Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KEP-3488: Per namespace policy params #119215

Merged
merged 5 commits into from
Jul 20, 2023
Merged

KEP-3488: Per namespace policy params #119215

merged 5 commits into from
Jul 20, 2023

Conversation

alexzielenski
Copy link
Contributor

@alexzielenski alexzielenski commented Jul 11, 2023
edited by cici37

What type of PR is this?

/kind feature
/kind api-change

What this PR does / why we need it:

Adds namespaceParamRef to internal and v1alpha1 types and controller implementation.

This PR is required before merging:

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Added a new `namespaceParamRef` field to `admissionregistration.k8s.io/v1alpha1.ValidatingAdmissionPolicy`.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

- [KEP]: https://github.com/kubernetes/enhancements/issues/3488

/sig api-machinery
/cc @cici37 @jpbetz @jiahuif

@k8s-ci-robot k8s-ci-robot requested a review from cici37 July 11, 2023 01:06
@k8s-ci-robot k8s-ci-robot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Jul 11, 2023
@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. kind/feature Categorizes issue or PR as related to a new feature. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. area/apiserver area/code-generation area/test sig/testing Categorizes an issue or PR as relevant to SIG Testing. labels Jul 11, 2023
@k8s-triage-robot
Copy link

This PR may require API review.

If so, when the changes are ready, complete the pre-review checklist and request an API review.

Status of requested reviews is tracked in the API Review project.

@alexzielenski alexzielenski force-pushed the apiserver/policy/namespaceParamRef-alpha branch 3 times, most recently from b4f7914 to 44bf0a7 Compare July 11, 2023 01:43
@alexzielenski alexzielenski mentioned this pull request Jul 11, 2023
Merged
43 tasks
@alexzielenski alexzielenski force-pushed the apiserver/policy/namespaceParamRef-alpha branch 2 times, most recently from 119dffd to addcda1 Compare July 11, 2023 17:45
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Jul 11, 2023
@alexzielenski alexzielenski changed the title ValidatingAdmissionPolicy: namespaceParamRef ValidatingAdmissionPolicy: add namespaceParamRef to internal and v1alpha1 types Jul 11, 2023
@alexzielenski alexzielenski mentioned this pull request Jul 11, 2023
Closed
@alexzielenski alexzielenski force-pushed the apiserver/policy/namespaceParamRef-alpha branch from addcda1 to 7ae180b Compare July 11, 2023 18:49
@alexzielenski
Copy link
Contributor Author

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jul 11, 2023
@alexzielenski
Copy link
Contributor Author

/retest

@alexzielenski alexzielenski force-pushed the apiserver/policy/namespaceParamRef-alpha branch 2 times, most recently from ba9087b to a0cb1c4 Compare July 20, 2023 16:12
@alexzielenski alexzielenski force-pushed the apiserver/policy/namespaceParamRef-alpha branch from a0cb1c4 to b5e9e01 Compare July 20, 2023 16:30
@liggitt
Copy link
Member

liggitt commented Jul 20, 2023

/approve

for API/default/validation/authz bits

/hold for final lgtm on impl by @cici37 or @jpbetz

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 20, 2023
@liggitt liggitt moved this from In progress to API review completed, 1.28 in API Reviews Jul 20, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexzielenski, jpbetz, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 20, 2023
cici37
cici37 reviewed Jul 20, 2023
View reviewed changes
Copy link
Contributor

@cici37 cici37 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
Leave hold in place in case @jpbetz got time for it. Thank you!

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 20, 2023
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 16d8d172ca127719a8102dc00b75e18ba5585dd5

@alexzielenski alexzielenski changed the title ValidatingAdmissionPolicy: add namespaceParamRef to internal and v1alpha1 types KEP-3488: Per namespace policy params Jul 20, 2023
@liggitt
Copy link
Member

liggitt commented Jul 20, 2023

/retest

@jpbetz
Copy link
Contributor

jpbetz commented Jul 20, 2023

/hold cancel
Thanks!

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 20, 2023
@k8s-ci-robot
Copy link
Contributor

@alexzielenski: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-conformance-kind-ga-only-parallel b5e9e01 link unknown /test pull-kubernetes-conformance-kind-ga-only-parallel

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@jiahuif
Copy link
Member

jiahuif commented Jul 20, 2023

/retest

@k8s-ci-robot k8s-ci-robot merged commit 8a053c7 into kubernetes:master Jul 20, 2023
12 of 13 checks passed
@sftim
Copy link
Contributor

sftim commented Jul 25, 2023

Changelog suggestion:

Added a new `namespaceParamRef` field to admissionregistration.k8s.io/v1alpha1.ValidatingAdmissionPolicy

@sftim sftim mentioned this pull request Jul 25, 2023
Closed
@sftim
Copy link
Contributor

sftim commented Jul 25, 2023

Also, the KEP link should be to https://github.com/kubernetes/enhancements/ and not https://github.com/cici37/enhancements/

@cici37
Copy link
Contributor

cici37 commented Jul 25, 2023

@sftim Thanks for the catch! I have updated the KEP link and the Release Note to reflect the suggestion. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

@cici37 cici37 cici37 left review comments

@jiahuif jiahuif Awaiting requested review from jiahuif

@deads2k deads2k Awaiting requested review from deads2k

@jpbetz jpbetz Awaiting requested review from jpbetz

Assignees

@jpbetz jpbetz

@liggitt liggitt

@cici37 cici37

Labels
api-review Categorizes an issue or PR as actively needing an API review. approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver area/code-generation area/test cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/testing Categorizes an issue or PR as relevant to SIG Testing. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
API Reviews
Status: API review completed, 1.28
[sig-release] Bug Triage
Archived in project
Milestone
v1.28
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@alexzielenski @k8s-triage-robot @jpbetz @cici37 @k8s-ci-robot @Atharva-Shinde @liggitt @jiahuif @sftim