-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PodSecurity admission (PodSecurityPolicy replacement) #2579
Comments
Hi @tallclair 👋 1.22 Enhancements shadow here. This enhancement is in good shape for 1.22, a couple minor change requests in light of Enhancement Freeze on Thursday May 13th:
Thank you! |
|
Hi there, thanks for the speedy updates.
|
Hi @tallclair 👋 1.22 Enhancements shadow here. |
yes, this is one of the top three items sig-auth is tackling this release |
Hello @tallclair 👋 , 1.22 Docs Shadow here. This enhancement is marked as Needs Docs for 1.22 release. Thank you! |
Hi @tallclair 🌞 1.22 enhancements shadow here. In light of Code Freeze on July 8th, this enhancement current status is Thanks |
kubernetes/kubernetes#103099 is open for this enhancement |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
Can we try our best to make sure kubernetes/kubernetes#105919 lands in 1.25 too? We are pursuing having 'PodOS' field go to GA in 1.25 too and without this change users may be unable to schedule Windows pods that specify a For example: |
yes, I'd expect kubernetes/kubernetes#105919 to be required for GA of the PodOS feature |
Yes, that is the goal and this was the PR I mentioned during sig-windows community meeting on Tuesday. We also explicitly mentioned it in KEP
|
Hello @tallclair 👋, 1.25 Enhancements team here. Just checking in as we approach enhancements freeze on 18:00 PST on Thursday June 16, 2022. For note, This enhancement is targeting for stage Here's where this enhancement currently stands: (updated on June 9, 2022)
Looks like for this one, we would need to update the following:
For note, the status of this enhancement is marked as |
Thanks so much for the very quick update @tallclair. 🙂 With the PR #3330 merged & Test Plan Section updated, the KEP is all ready for the upcoming enhancements freeze. 🚀 For note, the status of the enhancement is now |
Hello @tallclair 👋, 1.25 Release Docs Shadow here. This enhancement is marked as ‘Needs Docs’ for the 1.25 release. Please follow the steps detailed in the documentation to open a PR against the dev-1.25 branch in the k/website repo. This PR can be just a placeholder at this time and must be created by August 4. Also, take a look at Documenting for a release to familiarize yourself with the docs requirement for the release. Thank you! |
One thing to document: the config API (see https://kubernetes.io/docs/reference/config-api/). Talk to SIG Docs if you want help with generating that reference, we usually automate this. |
Hi @tallclair 👋 1.25 enhancements team here. It looks like all PRs subject to the v1.25 code freeze have been merged so this enhancement is still Also, thank you for linking PRs and including them in the issue description. As always, we are here to help should questions come up. Thanks!! |
marked complete in #3487 |
Enhancement Description
One-line enhancement description (can be used as a release note): Introduce a new admission controller for enforcing the Pod Security Standards on pods in a namespace.
Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/2579-psp-replacement/
Discussion Link: https://docs.google.com/document/d/1woLGRoONE3EBVx-wTb4pvp4CI7tmLZ6lS26VTbosLKM/view#bookmark=id.km06bp3uzuco
Primary contact (assignee): @tallclair
Responsible SIGs: sig-auth, sig-security
Enhancement target (which target equals to which milestone):
Alpha (1.22)
k/enhancements
) update PR(s): PSP Replacement KEP #2582k/k
) update PR(s):k/website
) update PR(s):Beta (1.23)
k/enhancements
) update PR(s):k/k
) update PR(s):k/website
) update(s):Stable (1.25)
k/enhancements
) update PR(s):k/k
) update PR(s):k/website
) update(s):The text was updated successfully, but these errors were encountered: