Lukas Hoehl

After some investigation this seems to be difficult to achieve: Currently, the tar archive gets unpacked without reconstructing the ownership. Reconstructing is kind of difficult permissions wise, because to reconstruct,...

@imjasonh I did some local testing on the integration tests, they should be working by now. Could you kick them off to see if it works as expected?

Hey all, I'm working on implementing [chroot isolation for kaniko](https://github.com/GoogleContainerTools/kaniko/pull/2169) and since chroot needs some mounts and unshare, having a seccomp & apparmor profile which allows that would be great....

This is indeed very interesting! I think that if we target wasm, we should focus on [WASI](https://github.com/WebAssembly/WASI) first. WASI implements a way to run WASM binaries on a runtime, e.g....

I tried to declutter the build package a bit to provide a more readable structure. The current build package is huge and it's hard to understand what build (building binary),...

Yes, that's reasonable. I think I'll go for the restructuring first because that makes implementing wasi support a bit easier and cleaner.

I did manage to find some time to reiterate on this feature, and I created a new branch to start of fresh. I'll open a second pull request with the...

Hey everyone, I haven't had the time working on that PR, but I'm also reconsidering if this is still a good idea to implement. The thing that bothers me: -...

> Taking a look at the description but not a detailed look at the code, I think it generally makes sense given the ability to specify configurations per pod. However,...

> annotation use patterns are nominally considered experimental only, injecting an annotation for a specific node.. > > admission controller maybe? still would rather this be a part of the...