 All right. Welcome in. We are recording. This is our sandbox review from January 11th. Liz, I will hand off to you. All right. Well, just before we started recording, we were talking about confidential containers and confidential computing. Because it seems like there's three applications related to confidential computing, interestingly all simultaneous. And we were saying that we don't know whether or not any of these projects have been suggested to the confidential computing consortium, or that's what it's called, isn't it? Is it correct? It is confidential computing consortium. Yes. The ego and marble run seem to be attached to the hip from some of the comments in there. The confidential containers one looks as though it's pretty related to Cata. Now, remind me where Cata lives. Open stack land. Terrible, terrible idea of theirs. Always was a mistake. So should we skip those three and just go to the second one, which is cloud we go. I think unless anyone has any particular reason to prioritize them, it would be worth finding out whether that's, because I guess it's another one of those areas where if we start opening up the door, so lots of confidential computing. Did we already do something there? It came in last time around. And how can we explain why there's so many new ones? How can projects update this information? Should they update it on the spreadsheet or? Yeah, we'll reach out. One, we'll reach out. Two, they can come back in and put comments on the spreadsheet. I think if I look at ego, it's an SDK, which is, you know, arguably this is more go oriented than cloud native. So I think that would be another question mark in my mind. You know, it's not something that people necessarily just run. Marble run does appear to be very Kubernetes centric. So the ego also says, talk something about a modified go compiler. And that's scary to me. Yeah, it's, I mean, you kind of have to modify the runtime, which basically means modifying the compiler because it goes not very friendly to adding platforms out of tree. Which has always been a little bit of a problem with doing it, working with go like this. That is definitely giving me cause for concern about whether ego really fits. It's also MPL too. So they have a small licensing change to do. Well, they won't be able to re-license go. So yeah, that would be a problem. Okay, that sounds pretty, pretty conclusively like ego should probably try to find a different home. Yep. Confidential computing foundation. We word that nicely, but those three, like, we'll reach out and see if this is really the right home for them. Well, yeah. I feel like ego. It isn't a case of them saying, oh no, we actually like CNCF better because I think even then for ego specifically, they've got a licensing issue. Changing the go run time sounds quite. This is interesting that they both come from edgeless sis. So does mobile run depend on ego? Not sure. So that would be another question to ask them. It does. I just looked up their code model really quick. So yeah. And they also have mentioned it in the, why do you want to contribute to the CNCF? Ego sister project marble and compliments the strategy because marble run is the control plane for confidential workloads kind of thing. So it could be that the ego might go to confidential computing and then marble run might end up with us. I love the branding for marble run here the service mesh for concept confidential computing. Love it. All right. Should we move on to cloud we go. A little bit like micro. Thanks. We have that SDK or something that was bringing dotnet stuff. Sound similar to that. But go lang. Did we accept it? I think I might have been the person who voted against it. Yeah, yeah, we didn't. It's from bite sounds. Yeah, so it probably runs at decent scale. But is middleware. Do you consider g rpc middleware? No, I consider g rpc and networking protocol. This feels very opinionated. This feels like the kind of thing that, you know, once you decide you're going in a particular direction, you can't really, you know, is Kitex a competitor to g rpc is a competitor to. Well, I don't know what. Yeah. Yeah. You know, are they are they go libraries. Again, I am not some of them are. Yeah. Yeah, but this feels like programming SDKs rather than cloud native projects to me. And I think there's a whole question of, you know, go libraries that are higher performance or more specialized than the go standard libraries, but I'm not sure that CNCF is necessarily the right home for them. So, does anybody want to vote for cloud we go. I'm inclined to water and say no. That would be my vote as well. No, and we'd like to better understand it or just know all together. Yeah, for me to know. Yeah, we, we, a long time ago we voted no or didn't vote in the end I think on as many years ago and I'll socket. Which was in a way kind of similar kind of middle wary thing that arguably even more crowded. And I think we've basically not we I mean we never accepted a project like that so far and I think we have not accepted some in the past. Well, maybe for the clarity of giving them an answer we should do about I shall put. Fairly inclusive. Okay, open policy registry. Wonder what the C stands for. Is there any reason why this is different from like why you'd have a policy registry rather than a general. I think the OCI registries were intending to be kind of general purpose not just for container images. I think they have some tools to build to see our effects with the policies inside my client side tools. So some backstory here. This is from a company called assertive. We want to do cloud native authorization as a service. So they're building a framework UI and those kinds of things for doing that. One of the components is this registry when they want to repurpose any harbor or whatever registries at as the place where you would store policies. So that then they can do Docker pull push kind of things for pulling the policy and then executing it. Which I thought you already could with with OCI registries. I mean, yeah, you can I mean that's is it I'm going to try and work out if it's a, I think that I think it's. It is using a normal registry but it's running a command line that's specialized for pulling and pushing policies, I think. Right. Yep, that's what it looks like it's doing. I think that P column P tells you how it's they're saying that this is a meta project that brings together three science of technologies OPA cosine OCI. And for each of them they've given like how they are doing it or what they are doing there. So they're just trying to formalize things. Both the code as well as they might be doing some specifications I guess. One thing I'm going to say is that the looking at the the repose I mean policy has 19 stars. That appears to be the most popular. In one question for me would be OPA has accepted sub projects in the past, right there's gatekeeper. I think that came from Microsoft, you know is there a reason they're not trying to go that route. So potentially or as, which is registry as storage. Yeah, potentially could take sub projects that are specific registry as storage as well I mean I think. That's a good idea. Yeah. Yes, I think that makes more. Yeah we should ask them to explore those two options. I don't know. It's like lemonade for all the letters jumbled up. Not very clear how it is cloud native. The application doesn't mention it. The, why do you want to contribute is a bit fluffy. We'd love to share our vision with others and meet contributors who are crazy enough to think that good ideas need to be shared with the world I mean that just sounds like. You've decided open source is a good idea. It's not very CNCF specific. No, and it's also just easy integration into enterprise software. So it's a little weird from column J to. And it's two, it's two people and six stars. One fork. Watches. Do we want to vote on it as cloud native or should we go say go away explain why your cloud native build up a community come back if you still want to join. Yeah, you could recommend LFAI to as an alternative organization. You got that Amy. Sure did carry on. Cool. Okay boot. Sort of sets up my sets of my opinionated kind of pulling building blocks together along bells. Also not clear whether it's from an individual or an organization for booting VMs running microservices which is to be honest, quite strange. A couple of clicks brought me to point gold.io and that's two people. Sorry. Two contributors plus possible. Yeah. Yeah, so maybe it's one contributor really one of them's only got two commits. Yeah, maybe it's unclear how it's really cloud native and needs more community. Should we move on to dev file. This is a red hat one. Alternative to get hubs proprietary. What's it called code spaces thing. Is it. I think I think that's, I think that's, that was the intention. I'm catching up on my notes. Now that makes it quite interesting. I'm not sure this is, I mean, the, the code space when it's not very proprietary, it's just not very good. It's just something someone hacked together in an afternoon that it's more, I mean, it's just, it wasn't really designed to be a standard. It was just something that was convenient to, to, for someone to hack together an afternoon, I think. But it's being used. It has got apparently support from red hat and I WS and IBM and somebody else. Jet brains. Yeah. I like the idea. I like the idea. Do we have other things that we consider like developer optimization tooling that falls into the same thing or. Well, there was that DS code extensions. Yeah. So it feels somewhat similar. Yeah, we do have specs. So it's not like specs are not a new thing for CNCF. Should we do votes for this? Anyone got any other comments or we've got three more minutes. Can we just deal with a marble run instead of picking another one. Okay. What did you want to say about mobile run? Like this, if we have to go back to the edge less as folks, we gave them some feedback about ego. Do you want to give feedback about the model run? It's, it's a pair. Ego is a dependency of it. Well, although there has some other. Just say another runtime. I'm not familiar with any of those other runtimes. Well, another one of them comes from the same people. We've got the same RTSRT is which is built on top of open long-laid but from the edge of the systems. So an open enclave is confidential computing foundation project. So it's another runtime that they build. So the question of whether or not they've spoken to confidential computing console. They're a member of it. So I guess they have. I don't know. I mean, yeah, I can see the, you know, there's a more direct line between this and cloud native with it being Kubernetes kind of flavored. I guess the feedback would be, let's see what happens with the ego and then we'll deal with this one. That's fine. We're nearly at time as well. Looks good. Yeah. All right. So we got through about nine of them. Good for first, first meeting of the year.