-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KEP-3488: Promote ValidatingAdmissionPolicy to Beta #118644
KEP-3488: Promote ValidatingAdmissionPolicy to Beta #118644
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexzielenski This looks ready for API review to me. Would you set that up?
/label api-review /cc @deads2k Still adding tests and tuning implementation. Expecting no further changes to types/global API code (excepting documentation and other feedback). |
/triage accepted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did not finish reviewing all the controller changes. Can we separate the "api, defaulting, conversion, validation" from the controller and admission changes? I know there are behavioral changes required, but freeing up the API first broadens reviewers.
8d0206a
to
bd581b1
Compare
pkg/registry/admissionregistration/validatingadmissionpolicybinding/authz.go
Outdated
Show resolved
Hide resolved
...rc/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching/matching_test.go
Outdated
Show resolved
Hide resolved
...rc/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching/matching_test.go
Outdated
Show resolved
Hide resolved
Thank you! @alexzielenski Please update following when you got time.
Thank you! ^^ |
v1alpha -> v1beta fill in DenyAction where there is no ParameterNotFoundAction
e73fbb2
to
c4cd92a
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexzielenski, deads2k The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
staging/src/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller.go
Outdated
Show resolved
Hide resolved
staging/src/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller.go
Outdated
Show resolved
Hide resolved
c4cd92a
to
d647958
Compare
/lgtm |
LGTM label has been added. Git tree hash: 6f3cbba547c06b8dfe7f1f0c2fcc03a6f3ea0726
|
/retest |
@alexzielenski: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/retest |
The KEP link for the changelog should be to k/enhancements, not - https://github.com/cici37/enhancements/ |
Changelog suggestion: - Promoted validating admission policies to beta
- Promoted API groups `ValidatingAdmissionPolicy` and `ValidatingAdmissionPolicyBinding` to `v1beta1`. |
What type of PR is this?
/kind feature
What this PR does / why we need it:
Prerequisites:
Graduation Criteria from KEP:
added caching of the conversion on per-policy basis, but multiple policies sharing paramKind may still reconvert
Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
/sig api-machinery
/cc @cici37 @jpbetz