Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reduction of Secret-based Service Account Tokens #2799

Closed
39 tasks done
zshihang opened this issue Jun 25, 2021 · 87 comments
Closed
39 tasks done

Reduction of Secret-based Service Account Tokens #2799

zshihang opened this issue Jun 25, 2021 · 87 comments
Assignees
Labels
lead-opted-in Denotes that an issue has been opted in to a release lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/auth Categorizes an issue or PR as relevant to SIG Auth. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Milestone

Comments

@zshihang
Copy link
Contributor

zshihang commented Jun 25, 2021

Enhancement Description

@k8s-ci-robot k8s-ci-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Jun 25, 2021
@zshihang
Copy link
Contributor Author

/sig auth

@k8s-ci-robot k8s-ci-robot added sig/auth Categorizes an issue or PR as relevant to SIG Auth. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Jul 29, 2021
@enj enj added this to Needs Triage in SIG Auth Old Aug 9, 2021
@zshihang zshihang changed the title Token Controller Deprecation Reduction of Secret-based Service Account Tokens Sep 10, 2021
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Dec 9, 2021
@enj
Copy link
Member

enj commented Dec 13, 2021

/remove-lifecycle stale
/lifecycle frozen

@k8s-ci-robot k8s-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Dec 13, 2021
@enj enj moved this from Needs Triage to KEP Backlog in SIG Auth Old Dec 13, 2021
@liggitt liggitt moved this from KEP Backlog to In Review in SIG Auth Old Jan 18, 2022
@liggitt liggitt added the stage/beta Denotes an issue tracking an enhancement targeted for Beta status label Jan 18, 2022
@liggitt liggitt added this to the v1.24 milestone Jan 18, 2022
@liggitt liggitt moved this from In Review to Pending other SIGs in SIG Auth Old Jan 19, 2022
@liggitt liggitt moved this from Pending other SIGs to In Progress in SIG Auth Old Jan 19, 2022
@gracenng gracenng added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Jan 20, 2022
@gracenng
Copy link
Member

Hi @zshihang , 1.24 Enhancements Lead here. Will this enhancement (both features) be in alpha for 1.24?
Thanks

@zshihang
Copy link
Contributor Author

LegacyServiceAccountTokenNoAutoGeneration would be beta in 1.24; LegacyServiceAccountTokenTracking and LegacyServiceAccountTokenCleanUp would be alpha in 1.24.

@gracenng
Copy link
Member

Cross posted in PR
Hi @zshihang ! 1.24 Enhancements team here. Just checking in as we approach enhancements freeze on 18:00pm PT on Thursday Feb 3rd. I'll mark this as beta while awaiting your confirmation
Here’s where this enhancement currently stands:

  • Updated KEP file using the latest template has been merged into the k/enhancements repo KEP-2799: Reduction of Secret-based Service Account Tokens #2800
  • KEP status is marked as implementable for this release with latest-milestone: 1.24
  • KEP has a test plan section filled out.
  • KEP has up to date graduation criteria.
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

The status of this enhancement is track as at risk. @zshihang, you replied "done" in the PR but it has not been merged. Did I miss something?
Thanks!

@liggitt
Copy link
Member

liggitt commented Jan 27, 2022

@gracenng the linked PR has now merged. can you confirm this is in good shape for enhancements freeze?

@gracenng
Copy link
Member

Thanks for the ping @liggitt . Updated status to tracked, all good for enhancements freeze

@chrisnegus
Copy link

Hi @zshihang 👋 1.24 Docs shadow here.

This enhancement is marked as 'Needs Docs' for the 1.24 release.

Please follow the steps detailed in the documentation to open a PR against the dev-1.24 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Thu March 31, 11:59 PM PDT.

Also, if needed take a look at Documenting for a release to familiarize yourself with the docs requirement for the release.

Thanks!

@gracenng
Copy link
Member

Hi @zshihang 1.24 Enhancements Team here,

With Code Freeze approaching on 18:00 PDT Tuesday March 29th 2022, the enhancement status is at risk as there is no linked k/k PR. Kindly list them in this issue. Thanks!

@liggitt
Copy link
Member

liggitt commented Mar 16, 2022

updated description with code and docs PRs

@chrisnegus
Copy link

@liggitt Thanks for adding links to the docs PRs. Is that all the documentation required for this KEP in 1.24?

@liggitt
Copy link
Member

liggitt commented Mar 19, 2022

the unchecked items represent work yet to be done

@James-Quigley
Copy link

Hi @zshihang 👋 from the v1.29 Communications Release Team! We would like to check if you have any plans to publish blogs for this KEP regarding new features, removals, and deprecations for this release.
If so, you need to open a PR placeholder in the website repository.
The deadline will be on Tuesday 14th November 2023 (after the Docs deadline PR ready for review)
Here's the 1.29 Calendar

@yt2985
Copy link
Contributor

yt2985 commented Oct 23, 2023

Hi @James-Quigley, I have opened kubernetes/website#43563 in website repo for the kubernetes/kubernetes#120682.

@rayandas
Copy link
Member

rayandas commented Oct 28, 2023

Hey again @zshihang 👋, 1.29 Enhancements team here,

Just checking in as we approach code freeze at 01:00 UTC Wednesday 1st November 2023: .

Here's where this enhancement currently stands:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).

  • All PR/s are ready to be merged (they have approved and lgtm labels applied) by the code freeze deadline. This includes tests.

With all this, the status of this KEP is now tracked for code freeze.

Also, please let me know if there are other PRs in k/k we should be tracking for this KEP.
As always, we are here to help if any questions come up. Thanks!

@Priyankasaggu11929
Copy link
Member

Hello @zshihang @yt2985 @yuanchen8911 👋, 1.29 Release team here.

With below implementation(code related) PRs merged as per the issue description, this enhancement is now marked as tracked for code freeze for the 1.29 Code Freeze! 🚀

The test freeze is 01:00 UTC Wednesday 15th November 2023 / 18:00 PDT Tuesday 14th November 2023. Please make sure all test PRs are merged in by then.

Please let me know if there are any test PRs we should track. Thanks!

cc: @rayandas

@James-Quigley
Copy link

Hi @James-Quigley, I have opened kubernetes/website#43563 in website repo for the kubernetes/kubernetes#120682.

Hello, that PR is actually for docs. If you wish to have a blog post about this feature, a separate placeholder PR will be needed in the https://github.com/kubernetes/website repository. The deadline for the placeholder PR is today.

@kcmartin
Copy link

Tagging @yt2985 for this comment, and noting the 1.29 Feature Blog Draft PR Deadline is today, November 14, 2023

@yt2985
Copy link
Contributor

yt2985 commented Nov 14, 2023

Thank you, @James-Quigley, @kcmartin, I think we don't have the plan to write a blog post about this feature. It's enough with the current doc.

@liggitt liggitt modified the milestones: v1.29, v1.30 Jan 3, 2024
@liggitt liggitt added stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status and removed stage/beta Denotes an issue tracking an enhancement targeted for Beta status labels Jan 3, 2024
@liggitt
Copy link
Member

liggitt commented Jan 3, 2024

Targeting promotion to stable in 1.30

@sreeram-venkitesh
Copy link
Member

sreeram-venkitesh commented Jan 31, 2024

Hello @zshihang 👋, Enhancements team here.

Just checking in as we approach enhancements freeze on 02:00 UTC Friday 9th February 2024.

This enhancement is targeting for stage stable for v1.30 (correct me, if otherwise)

Here's where this enhancement currently stands:

  • KEP readme using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable for latest-milestone: 1.30. KEPs targeting stable will need to be marked as implemented after code PRs are merged and the feature gates are removed.
  • KEP readme has up-to-date graduation criteria
  • KEP has a production readiness review that has been completed and merged into k/enhancements. (For more information on the PRR process, check here).

For this KEP, we would just need to update the following:

  • Raise a PR updating latest-milestone in kep.yaml to 1.30 and stage as stable

The status of this enhancement is marked as at risk for enhancement freeze. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@liggitt
Copy link
Member

liggitt commented Feb 1, 2024

#4465 should address #2799 (comment)

@sreeram-venkitesh
Copy link
Member

Thanks! Marking this KEP as Tracked for enhancements freeze!

@chanieljdan
Copy link

Hi @liggitt, @zshihang 👋, 1.30 Docs Shadow here.

Does this enhancement work planned for 1.30 require any new docs or modification to existing docs?
If so, please follows the steps here to open a PR against dev-1.30 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Thursday February 22nd 2024 18:00 PDT.

Also, take a look at Documenting for a release to get yourself familiarize with the docs requirement for the release.

Thank you!

(At a minimum, please remember to update the feature flags to stable for this release ✨)

@fkautz
Copy link
Member

fkautz commented Feb 16, 2024

Hi @zshihang, @yt2985

👋 from the v1.30 Communications Team! We'd love for you to opt in to write a feature blog about your enhancement!

We encourage blogs for features including, but not limited to: breaking changes, features and changes important to our users, and features that have been in progress for a long time and are graduating.

To opt in, you need to open a Feature Blog placeholder PR against the website repository.
The placeholder PR deadline is 27th February, 2024.
Here's the 1.30 Release Calendar

@chanieljdan
Copy link

Hi @liggitt, @zshihang 👋, 1.30 Docs Shadow here.

Does this enhancement work planned for 1.30 require any new docs or modification to existing docs? If so, please follows the steps here to open a PR against dev-1.30 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Thursday February 22nd 2024 18:00 PDT.

Also, take a look at Documenting for a release to get yourself familiarize with the docs requirement for the release.

Thank you!

(At a minimum, please remember to update the feature flags to stable for this release ✨)

We'll need a stability version bumping PR at a minimum. Thanks!

@yt2985
Copy link
Contributor

yt2985 commented Feb 21, 2024

Thank you for the reminder, @chanieljdan! I opened kubernetes/website#45253 for the stability version bumping up.

@sftim
Copy link
Contributor

sftim commented Feb 25, 2024

Are there any code changes expected for v1.30 (eg: changing some feature gates from beta to stable)? I see a docs PR but no code change.

@liggitt
Copy link
Member

liggitt commented Feb 25, 2024

Just the gate promotion in kubernetes/kubernetes#122635

@sreeram-venkitesh
Copy link
Member

sreeram-venkitesh commented Feb 28, 2024

Hey again @zshihang 👋 v1.30 Enhancements team here,

Just checking in as we approach code freeze at 02:00 UTC Wednesday 6th March 2024 .

Here's where this enhancement currently stands:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
  • All PR/s are ready to be merged (they have approved and lgtm labels applied) by the code freeze deadline. This includes tests.

For this enhancement, with below PRs merged as per the issue description, this enhancement is now marked as tracked for code freeze for the 1.30 Code Freeze! 🚀

Also, please let me know if there are other PRs in k/k we should be tracking for this KEP. As always, we are here to help if any questions come up. Thanks!

@yt2985
Copy link
Contributor

yt2985 commented Feb 28, 2024

Hi @sreeram-venkitesh, the PR kubernetes/website#45253 is now open for the doc change. Thank you!

@liggitt
Copy link
Member

liggitt commented Apr 25, 2024

KEP marked as implemented / stable in 1.30

/close

@k8s-ci-robot
Copy link
Contributor

@liggitt: Closing this issue.

In response to this:

KEP marked as implemented / stable in 1.30

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
lead-opted-in Denotes that an issue has been opted in to a release lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/auth Categorizes an issue or PR as relevant to SIG Auth. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Projects
Status: Graduating
Status: Tracked
Status: Tracked
Status: Tracked for Code Freeze
Status: Tracked for Doc Freeze
Archived in project
SIG Auth Old
In Progress
Development

No branches or pull requests