new artifact manifest look like? - _add your items_ ### Notes: ## February 16, 2023 **Recording**: https://youtu.be/HOYIbfmGXLU ### Attendees: - vbatts - Aaron Friel - Jason - John Kjell - Brandon Mitchell - Josh Dolitsky - Mike Majors - Sajay Antony - Brian Goff - Tianon Gravi - Mike Majors - Ramkumar Chinchani - Lachlan Evenson - Jesse Butler - Josh Dolitsky - Jamie Wu - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - [manifest: clarify that layers is technically OPTIONAL](https://github.com/opencontainers/image-spec/pull/1016) @vbatts - [manifest: provide guidance on SCRATCH config descriptor](https://github.com/opencontainers/image-spec/pull/1023) @vbatts - https://github.com/opencontainers/image-spec/issues/1025 - Open to changing "ignored" language? @friel https://github.com/opencontainers/image-spec/pull/1028 - https://github.com/opencontainers/image-spec/pull/902 - OK to merge https://github.com/opencontainers/distribution-spec/pull/383 ? (Josh) - _add your items_ ### Notes: ## February 9, 2023 **Recording**: https://youtu.be/WMcd0anCJVQ ### Attendees: - vbatts - Brandon Mitchell - Sajay Antony - Jason Hall - Aaron Friel - Josh Dolitsky - Jesse Butler - Tianon Gravi - Jamie Wu - John Kjell - Derek McGowan - Victor Lu - Mike Brown, IBM - Amye Scavarda Perrin - Ramkumar Chinchani - Michael Brown - Toddy - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - `OCI-Subject-Processed` response header: https://github.com/opencontainers/distribution-spec/pull/379 - `OCI-Filters-Applied` response header: https://github.com/opencontainers/distribution-spec/pull/380 - https://github.com/opencontainers/distribution-spec/issues/378 - https://github.com/opencontainers/image-spec/pull/999 - https://github.com/opencontainers/image-spec/pull/1004 ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## February 2, 2023 Cancelled ## February 1, 2023 **Recording**: On-site hybrid event at CNSecurityCon: <https://hackmd.io/moB5-fsQTbGmDpnrsY-4yg> ## January 26, 2023 **Recording**: https://youtu.be/w39590Jn5zg ### Attendees - Ramkumar Chinchani - Brandon Mitchell - Sajay Antony - Michael Brown - Tianon - Chris Crone - Dave O'Connor - Syed Ahmed ### Note Taker ### Actionable Agenda Items: - **Jason:** deprecating non distributable layers? - <https://github.com/opencontainers/image-spec/pull/965> - **Jon:** upon pushing a manifest with `subject`, the registry should respond with a header that says "I parsed and processed this subject, and updated referrers"; this is a clear positive signal that the registry supports the referrers API. - **Jon:** https://github.com/opencontainers/image-spec/pull/999 - dropping Artifact Manifest from v1.1 - Agenda items for next week's meeting go here: (Feb 1, 2pm to 5pm in person and virtual) - https://hackmd.io/moB5-fsQTbGmDpnrsY-4yg ## January 19, 2023 **Recording**: https://youtu.be/E6RdnQxU5ZM ### Attendees: - Brandon Mitchell - Jon Johnson - Vincent Batts - Jesse Butler - Tianon - Severin Neumann - Toddy Mladenov - Jason Hall - Brian Goff - Sajay Antony - Ramkumar Chinchani - Aaron Friel - Jamie Wu - Mike Brown - Amye Scavarda Perrin - ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - [1] Question: is it possible/feasible to make something like suggested in the issue below possible (obtain container/image id from within the container)? - https://github.com/opencontainers/runtime-spec/issues/1105 - Main use case: correlate monitoring data from inside the container (application) with the outside (infrastructure) - [2] Continued discussion, adding capabilities endpoint and client use case guidance - https://github.com/opencontainers/distribution-spec/issues/365 - should this become two issues? - [3] New Open Standards Survey: https://www.research.net/r/FG78BXB - [4] [Specify accepted manifest types #373](https://github.com/opencontainers/distribution-spec/pull/373) @sajay ### Notes: ## January 12, 2023 **Recording**: https://youtu.be/SjF5PURhmw8 ### Attendees: - Brandon Mitchell - Brandon Caton - Dave O'Connor - nisha - Jon Johnson - Jamie Wu - cpuguy83 - Syed Ahmed - Josh Dolitsky - Victor Lu - Michael Brown - Jesse Butler - Ramkumar Chinchani - Brandon Klein - Sajay Antony - Tianon - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Check-in on 1.1 release - <https://github.com/opencontainers/image-spec/milestone/14> - <https://github.com/opencontainers/distribution-spec/milestone/6> - Discuss adding version endpoint, client requirements - https://github.com/opencontainers/distribution-spec/issues/365 - .. ### Notes: ## January 5, 2023 **Recording**: https://youtu.be/RlWvaGxg_jg ### Attendees: - Brandon Mitchell - Phil Estes - Ramkumar Chinchani - Michael Brown - Brandon Klein - Tianon - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - _add your items_ ### Presentation/Discussion Agenda Items: - How are people feeling about 1.1 release at end of month? (Josh) - Milestone tracking: - <https://github.com/opencontainers/image-spec/milestone/14> - <https://github.com/opencontainers/distribution-spec/milestone/6> - Discussion on the registry ability to not include annotations in referrers response - <https://github.com/opencontainers/distribution-spec/pull/367> - Recommend to refuse the manifest push rather than alter the referrers response per descriptor or filter out responses - Limit descriptor size to 40kb for a manifest with a subject - 40kb * 100 responses per page = 4mb limit on index - registries can then implement pagination with a fixed 100 entries per page rather than checking each additional descriptor for the limit - some clients already limit individual annotations to 4kb - allows arbitrary annotations for future use cases, but with a bounded max size - Registries MAY reject a manifest push that exceeds these limits - _add your items_ ## December 28, 2022 Canceled ## December 22, 2022 Canceled ## December 15, 2022 **Recording**: https://youtu.be/uuBb-2NTYIw ### Attendees: - Brandon Mitchell - Tianon - Jesse Butler - Michael Brown - Sajay Antony - Mike Brown - Jason Hall - Jon Johnson - Toddy Mladenov - Samuel Karp - - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - WG Proposal for Authn/Authz: <https://github.com/opencontainers/tob/pull/119> - Timeline for tagging 1.1 distribution/image-spec - Still want to see some implementations - Milestone tracking: - <https://github.com/opencontainers/image-spec/milestone/14> - <https://github.com/opencontainers/distribution-spec/milestone/6> - Determining if registry supports the new manifest and referrers? - https://github.com/opencontainers/distribution-spec/issues/365 [@sajay] - Meeting schedule for rest of the year - Calendars have been cleared until Jan - ASP - ### Notes: ## December 8, 2022 **Recording**: https://youtu.be/PzWqxhqNrLQ ### Attendees: - Brandon Mitchell - Sajay Antony - Jesse Butler - Ramkumar Chinchani (Cisco/zot) - Michael Brown - Tianon - Samuel Karp - - _add yourself_ ### Note Taker: - https://github.com/opencontainers/distribution-spec/issues/365 - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - determining whether a registry supports reference types: https://github.com/opencontainers/distribution-spec/issues/365 - There is a desire for client tooling to fail fast, before the blob push, when the future manifest push will fail ### Notes: ## December 1, 2022 **Recording**: https://youtu.be/PnuKGurvEn4 ### Attendees: - _add yourself_ - Brandon Mitchell - Sajay Antony - Tianon - Brian Goff - Jamie (AWS ECR) - Jon Johnson - Ramkumar Chinchani - ToddySM ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - [Distribution PR #366](https://github.com/opencontainers/distribution-spec/pull/366) (Brandon) - https://opencontainers.slack.com/archives/C0LQVA03W/p1669781318238629 - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: - Discussing `artifactType` and blob `mediaType` - Some discussion happened at [KubeCon](https://hackmd.io/nZzK_4AfRz-xgya6KkqseA#Standardizing-artifact-media-types-and-annotations---allowing-interoperability-among-clients-Nisha-KumarBrandon-Mitchell) - Notary / COSE discussion: <https://github.com/notaryproject/notaryproject/issues/207> - Must be ignored? - https://github.com/opencontainers/image-spec/blob/main/image-index.md?plain=1#L46 - https://github.com/opencontainers/image-spec/pull/902 - Can clients detect when the new artifact manifest is not supported by a registry - Related discussion: https://fosstodon.org/@bmitch/109417666339330970 - Push to not fallback or automatically upgrade because of portability concerns (Brandon) - No good answer to interpret different errors, Brandon is just giving the error back to the user as-is. ## November 24, 2022 is cancelled ## November 17, 2022 **Recording**: https://youtu.be/LL18erQULwc ### Attendees - John Ericsson (Nix Community / Obsidian Systems) - David Arnold (Nix Community / IOHK) - Brandon Mitchell - Ramkumar Chinchani (zot/Cisco) - Brandon Klein (SNL) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Ways to bring the Nix ecosystem closer to OCI - Maybe a new "non-conflicting" layer type? - Could work for other, too: eg. _Guix_ ### Notes: - Nix/Guix "layers" - Non-conflicting (disjoint mount points) - Immutable - Need to support numerous tiny images, no artificial limits. - Nix/Guix ideomatic usage - No "base image" - Turtles all the way down! - Read-only paths can be done with https://github.com/opencontainers/runtime-spec/blob/main/config-linux.md#readonly-paths - Jon Johnson: Seems like two things to consider: 1. How to represent these images (image-spec) 2. How to unpack these differently from overlay (runtime-spec) - Tianon Gravi: runtime-spec doesn't specify unpacking though, that's runtime-specific (runtime-spec just specifies "rootfs" and it's implementation defined how to create that from an image) O:) - Nisha Kumar: The problem with regarding to running a /store like rootfs is putting the right binary in the right place such that the container runtime can find it - Brandon Mitchell: I'm wondering if the implementation could be as easy as an annotation that indicates the name of the non-conflicting path, which has the potential to be backwards compatible. - John Ericson: Sounds great!! ## November 10, 2022 **Recording**: https://youtu.be/HV_4mACIWrY ### Attendees: - Brandon Mitchell - Jason Hall - Phil Estes - Derek McGowan - Mike Brown (IBM) - Josh Dolitsky - Jon Johnson - Kevin Parsons - Sajay Antony - Christian Kniep - Kazu - Brian Goff - Tianon - Toddy - Michael Brown (AWS) - Ramkumar Chinchani (zot/Cisco) - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - [Jason] wasi/wasm change needs image-spec approvers 🙏: https://github.com/opencontainers/image-spec/pull/964 - [Jason] Dockerhub doesn't actually support "OCI Artifacts" - continued harmful confusion about these terms - We should clarify that "OCI Artifacts" is this: https://github.com/opencontainers/image-spec/blob/main/artifact.md - ...and not this: https://github.com/opencontainers/artifacts - Jason's AI from OCI Summit to migrate artifact author guidance to image-spec, then archive/delete `artifacts` repo. - Tianon: "subject" field issue with Docker Hub is fixed as of today! 😇 - [Jason] referrers API: "registries MAY hoist the manifest contents into the `data` of the descriptor - which means we can change "annotations MUST be hoisted" to "annotations MAY be hoisted" - clients should be prepared to fetch manifests if they want to filter on annotation data - Jon's issue: https://github.com/opencontainers/distribution-spec/issues/357 ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## November 3, 2022 **Recording**: https://youtu.be/kjleG_01EqQ ### Attendees: - Brandon Mitchell - Josh Dolitsky - Sajay Antony - Mike Brown (IBM) - Michael Brown (AWS) - Jesse Butler - Tianon - ASP - Bjorn Neergaard - Cory Snider - Brian Goff - Nisha Kumar - Ramkumar Chinchani (zot/Cisco) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Road to releasing 1.1. What's left? (Michael Brown) - Should we set a target release date and work towards that? (Josh) ### Presentation/Discussion Agenda Items: - Implied directories: <https://github.com/opencontainers/image-spec/pull/970> - Support for Diff Pulls?: <https://github.com/opencontainers/distribution-spec/issues/360> - _add your items_ ### Notes: - Road to releasing 1.1. What’s left? (Michael Brown) - [Image Spec Milestone](https://github.com/opencontainers/image-spec/milestone/14) - [Distribution Spec Milestone](https://github.com/opencontainers/distribution-spec/milestone/6) - [Zot is adding support](https://github.com/project-zot/zot/pull/936) - can we set a timeline? - Josh: maybe Jan 17 - Amye: seems too soon, what about a few weeks later? - https://events.linuxfoundation.org/cloudnativesecuritycon-north-america/ is a good one to track to, Feb 2-3 - Docker Hub currently has a filter/block on the subject field ## October 27, 2022 **Recording**: https://youtu.be/IuTYxTUj-bA ### Attendees: - Brandon Mitchell - Jon Johnson - Brandon Klein - Jadjit Singh - Tianon - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - Adding a header for pulls <https://github.com/opencontainers/distribution-spec/pull/358> - Relaxing annotation requirement on referrers API response <https://github.com/opencontainers/distribution-spec/issues/357> - CNCF/KubeCon meeting <https://hackmd.io/nZzK_4AfRz-xgya6KkqseA> ### Notes: - (Jon and Brandon Mitchell had some productive chatting) ## October 24, 2022 KubeCon NA in Detroit! **Recording**: https://youtu.be/8lPr9cbLSmA **Event specific notes**: https://hackmd.io/nZzK_4AfRz-xgya6KkqseA ## October 20, 2022 **Recording**: https://youtu.be/O1aNjcC_0d8 ### Attendees: - Lachlan Evenson - Amye Scavarda Perrin - Brandon Mitchell - Nisha Kumar - Tianon Gravi - Michael Brown - Josh Dolitsky - Phil Estes - Jon Johson - Sajay Antony ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - <https://github.com/opencontainers/image-spec/pull/957> - _add your items_ ### Presentation/Discussion Agenda Items: - OCI summit Monday, October 24 (before KubeCon): https://hackmd.io/nZzK_4AfRz-xgya6KkqseA - Propsal: Change artifactType from SHOULD to MUST (Lachlan) - https://github.com/opencontainers/image-spec/issues/968 - Improvements to artifactType definition and examples for clarity (Lachlan) - _add your items_ ### Notes: ## October 13, 2022 **Recording**: https://youtu.be/UbbbFroXIAQ ### Attendees: - Brandon Mitchell - Michael Brown - Samuel Karp - Nisha - Sajay ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Artifact Testing Reviews needed <https://github.com/opencontainers/image-spec/pull/942> - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - OCI summit Monday, October 24 (before KubeCon): https://hackmd.io/nZzK_4AfRz-xgya6KkqseA - Deprecating foreign layers [Jason] - The only use of them in the wild is [moving away from them](https://techcommunity.microsoft.com/t5/containers/announcing-windows-container-base-image-redistribution-rights/ba-p/3645201) - [Justin says](https://twitter.com/justincormack/status/1580536342114492417) they can be deprecated - Can we add language [here](https://github.com/opencontainers/image-spec/blob/main/layer.md#non-distributable-layers) along the lines of, "This layer type is considered deprecated, and not recommended for future use. Clients should still consider them when moving images (for backward compatibility) but in general SHOULD NOT produce new layers with that type." - Wasm considerations for image-spec [Jason] - Wasm is using OCI images to package and distribute (that's good!) - ...but currently only building single-platform images, and lying about their OS+arch being `linux/amd64` (that's bad!) - want to do better, but image-spec guidance is lacking - `.platform.os` field is `REQUIRED` but not meaningful to Wasm - guidance is to use values of Go's `GOOS` and `GOARCH` - As specified, this would mean `os=js`, `arch=wasm` - Go's Wasm support is lagging far behind Rust and TypeScript. - aside: `GOARCH=wasm` is 32-bit -- `wasm64` may come later - aside: `amd64` variants [#852](https://github.com/opencontainers/image-spec/issues/852) - Wasm may have variants (`spin` and `slight` today) -- should they register them with OCI? - They seem okay with `os=wasi`, `arch=wasm`, `variant=spin` (etc) - **Specific asks:** - specifying an exception to the `GOOS` rule for `wasi`? - specifying known variants for when `arch=wasm`, but you can also BYO? - Questions from Jon: - what's the layer media type? (A: `application/vnd.docker.image.rootfs.diff.tar.gzip`) - do they set the entrypoint? (A: No, not today, but we could recommend/require it) - Resuming interrupted PATCH request (Brandon) - API to get status of an upload is not defined - Procedure to get the current "Location" and "Range" is not defined by OCI - Docker API has a `GET /v2/<repo>/blobs/uploads/<uuid>` ([ref](https://github.com/distribution/distribution/blob/5cb406d511b7b9163bff9b6439072e4892e5ae3b/docs/spec/api.md#upload-progress)) - Related: <https://github.com/opencontainers/distribution-spec/issues/352> - New Netlify image is needed <https://github.com/opencontainers/opencontainers.org/issues/120> (Brandon) - Embedding Platform in Config <https://github.com/opencontainers/image-spec/pull/949> (Brandon) ### Notes: ## October 6, 2022 **Recording**: https://youtu.be/8X8vxWohmqA ### Attendees: - Brandon Mitchell - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - https://hackmd.io/nZzK_4AfRz-xgya6KkqseA ### Notes: ## September 29, 2022 **Recording**: https://youtu.be/DyUfew4gF3c ### Attendees: - Brandon Mitchell - ASP - Sajay Antony - Mike Brown (IBM) - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - OCI Meeting at KubeCon + virtual; October 24th from 10am to 12pm Central - RC2 is looking for votes: <https://github.com/opencontainers/image-spec/pull/958> ### Notes: ## September 22, 2022 **Recording**: https://youtu.be/F9gmGcKq9rM ### Attendees: - Lachlan Evenson - Mike Brown (IBM) - Brandon - Sajay - Tianon - Brian Goff - VBatts - Nisha - Ramkumar Chinchani ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Continue discussion on RC1 release [Brandon/Josh/Sajay] - Distribution spec - https://github.com/opencontainers/distribution-spec/pull/348 - Image Spec - https://github.com/opencontainers/image-spec/pull/953 - Reviewing 1.0.3 tagging option: <https://github.com/opencontainers/image-spec/issues/918> - _add your items_ ### Notes: ## September 15, 2022 **Recording**: https://youtu.be/jqtaJn6s6uo ### Attendees: - Samuel Karp - Sajay Antony - Brandon Mitchell - Josh Dolitsky - Michael Brown (IBM) - Michael Brown (AWS) - Brian Goff - Brandon Klein - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - [Rename refers field to subject](https://github.com/opencontainers/image-spec/pull/950) - [Distribution Spec](https://github.com/opencontainers/distribution-spec/pull/344) - Need approval from maintainers @sajay - Discuss about process for release of spec to enable downstream consumers of the new specification @lachie83 (out on jury duty) - https://github.com/opencontainers/image-spec/issues/952 - https://github.com/opencontainers/distribution-spec/issues/337 - Remaining items: - <https://github.com/opencontainers/image-spec/issues/940> - <https://github.com/opencontainers/distribution-spec/issues/337> - Cutting an RC: 1. Open a PR titled `v1.0.0-rc0` 2. TODO (contents of PR) 3. Email to `dev@opencontainers.org.` 4. Subject `[image-spec VOTE] tag <shorthash> as v1.1.0-rc0 (closes Mon 19 Apr 2021 10:00:00 PM UTC)` (date is 7 days from now) 5. Body: ``` ``` - _add your items_ ### Notes: ## September 8, 2022 **Recording**: https://youtu.be/9k2QbsrbkY0 ### Attendees: - Samuel Karp - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - <https://github.com/opencontainers/image-spec/issues/940> - <https://github.com/opencontainers/opencontainers.org/pull/118> - _add your items_ ### Notes: ## September 1, 2022 **Recording**: https://youtu.be/t28jnJgPOqI ### Attendees: - Brandon Mitchell - Michael Brown - Josh Dolitsky - Nisha Kumar - Sam Karp - Brandon Thorin Klein - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - <https://github.com/opencontainers/image-spec/issues/940> - <https://github.com/opencontainers/distribution-spec/issues/337> - _add your items_ ### Notes: - [Michael] turn [this issue](https://github.com/opencontainers/distribution-spec/issues/340) into a vote. - Nisha is adding alternatives to refers/referrers to <https://github.com/opencontainers/image-spec/issues/940> ## August 25, 2022 **Recording**: https://youtu.be/yycxvdu8HpM ### Attendees: - Phil Estes - Lachlan Evenson - Brandon Mitchell - Mike Brown - Vincent Batts - Sajay Antony - Jesse Butler - Tianon Gravi - Ramkumar Chinchani - Kyle Smith ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Working Group Proposal Merge (Brandon): - [image-spec](https://github.com/opencontainers/image-spec/pull/934) - [distribution-spec](https://github.com/opencontainers/distribution-spec/pull/335) - Issue and PR review (Brandon) - _add your items_ ### Notes: - Future TODO items: - Update image-spec spec.md definitions to match distribution-spec - "Refers": add "field" or "to"? - "Referrers": add "list"? - Change Object to *object* - Change "registry SHOULD accept a manifest with a `refers`" to "MUST" - include details of why, how to GC - Change `<reference>` to `<digest>` and define `<digest>` - "tags may be added in the future" - Add "note" to "Multiple clients could attempt to update the tag simultaneously resulting in race conditions and data loss." ## August 18, 2022 **Recording**: https://youtu.be/d7WHS5fPl3k ### Attendees: - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Working Group Proposal Updates (Brandon): - [image-spec](https://github.com/opencontainers/image-spec/pull/934) - [distribution-spec](https://github.com/opencontainers/distribution-spec/pull/335) - Possibility of project meeting at KubeCon? (ASP) - Need to check on availability for hybrid - [Naming discussion](https://github.com/opencontainers/wg-reference-types/issues/41) - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## August 11, 2022 **Recording**: https://youtu.be/Hfy8umF8p20 ### Attendees: - Brandon Mitchell - Sajay Antony - Josh Dolitsky - Jimmy Zelinskie - Vincent Batts - Lachlan Evenson - Michael Brown (AWS) - Nisha - Samuel Karp - Brian Goff - Trianon Gravi - Ramkumar Chinchani - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Working Group Proposal (Brandon, Josh, Sajay, Nisha, and many others): - [image-spec](https://github.com/opencontainers/image-spec/pull/934) - [distribution-spec](https://github.com/opencontainers/distribution-spec/pull/335) - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: - next-steps on the referers API WG: - Get this Zoom recording, and share for review - https://github.com/opencontainers/image-spec/pull/934 - https://github.com/opencontainers/distribution-spec/pull/335 - Allow for 2wks - 1mo for review before merge - ## August 4, 2022 No agenda, canceled ## July 28, 2022 No agenda, just a short informal discussion on GC policies and the working group. ## July 21, 2022 No agenda, canceled ## July 14, 2022 No agenda, canceled ## July 7, 2022 ### Attendees: - _add yourself_ - Brandon Mitchell - Ramkumar Chinchani (Cisco/zot) - Sajay Antony - Mike Brown (IBM) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ - How should new specs be delivered from a WG to OCI? - [Draft: WG for Reference Spec](https://github.com/opencontainers/tob/pull/114) - https://github.com/opencontainers/artifacts/pull/56 - image-spec needs some pruning: - https://github.com/opencontainers/image-spec/pull/927 - https://github.com/opencontainers/image-spec/pull/926 ### Notes: ## June 30, 2022 ### Attendees: - Brandon Mitchell - Phil Estes - Ramkumar Chinchani (Cisco) - Tianon - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - Options for immutable tags [distribution-spec PR #320](https://github.com/opencontainers/distribution-spec/pull/320) (Brandon) - Creation of a working group to standardize the reference syntax. (Brandon) - [PR Opened](https://github.com/opencontainers/tob/pull/114) - Cross-registry blob mounting ([distribution-spec#323](https://github.com/opencontainers/distribution-spec/issues/323)) interest? (Jon) - _add your items_ ### Notes: ## June 23, 2022 ### Attendees: - Tianon - Jason - Flavian - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - Nisha: are registries required to verify digests on push? - Tianon: image-spec says SHOULD, no conformance test though - https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md#verification - Nisha: zot seems to not verify - Jason: zot is listed as conformant - https://github.com/opencontainers/oci-conformance/tree/main/distribution-spec/v1.0/zot - [Jason] OCI recommending a header for manifest/blob pulls to denote the image ref that request is being made for - help registry operators attribute pulls to images --> better rate limits - build this into clients - go-containerregistry prototype [here](https://github.com/google/go-containerregistry/pull/1369) - Flavian: potentially also a useful signal for GC -- e.g., don't GC something that was implicated in a pull in the last N days - Quay does something similar, where blobs are associated with a repo instead of a manifest until a subsequent manifest push references the blob; blobs only referenced by repos and not by manifests are GCed after ~1h. ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## June 16, 2022 ### Attendees: - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## Jun 9, 2022 ### Attendees - David Arnold - Zack Newman - Flavian Missi - Tianon - Brandon Mitchell - Josh Dolitsky - Sajay Antony - _add yourself_ ### Note Taker: - Brandon ### Actionable Agenda Items: - _add your items_ ### Presentation/Discussion Agenda Items: - OCI Image support for Nix Store Paths: - https://github.com/opencontainers/image-spec/issues/922 ### Notes: - Looking to store Nix data in OCI blobs - Can't use layers because of overlay limits on number of layers - Would use their own distribution-spec implementation - Need some kind runtime to assemble filesystem without overlay for Nix components - Nix currently has a cache, sometimes forced to rebuild on a cache miss, would like a registry to keep the store - When glibc updates, all child objects in the store need to be recreated ## Jun 2, 2022 ### Attendees - Brandon Mitchell - Tianon - Nisha - Josh Dolitsky - Mike Brown - _add yourself_ ### Note Taker: - Nisha/Brandon ### Actionable Agenda Items: - Who's taking notes? - PR https://github.com/opencontainers/image-spec/pull/919 - How do we bother the image spec maintainers - Brandon did a ping all maintainers on github - Josh will reach out to Steveeo(?) - [Proposal F](https://github.com/opencontainers/wg-reference-types/issues/50) - Still waiting for PR to review - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## May 26, 2022 ### Attendees - Brandon Mitchell - Tianon - Brandon K - Nisha - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - PR https://github.com/opencontainers/image-spec/pull/919 - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: ## May 12, 2022 ### Attendees: - Phil Estes (AWS) - Sajay Antony - Tianon - Flavian Missi - Silvin Lubecki - _add yourself_ ### Note Taker: - ### Actionable Agenda Items: - ~~Punted from last week: [image-spec maintainers](https://github.com/opencontainers/image-spec/pull/910) (Josh)~~ - Merged 🎉 - [Minimum criteria for new maintainers](https://github.com/opencontainers/image-spec/issues/912) (Josh) - 2 PRs already open to add [Sajay](https://github.com/opencontainers/image-spec/pull/911) and [Brandon](https://github.com/opencontainers/image-spec/pull/909) - The issue of timezones ### Presentation/Discussion Agenda Items: - ### Notes: - New maintainers: a new PR template will be added so that existing maintainers can nominate new maintainers (Nisha volunteered to submit PR) - ## May 5, 2022 ### Attendees: - Sajay Antony - Brandon Mitchell - Flavian Missi - _add yourself_ ### Note Taker: - ### Actionable Agenda Items: - [image-spec maintainers](https://github.com/opencontainers/image-spec/pull/910) (Josh) - [distribution-spec registry vs repository](https://github.com/opencontainers/distribution-spec/pull/325) (Brandon) ### Presentation/Discussion Agenda Items: - How should changes to distribution-spec be proposed? https://github.com/opencontainers/distribution-spec/issues/324 (Brandon) ### Notes: - ## April 28, 2022 ### Attendees: - Sajay - Brandon M - Brandon K - Ram - Tianon - Josh - MII - Kyle S ### Note Taker: - ### Actionable Agenda Items: - ### Presentation/Discussion Agenda Items: - https://github.com/opencontainers/image-spec/issues/907 ### Notes: - ## April 21, 2022 ### Attendees: - Vincent Batts - Brandon Mitchell - Samuel Karp - Mike Brown (IBM) - Brandon Klein - Kyle Smith (Full Sail) ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: - Areas for future standards - Authentication - Defining the reference and how "alpine" goes to Hub - Allowing redirects in distribution-spec response codes - What is needed for [Proposal E](https://github.com/opencontainers/wg-reference-types/pull/38) to get merged in spec changes - [[RFC] move descriptor (and layout?) to distribution-spec](https://github.com/opencontainers/image-spec/issues/907) - Issue with slack join link is being worked on ## April 14, 2022 ### Attendees: - Brandon Mitchell - Phil Estes - Vincent Batts - Tianon - Amye - Brandon Klein - Brian Goff - Josh Dolitsky - Steve Lasker - Sajay - Ramkumar Chinchani - Mike Brown(IBM) - Kyle Smith ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - _add your items_ ### Presentation/Discussion Agenda Items: - [Immutable tags](https://github.com/opencontainers/distribution-spec/pull/320) (Brandon) - Working Group Update: [Proposal E](https://github.com/opencontainers/wg-reference-types/pull/38) (Brandon) - _add your items_ ### Notes: ## April 2021 - March 2022 Call Logs The third year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2021-apr-2022-mar.md](https://github.com/opencontainers/.github/blob/master/meeting-notes/oci-weekly-notes-2021-apr-2022-mar.md). ## April 2020 - March 2021 Call Logs The second year of archived call logs is located on OCI GitHub as [oci-weekly-notes-2020-apr-2021-mar.md](https://github.com/opencontainers/.github/blob/master/meeting-notes/oci-weekly-notes-2020-apr-2021-mar.md). ## March 2019 - March 2020 Call Logs Older call logs are archived on the OCI GitHub [here](https://github.com/opencontainers/.github/blob/master/meeting-notes/oci-weekly-notes-2019-mar-2020-mar.md) covering March 2019 - March 2020. ## Template ## Meeting Date ### Attendees: - _add yourself_ ### Note Taker: - _add note taker_ ### Actionable Agenda Items: - Who's taking notes? - _add your items_ ### Presentation/Discussion Agenda Items: - _add your items_ ### Notes: - _add your notes_

    Import from clipboard

    Advanced permission required

    Your current role can only read. Ask the system administrator to acquire write and comment permission.

    This team is disabled

    Sorry, this team is disabled. You can't edit this note.

    This note is locked

    Sorry, only owner can edit this note.

    Reach the limit

    Sorry, you've reached the max length this note can be.
    Please reduce the content or divide it to more notes, thank you!

    Import from Gist

    Import from Snippet

    or

    Export to Snippet

    Are you sure?

    Do you really want to delete this note?
    All users will lost their connection.

    Create a note from template

    Create a note from template

    Oops...
    This template is not available.


    Upgrade

    All
    • All
    • Team
    No template found.

    Create custom template


    Upgrade

    Delete template

    Do you really want to delete this template?

    This page need refresh

    You have an incompatible client version.
    Refresh to update.
    New version available!
    See releases notes here
    Refresh to enjoy new features.
    Your user state has changed.
    Refresh to load new user state.

    Sign in

    Forgot password

    or

    By clicking below, you agree to our terms of service.

    Sign in via Facebook Sign in via Twitter Sign in via GitHub Sign in via Dropbox

    New to HackMD? Sign up

    Help

    • English
    • 中文
    • Français
    • Deutsch
    • 日本語
    • Español
    • Català
    • Ελληνικά
    • Português
    • italiano
    • Türkçe
    • Русский
    • Nederlands
    • hrvatski jezik
    • język polski
    • Українська
    • हिन्दी
    • svenska
    • Esperanto
    • dansk

    Documents

    Tutorials

    Book Mode Tutorial

    Slide Mode Tutorial

    YAML Metadata

    Contacts

    Facebook

    Twitter

    Feedback

    Send us email

    Resources

    Releases

    Pricing

    Blog

    Policy

    Terms

    Privacy

    Cheatsheet

    Syntax Example Reference
    # Header Header 基本排版
    - Unordered List
    • Unordered List
    1. Ordered List
    1. Ordered List
    - [ ] Todo List
    • Todo List
    > Blockquote
    Blockquote
    **Bold font** Bold font
    *Italics font* Italics font
    ~~Strikethrough~~ Strikethrough
    19^th^ 19th
    H~2~O H2O
    ++Inserted text++ Inserted text
    ==Marked text== Marked text
    [link text](https:// "title") Link
    ![image alt](https:// "title") Image
    `Code` Code 在筆記中貼入程式碼
    ```javascript
    var i = 0;
    ```    		 
    var i = 0;
    :smile: :smile: Emoji list
    {%youtube youtube_id %} Externals
    $L^aT_eX$ LaTeX
    :::info
    This is a alert area.
    :::

    This is a alert area.

    Versions

    Versions and GitHub Sync

    Sign in to link this note to GitHub Learn more
    This note is not linked with GitHub Learn more
     
    Add badge Pull Push GitHub Link Settings
    Upgrade now

    Version named by    

    More Less
    • Edit
    • Delete

    Note content is identical to the latest version.
    Compare with
      Choose a version
      No search result
      Version not found

    Feedback

    Submission failed, please try again

    Thanks for your support.

    On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?

    Please give us some advice and help us improve HackMD.

     

    Thanks for your feedback

    Remove version name

    Do you want to remove this version name and description?

    Transfer ownership

    Transfer to
      Warning: is a public team. If you transfer note to this team, everyone on the web can find and read this note.

        Link with GitHub

        Please authorize HackMD on GitHub

        Please sign in to GitHub and install the HackMD app on your GitHub repo. Learn more

         Sign in to GitHub

        HackMD links with GitHub through a GitHub App. You can choose which repo to install our App.

        Push the note to GitHub Push to GitHub Pull a file from GitHub

          Authorize again
         

        Choose which file to push to

        Select repo
        Refresh Authorize more repos
        Select branch
        Select file
        Select branch
        Choose version(s) to push
        • Save a new version and push
        • Choose from existing versions
        Available push count

        Upgrade

        Pull from GitHub

         
        File from GitHub
        File from HackMD

        GitHub Link Settings

        File linked

        Linked by
        File path
        Last synced branch
        Available push count

        Upgrade

        Danger Zone

        Unlink
        You will no longer receive notification when GitHub file changes after unlink.

        Syncing

        Push failed

        Push successfully