dilyevsky

We're getting this error too. The cert served by `api.keybase.io` appears to be self-signed: ``` openssl s_client -connect api.keybase.io:443 | openssl x509 -noout -text Warning: Reading certificate from stdin since...

Actually it might be by design and they are not using public CA infra. So needs a client upgrade %)

Is "feature request" categorization really applicable here? Current behavior basically makes it impossible to have write-capable policy for `secret/*` (admin policy) if there exists more restrictive policy for a more...

@hferentschik you can use `temporal.DefaultServices` (https://github.com/temporalio/temporal/blob/69cc69763af17a456b2ce4efc3f4f520325bedca/temporal/server.go#L59) available since 1.20

We were observing high Bird CPU usage/liveness probes failing on clusters with large number of services running with IPVS kube-proxy mode. What happens is `kube-ipvs0` interface accumulates large number of...

@caseydavenport v3.19 but it looks to be in the latest too. You're right - it's excluded on the `direct` protocol but `device` still picking up *all* the interfaces and there's...

@dankilman thanks for report! (and digging into this). It def looks like an unprotected access, I'll get that fixed.