Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure secret pulled images #2535

Open
4 of 11 tasks
adisky opened this issue Feb 22, 2021 · 117 comments · May be fixed by kubernetes/kubernetes#125817
Open
4 of 11 tasks

Ensure secret pulled images #2535

adisky opened this issue Feb 22, 2021 · 117 comments · May be fixed by kubernetes/kubernetes#125817
Assignees
Labels
lead-opted-in Denotes that an issue has been opted in to a release sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team

Comments

@adisky
Copy link
Contributor

adisky commented Feb 22, 2021

Enhancement Description

Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.

/sig node

@k8s-ci-robot k8s-ci-robot added the sig/node Categorizes an issue or PR as relevant to SIG Node. label Feb 22, 2021
@adisky adisky changed the title Ensure secure image access Ensure secret pulled images Feb 22, 2021
@mikebrow
Copy link
Member

Thx @adisky

@ehashman
Copy link
Member

ehashman commented May 4, 2021

/stage stable
/milestone v1.22

Note: Since this is a bugfix Mike would like to target graduation directly to stable.

@k8s-ci-robot k8s-ci-robot added the stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status label May 4, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.22 milestone May 4, 2021
@JamesLaverack JamesLaverack added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label May 5, 2021
@JamesLaverack
Copy link
Member

Hey @mikebrow, 1.22 Enhancements Lead here. 👋

Note: Since this is a bugfix Mike would like to target graduation directly to stable.

@ehashman That should be fine so long as SIG Node are happy with that. (cc @dchen1107 @derekwaynecarr)

I'm aware there's an open PR for your KEP open, but I'd just like to highlight a few things. By enhancements freeze (23:59:59 PST on Thursday 13th May) we require the following:

  • Your KEP must be merged, including both a README.md and a kep.yaml these should be using the latest templates. For example the directory name should include the enhancement number (2535, in this case). This should be fully complete, including graduation criteria and a test plan.
  • We require an approved production readiness review. Please see the PRR documentation for further details.

@JamesLaverack
Copy link
Member

Hi @mikebrow, 1.22 Enhancements Lead here. 👋 With enhancements freeze now in effect we are removing this enhancement from the 1.22 release.

Feel free to file an exception to add this back to the release. If you plan to do so, please file this as early as possible.

Thanks!
/milestone clear

@k8s-ci-robot k8s-ci-robot removed this from the v1.22 milestone May 14, 2021
@JamesLaverack JamesLaverack added tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team and removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels May 14, 2021
@mikebrow
Copy link
Member

exception was filed last week.. no response yet. KEP updated to latest format and to resolve review questions (mainly added feature gate and switch to alpha vs going directly to GA. Code PR needs final reviews to go over the added feature gate.

@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 24, 2021
@salaxander
Copy link
Contributor

/remove-lifecycle stale
/milestone v1.23

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 31, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.23 milestone Aug 31, 2021
@salaxander salaxander added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team and removed tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team labels Aug 31, 2021
@Priyankasaggu11929
Copy link
Member

Hi @adisky! 1.23 Enhancements team here. Just checking in as we approach enhancements freeze on Thursday 09/09. Here's where this enhancement currently stands:

  • KEP file using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable
  • KEP has a test plan section filled out.
  • KEP has up to date graduation criteria.
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

Looks like for this one, we would need the following:


Also, could we please add some more information in the Test Plan section? Currently, the section is pointing towards checking a PR, could we add some relevant links or more pointers or have the tests specified inline? Thank you.

### Test Plan

See PR (exhaustive unit tests added for alpha covering feature gate on and off for new and modified functions)

Thank you!

@adisky
Copy link
Contributor Author

adisky commented Sep 7, 2021

Hi @adisky! 1.23 Enhancements team here. Just checking in as we approach enhancements freeze on Thursday 09/09. Here's where this enhancement currently stands:

  • KEP file using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable
  • KEP has a test plan section filled out.
  • KEP has up to date graduation criteria.
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

Looks like for this one, we would need the following:

Also, could we please add some more information in the Test Plan section? Currently, the section is pointing towards checking a PR, could we add some relevant links or more pointers or have the tests specified inline? Thank you.

### Test Plan

See PR (exhaustive unit tests added for alpha covering feature gate on and off for new and modified functions)

Thank you!

cc @mikebrow

@mikebrow
Copy link
Member

mikebrow commented Sep 8, 2021

@adisky @Priyankasaggu11929 I updated the KEP adding a description for the test plan and links.. and updated the KEP's alpha target from 1.22 to 1.23.

@Priyankasaggu11929
Copy link
Member

Thank you so much for adding the changes, @mikebrow.

Just to confirm once:

Could you please confirm this part. Thanks once again. :)

@mikebrow
Copy link
Member

mikebrow commented Sep 8, 2021

* As you mentioned above, this enhancement is targeting at `stage: alpha`, so is it right to change the `stage: stable` to `stage: alpha` on this issue?

Yes, it is right to change the stage to alpha.

* But the [commit changes for updating the KEP's alpha target & the latest-milestone](https://github.com/kubernetes/enhancements/pull/1608/files#diff-b0309577eac7d6f66d23c210698d6f71cfa45c5af46b20d27e2d5c867fcf6de1R20-R25) didn't come through.

Forgot to hit the save button on those changes :-) Fixed now. Cheers, Mike

@Priyankasaggu11929 Priyankasaggu11929 added stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status and removed stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status labels Sep 8, 2021
@Priyankasaggu11929
Copy link
Member

Thanks for the changes @mikebrow :)

@Priyankasaggu11929
Copy link
Member

Hello @mikebrow, just checking in as we approach 1.23 enhancements freeze tonight (09/09/2021, 23:59 PDT). Looks like the PR #1608 has got both lgtm, & approve label. But there's an hold on the merge.

Screenshot from 2021-09-10 07-09-21

Is it intended or can be removed to go ahead.? As with the PR merged, this enhancements will be ready for the 1.23 enhancements freeze tonight.

Thank you!

@Priyankasaggu11929
Copy link
Member

Just an update, the don-not-merge/hold label was removed manually since all the requirements were met.

The KEP is now tracked for the kubernetes 1.23 release. Thank you so much @mikebrow.

@dipesh-rawat
Copy link
Member

Hello @pacoxu @mikebrow @haircommander 👋, 1.31 Enhancements team here,

Now that PR #4693 has been merged, all the KEP requirements are in place and merged into k/enhancements.

Before the enhancement freeze, it would be appreciated if following nits could be addressed:

Aside from the minor nits mentioned above, this enhancement is all good for the upcoming enhancements freeze. 🚀

The status of this enhancement is now marked as tracked for enhancement freeze. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@haircommander
Copy link
Contributor

@pacoxu or @adisky are either of you able to?

@pacoxu
Copy link
Member

pacoxu commented Jun 14, 2024

I will give it a try the next release cycle if no one take it in v1.31.

@haircommander
Copy link
Contributor

ah no I am taking this but I need you to update the issue as described in #2535 (comment)

@pacoxu
Copy link
Member

pacoxu commented Jun 17, 2024

Updated.

/assign @haircommander

@hacktivist123
Copy link

Hello @haircommander 👋, 1.31 Docs Shadow here.

Does this enhancement work planned for 1.31 require any new docs or modification to existing docs?

If so, please follows the steps here to open a PR against dev-1.31 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Thursday June 27, 2024 18:00 PDT.

Also, take a look at Documenting for a release to get yourself familiarised with the docs requirement for the release.

Thank you!

@rashansmith
Copy link

Hi @mikebrow @haircommander @pacoxu,

👋 from the v1.31 Communications Team! We'd love for you to opt in to write a feature blog about your enhancement!
Some reasons why you might want to write a blog for this feature include (but are not limited to) if this introduces breaking changes, is important to our users, or has been in progress for a long time and is graduating.

To opt in, let us know and open a Feature Blog placeholder PR against the website repository by 3rd July, 2024. For more information about writing a blog see the blog contribution guidelines.

Note: In your placeholder PR, use XX characters for the blog date in the front matter and file name. We will work with you on updating the PR with the publication date once we have a final number of feature blogs for this release.

@sreeram-venkitesh sreeram-venkitesh added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Jun 24, 2024
@Princesso
Copy link

Hello @haircommander 👋, 1.31 Docs Shadow here.

Does this enhancement work planned for 1.31 require any new docs or modification to existing docs?

If so, please follows the steps here to open a PR against dev-1.31 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Thursday June 27, 2024 18:00 PDT.

Also, take a look at Documenting for a release to get yourself familiarised with the docs requirement for the release.

Thank you!

Hi @haircommander, good day. Gentle reminder to reopen the Doc placeholder PR against v1.31 for this enhancement before June 27th, 2024 which is the deadline for having a doc PR up. Thank you!

@haircommander
Copy link
Contributor

@sairameshv can you do that please?

sairameshv added a commit to sairameshv/website that referenced this issue Jun 25, 2024
…mage pull update feature

Reference: kubernetes/enhancements#2535

Signed-off-by: Sai Ramesh Vanka <svanka@redhat.com>
sairameshv added a commit to sairameshv/website that referenced this issue Jun 25, 2024
…mage pull update feature

Reference: kubernetes/enhancements#2535

Signed-off-by: Sai Ramesh Vanka <svanka@redhat.com>
@sairameshv
Copy link
Member

Hey @Princesso , Would this draft PR work?

@Princesso
Copy link

Hey @Princesso , Would this draft PR work?

It does, thank you!

@rashansmith
Copy link

Hey @mikebrow @haircommander @pacoxu, friendly reminder about the upcoming blog opt-in and placeholder deadline on July 3rd. Please open a blog placeholder PR if you are interested in contributing a blog.

@sairameshv
Copy link
Member

Hello @rashansmith , Here is a draft PR for the blog updates.
kubernetes/website#47053

@dipesh-rawat
Copy link
Member

Hey again @pacoxu @sairameshv @haircommander👋, 1.31 Enhancements team here,

Just checking in as we approach code freeze at at 02:00 UTC Wednesday 24th July 2024 / 19:00 PDT Tuesday 23rd July 2024.

Here's where this enhancement currently stands:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
  • All PR/s are ready to be merged (they have approved and lgtm labels applied) by the code freeze deadline. This includes tests.

For this enhancement, it looks like the following PRs are open and need to be merged before code freeze (and we need to update the Issue description to include all the related PRs of this KEP):

Additionally, please let me know if there are any other PRs in k/k not listed in the description that we should track for this KEP, so that we can maintain accurate status.

For this KEP, we would need to do the following:

  • Ensure all PRs to the Kubernetes repo related to your enhancement are linked in the above issue description (for tracking purposes).
  • Ensure all PRs are prepared for merging (they have approved and lgtm labels applied) by the code freeze deadline. This includes tests.

If you anticipate missing code freeze, you can file an exception request in advance.

The status of this enhancement is marked as at risk for code freeze.

@dipesh-rawat
Copy link
Member

Hey again @pacoxu @sairameshv @haircommander👋, 1.31 Enhancements team here,

Just a quick friendly reminder as we approach code freeze in around two weeks time, at 02:00 UTC Wednesday 24th July 2024 / 19:00 PDT Tuesday 23rd July 2024.

The current status of this enhancement is marked as at risk for code freeze. There are a few requirements mentioned in the comment #2535 (comment) that still need to be completed.

If you anticipate missing code freeze, you can file an exception request in advance.

@dipesh-rawat
Copy link
Member

Hey again @pacoxu @sairameshv @haircommander👋, 1.31 Enhancements team here,

Just a quick friendly reminder as we approach code freeze next week, at 02:00 UTC Wednesday 24th July 2024 / 19:00 PDT Tuesday 23rd July 2024.

The current status of this enhancement is marked as at risk for code freeze. There are a few requirements mentioned in the comment #2535 (comment) that still need to be completed.

If you anticipate missing code freeze, you can file an exception request in advance.

@dipesh-rawat
Copy link
Member

Hey again @pacoxu @sairameshv @haircommander👋, 1.31 Enhancements team here,

Just a quick friendly reminder as we approach code freeze in less than 2 days, at 02:00 UTC Wednesday 24th July 2024 / 19:00 PDT Tuesday 23rd July 2024.

The current status of this enhancement is marked as at risk for code freeze. There are a few requirements mentioned in the comment #2535 (comment) that still need to be completed.

If you anticipate missing code freeze, you can file an exception request in advance.

@dipesh-rawat
Copy link
Member

Hello @pacoxu @sairameshv @haircommander👋, Kubernetes 1.31 Enhancements team here,

Unfortunately, the implementation (code related) PR(s) associated with this enhancement is not in the merge-ready state by code-freeze and hence this enhancement is now removed from the v1.31 milestone.

If you still wish to progress this enhancement in v1.31, please file an exception request as soon as possible, within three days. If you have any questions, you can reach out in the #release-enhancements channel on Slack and we'll be happy to help. Thanks!

@sreeram-venkitesh
Copy link
Member

/milestone clear

@pacoxu
Copy link
Member

pacoxu commented Sep 6, 2024

/sig auth

@k8s-ci-robot k8s-ci-robot added the sig/auth Categorizes an issue or PR as relevant to SIG Auth. label Sep 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
lead-opted-in Denotes that an issue has been opted in to a release sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team
Projects
Status: Graduating
Status: Removed from Milestone
Status: Removed from Milestone
Status: Removed from Milestone
Status: Removed from Milestone
Status: No status
Status: Needs Triage
Status: Proposed for consideration
Development

Successfully merging a pull request may close this issue.