Jean-Rémy Bancel

I agree with @vagababov. Going from `N-1 -> N` to `N-2 -> N` just delays the problem and makes engineering a lot more complex for big changes that require some...

Bumping this issue because it something that most users I have met want to do. > I don't think we've figured out how to allow this in a way that...

Yes, this could be behind a feature flag. I'll take a look after I add support for Downward API.

A workaround is to use a Webhook to inject what you want in the Pod Spec. Not ideal. This is a WIP, but I don't think anyone is working on...

> @JRBANCEL I could have a look to this. Great. You can look a the various features behind feature flags for inspiration, for example: https://github.com/knative/serving/pull/8126

Hi,To my knowledge there was no existing tooling for SSNS at the time, but I don't claim I was the first one to work on it.Regarding your link, it's from...

On top of my mind, I would suggest you look into the SSNS format doc page: https://github.com/JRBANCEL/Chromagnon/wiki/Reverse-Engineering-SSNS-Format This explains how the Tabs of a session are stored. Using this. You...

> Introducing a requirement to install the webhooks would be a breaking change. Is using Workload Identity on AKS without the WI webhook even supported? [Official documentation](https://learn.microsoft.com/en-us/azure/aks/workload-identity-deploy-cluster#create-aks-cluster) requires to specify...

The `azure-identity-token` volume shouldn't be part of the Pod spec. Only specify the `azure.workload.identity/use: "true"` label should be specified and let the Workload Identity do its work.

Is it something we want to enforce? We could simply document it: tell customer to not open a socket on all interfaces but just on loopback. It could be in...